Subscribe
Sign in
Start new thread
Castle
p/castle
Bank level security for developers
Visit Product
Justin Kan
Castle — The easiest way to protect your users from getting hacked
Featured
34
Replies
James Mundy
Wow, fantastic idea. With startups growing so fast and often under resourced security often isn't prioritised, certainly not enough to build the kind of security and alerts the likes of Facebook and Google have at their disposal. If this is as easy to integrate as it looks then this is a big step in the right direction!
Johan Brissmyr
Maker
@_jamesmundy Thanks James! What we've seen is that startups actually care about security but time isn't allocated. We thought we might be able to hack this by making it dead simple to get started with the analytics part and gradually expand into further integrations, notifications, rules etc as you see results.
Brent Chow
This is very very cool!
Sam Houston
Do you have any great success stories for how your customers have used this product to protect their users?
Johan Brissmyr
Maker
@samhouston typically customers start with using Castle as an analytics tool and then gradually move towards integration of the Authentication API which comes as an inline version as well as webhooks. A common use-case is to send out login notifications Gmail-style when a user exceeds a certain risk level.
Daniel Jacob Archer
We've been using Castle for a while now at Naritiv and we love it. It makes it super easy to understand user signup and flow, devices they're using, and keeping our users' security in check. Great job @brissmyr and @jimtegel on the launch!!
Tian Han
Great product! Any plans of integrating something like https://haveibeenpwned.com/ into your system? Some way to flag users as at risk because they've been previously hacked somewhere else, or their information has been leaked etc.
Johan Brissmyr
Maker
@tianhan2 That's a fantastic idea! We could even add that as a signal to our scoring so that people with compromised credentials would have a higher risk level when suspicious activity is detected. One issue might be that the compromised users aren't necessarily using the same password at your site. But maybe that's not a problem.
Spencer Schoeben
I think this is my favorite from this YC batch.
Siam Choudhury
Met these guys about a year and a half ago. @brissmyr and his co-founder are really nice and sharp entrepreneurs.
Johan Brissmyr
Maker
@kheldon thanks, your too kind!
Balachandar Ganesh
Castle looks great Johan. Congrats on your launch! Do you also have a mechanism to track/alert if there is a suspected attempt at scraping data or information off web pages?
Johan Brissmyr
Maker
@101x0 Thank you! Currently we try to stay away from external fraud such as web scraping, and in fact most fraud that isn't associated with user account takeover. Scraping, and bots fiddling around with your external APIs is pretty much addressed by other products. In the future we would like to expand into those areas however. Siftery looks pretty amazing by the way. Would love to be on your list!
Angelo
Cool! Will be very useful fore something I'm working on right now. Does it detect different users that are sharing the same account?
Johan Brissmyr
Maker
@angelo_ia We detect when there are multiple device active on the same account simultaneously and generate a signal which you'll see in the interface. We don't yet *classify* a user as an account sharer but we try to make it easier to spot them.
Brad Kovach
Exquisite interface.
Johan Brissmyr
Maker
Thanks Justin for launching Castle to the world! Hi Product Hunters! Johan, co-founder of Castle here. Castle protects your users from being hacked. You track events in your web and mobile apps, and we analyze device, location and usage patterns to make sure they are consistent for each user. You’ll get a Slack notification or email when a user acts out of the ordinary, e.g. they log in from a distant country, repeatedly fails to log in, or change their password from a recently added device. Use the dashboard to see live user activity, and filter on properties like Tor, proxy or bot-like browsing. We have lots of plans for improving the product: more 3rd-party integrations, built-in 2FA/captcha, Gmail-style login notifications. Would love to hear your feedback! Product Hunters get 50% off your first 6 months! Cheers!
Joel Monegro
@brissmyr great stuff! reminds me a bit of siftscience.com but applied to security. Do you track users across your entire customer base for even deeper analysis, or is there a wall between each customer?
Johan Brissmyr
Maker
@jmonegro Sift Science is awesome and we're really inspired by how they transformed the anti-fraud tool into something modern and easy to use, both for customers and developers. Castle looks across sites for patterns of whats normal globally e.g. in terms of browsing speed, browser configuration, number of IPs per user, etc, and then use those anonymous stats to find anomalies in each app and user account.
Rohit Srivastwa
Interesting. Added it to my collection of "Infosec" https://www.producthunt.com/@roh...
Sam Altman
Top Product
If I ran a startup today, I would use this and sleep better at night.
Evan Zhou
In the middle of getting our Segment set up. Any chance of an integration in the near future?
Johan Brissmyr
Maker
@evanczhou Awesome Evan! We're working on it as we speak. Really excited about the single-click Segment installation button.
Varun Bagga
Good stuff.. if you want us to feature #Castle on #StartupYar, please register your product at http://startupyar.com/register
Angel Botto
holy!! lovely website awesome product, upvote!
Elena Yakusevich
Johan and Sebastian, it's a great job! i think, that protecting users is very necessary and find your app really useful. My congrats!
Tarik Kurspahic
This looks pretty cool guys - congrats on your launch!
Johan Brissmyr
Maker
@tariktech thanks!
Panos Vouzis
Great tool and congrats on the launch!
Ali Jelveh
This looks awesome!