Introduction to CastellanAI
CastellanAI is an enterprise AI-powered security monitoring platform that transforms your event logs into actionable security intelligence.
What is CastellanAI?
CastellanAI is a next-generation security monitoring solution that leverages artificial intelligence to detect, analyze, and respond to threats in real-time. Unlike traditional SIEM solutions that overwhelm security teams with alerts, CastellanAI uses intelligent filtering and AI-powered correlation to surface only the events that matter.
Key Features
Real-time Threat Detection
Our AI engine continuously analyzes security events as they occur, identifying suspicious patterns, anomalies, and known attack signatures. Using machine learning models trained on millions of security events, CastellanAI can detect threats that traditional rule-based systems miss—including zero-day attacks and sophisticated lateral movement patterns.
Multi-Platform Agent
Deploy lightweight agents across your entire infrastructure with support for Windows, Linux, and macOS. Each agent is designed to have minimal performance impact while capturing comprehensive security telemetry including authentication events, process execution, network connections, and file system changes.
Centralized Dashboard
Monitor your entire security posture from a single, intuitive interface. The dashboard provides real-time visibility into threats across all endpoints, with drill-down capabilities to investigate individual events. Security teams can quickly triage alerts, view correlated attack chains, and track remediation progress.
Smart Filtering
Traditional security tools generate thousands of events per endpoint daily—most of which are noise. CastellanAI's smart filtering achieves 95-98% data reduction by applying priority-based scoring at the agent level. Critical events stream immediately while routine events are analyzed locally, dramatically reducing bandwidth and storage costs without sacrificing security visibility.
Automated Responses
Configure automated response actions for detected threats, from alerting and ticket creation to active remediation. Integration with Teams, Slack, and email ensures your team is notified instantly. For enterprise deployments, webhook integrations enable custom automation workflows and integration with existing security orchestration tools.
Two Interfaces: Portal vs Dashboard
CastellanAI provides two separate web interfaces, each serving a distinct purpose:
| Interface | URL | Purpose |
|---|---|---|
| Customer Portal | castellanai.com/portal | Account management, billing, agent enrollment |
| Security Dashboard | Unique per account | Real-time security monitoring, threat analysis, AI chat |
Customer Portal
The Customer Portal is your account management hub where you:
- Manage your subscription and billing
- Enroll and monitor agent status
- Configure account settings and team members
- Download agent installers
Security Dashboard
The Security Dashboard is your security operations center where you:
- Monitor real-time security events across all endpoints
- Investigate threats and view correlated attack chains
- Use AI-powered chat to analyze security incidents
- Configure detection rules and automated responses
You access the Security Dashboard by clicking "Open Security Dashboard" from the Customer Portal.
Architecture Overview
How it works: Lightweight agents installed on your endpoints stream security events directly to the Worker service. The Worker processes events through our AI Engine for threat detection and correlation, storing results in the database. Security teams monitor threats in real-time through the Security Dashboard. The Customer Portal handles account management and provides single sign-on access to the Security Dashboard.
Subscription Tiers
| Tier | Agents Included | Additional Agents | Data Retention |
|---|---|---|---|
| Small Business | 5 | Up to 15 | 24 hours |
| Medium Business | 25 | Up to 50 | 7 days |
| Enterprise | 100+ | Unlimited | 30 days |
System Requirements
Agent Requirements
Windows
| Component | Requirement |
|---|---|
| OS | Windows 10 (1809+) or Windows Server 2019+ |
| CPU | 1 core (2+ recommended) |
| RAM | 512 MB (1 GB recommended) |
| Disk | 100 MB free space |
| Network | HTTPS outbound to Worker API |
Linux
| Component | Requirement |
|---|---|
| OS | Ubuntu 20.04+, Debian 11+, RHEL 8+, CentOS Stream 8+ |
| CPU | 1 core (2+ recommended) |
| RAM | 512 MB (1 GB recommended) |
| Disk | 100 MB free space |
| Network | HTTPS outbound to Worker API |
macOS
| Component | Requirement |
|---|---|
| OS | macOS 12 (Monterey) or later |
| CPU | Apple Silicon or Intel |
| RAM | 512 MB (1 GB recommended) |
| Disk | 100 MB free space |
| Network | HTTPS outbound to Worker API |
Network Requirements
The agent requires outbound HTTPS (port 443) connectivity to:
- Worker API:
api.castellanai.com - Portal API:
portal.castellanai.com
Firewall Rules
| Direction | Protocol | Port | Destination |
|---|---|---|---|
| Outbound | HTTPS | 443 | api.castellanai.com |
| Outbound | WSS | 443 | api.castellanai.com (WebSocket) |
Browser Requirements
For the Customer Portal and Dashboard:
- Chrome 90+
- Firefox 88+
- Edge 90+
- Safari 14+
JavaScript must be enabled.
Getting Started
CastellanAI is currently in final development. Join our waitlist to be notified when we launch and get early access!
Ready to see what CastellanAI can do? Browse our documentation to learn about our features, or join the waitlist to be first in line when we launch. You can also follow our Quick Start Guide to preview the onboarding experience.