Skip to main content

Frequently Asked Questions

Common questions about CastellanAI.

General

What is CastellanAI?

CastellanAI is an enterprise AI-powered security monitoring platform that analyzes security events from your endpoints and provides real-time threat detection and response capabilities.

Which platforms are supported?

  • Windows: Windows 10 (1809+), Windows Server 2019+
  • Linux: Ubuntu 20.04+, Debian 11+, RHEL 8+, CentOS Stream 8+
  • macOS: macOS 12 (Monterey) or later

Is my data secure?

Yes. All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We are SOC 2 Type II compliant and follow industry best practices for security.

Billing

Can I change my plan?

Yes, you can upgrade or downgrade your plan at any time from SettingsBillingChange Plan.

What payment methods are accepted?

We accept major credit cards (Visa, Mastercard, American Express) and bank transfers for Enterprise customers.

Is there a free trial?

Yes, we offer a 14-day free trial of the Medium Business tier. No credit card required.

Agents

How many agents can I deploy?

This depends on your subscription tier:

  • Small Business: Up to 20 (5 included + 15 additional)
  • Medium Business: Up to 75 (25 included + 50 additional)
  • Enterprise: Unlimited

How much bandwidth does the agent use?

With smart filtering enabled, agents typically use 1-5 MB/day depending on event volume.

Can I run the agent on virtual machines?

Yes, the agent works on physical machines, virtual machines, and containers.

Technical

What events does the agent collect?

The agent collects security-relevant events including:

  • Authentication events (logins, failures)
  • Process execution
  • Network connections
  • File system changes
  • System configuration changes

How does AI analysis work?

Our AI pipeline analyzes events using:

  1. Pattern matching against known threats
  2. Anomaly detection for unusual behavior
  3. Correlation of related events
  4. Risk scoring based on multiple factors

Can I integrate with my existing SIEM?

Yes, we provide:

  • REST API for event export
  • Webhooks for real-time notifications
  • Syslog forwarding (Enterprise)

Support

How do I contact support?

Where can I report bugs?

Report bugs via: