Introduction to CastellanAI
CastellanAI is an enterprise AI-powered security monitoring platform that transforms your event logs into actionable security intelligence.
Unlike traditional SIEM solutions that overwhelm security teams with alerts, CastellanAI uses intelligent filtering and AI-powered correlation to surface only the events that matter.
What is CastellanAI?β
CastellanAI is a next-generation security monitoring solution that leverages artificial intelligence to detect, analyze, and respond to threats in real-time.
Key Featuresβ
- π― Threat Detection
- π₯οΈ Multi-Platform
- π Dashboard
- β‘ Smart Filtering
- π€ Automation
Real-time Threat Detectionβ
Our AI engine continuously analyzes security events as they occur, identifying:
- Suspicious patterns and anomalies
- Known attack signatures
- Zero-day attacks that traditional rule-based systems miss
- Sophisticated lateral movement patterns
Machine learning models trained on millions of security events provide detection capabilities beyond traditional rule-based systems.
Multi-Platform Agentβ
Deploy lightweight agents across your entire infrastructure:
| Platform | Supported Versions |
|---|---|
| Windows | Windows 10 (1809+), Server 2019+ |
| Linux | Ubuntu 20.04+, Debian 11+, RHEL 8+, CentOS Stream 8+ |
| macOS | macOS 12 (Monterey) or later |
Captured telemetry includes:
- Authentication events
- Process execution
- Network connections
- File system changes
Centralized Dashboardβ
Monitor your entire security posture from a single, intuitive interface:
- Real-time visibility into threats across all endpoints
- Drill-down capabilities to investigate individual events
- Correlated attack chains visualization
- Remediation tracking and progress monitoring
Smart Filteringβ
Traditional security tools generate thousands of events per endpoint dailyβmost of which are noise.
CastellanAI's smart filtering applies priority-based scoring at the agent level, dramatically reducing bandwidth and storage costs without sacrificing security visibility.
| Event Priority | Behavior |
|---|---|
| Critical (β₯90 score) | Streamed immediately |
| High Priority | Batched and sent |
| Low Priority | Analyzed locally, filtered |
Automated Responsesβ
Configure automated response actions for detected threats:
- Alerting to Teams, Slack, and email
- Ticket creation in your ITSM
- Active remediation workflows
- Webhook integrations for custom automation
Webhook integrations enable custom automation workflows and integration with existing security orchestration tools.
Two Interfaces: Portal vs Dashboardβ
CastellanAI provides two separate web interfaces, each serving a distinct purpose:
| Interface | URL | Purpose |
|---|---|---|
| Customer Portal | castellanai.com/portal | Account management, billing, agent enrollment |
| Security Dashboard | Unique per account | Real-time security monitoring, threat analysis, AI chat |
π Customer Portal Features
The Customer Portal is your account management hub where you:
- Manage your subscription and billing
- Enroll and monitor agent status
- Configure account settings and team members
- Download agent installers
π‘οΈ Security Dashboard Features
The Security Dashboard is your security operations center where you:
- Monitor real-time security events across all endpoints
- Investigate threats and view correlated attack chains
- Use AI-powered chat to analyze security incidents
- Configure detection rules and automated responses
Access: Click "Open Security Dashboard" from the Customer Portal.
Subscription Tiersβ
| Tier | Agents Included | Additional Agents | Data Retention |
|---|---|---|---|
| Small Business | 5 | Up to 15 | 24 hours |
| Medium Business | 25 | Up to 50 | 7 days |
| Enterprise | 100+ | Unlimited | 30 days |
System Requirementsβ
- Windows
- Linux
- macOS
Windows Requirementsβ
| Component | Requirement |
|---|---|
| OS | Windows 10 (1809+) or Windows Server 2019+ |
| CPU | 1 core (2+ recommended) |
| RAM | 512 MB (1 GB recommended) |
| Disk | 100 MB free space |
| Network | HTTPS outbound to Worker API |
Linux Requirementsβ
| Component | Requirement |
|---|---|
| OS | Ubuntu 20.04+, Debian 11+, RHEL 8+, CentOS Stream 8+ |
| CPU | 1 core (2+ recommended) |
| RAM | 512 MB (1 GB recommended) |
| Disk | 100 MB free space |
| Network | HTTPS outbound to Worker API |
macOS Requirementsβ
| Component | Requirement |
|---|---|
| OS | macOS 12 (Monterey) or later |
| CPU | Apple Silicon or Intel |
| RAM | 512 MB (1 GB recommended) |
| Disk | 100 MB free space |
| Network | HTTPS outbound to Worker API |
Network Requirementsβ
The agent requires outbound HTTPS (port 443) connectivity to:
| Direction | Protocol | Port | Destination |
|---|---|---|---|
| Outbound | HTTPS | 443 | api.castellanai.com |
| Outbound | WSS | 443 | api.castellanai.com (WebSocket) |
Ensure your firewall allows outbound connections to CastellanAI endpoints. No inbound rules are required.
Browser Requirementsβ
For the Customer Portal and Dashboard:
- Chrome 90+
- Firefox 88+
- Edge 90+
- Safari 14+
JavaScript must be enabled.
Getting Startedβ
CastellanAI is currently in final development. Join our waitlist to be notified when we launch and get early access!
Ready to see what CastellanAI can do? Browse our documentation to learn about our features, or join the waitlist to be first in line when we launch.
Next Steps:
- Quick Start Guide - Preview the onboarding experience
- Account Setup - Learn about account configuration
- Dashboard Tour - Explore the interface