# Castle

## **What is Castle?**

Castle is an anti-bot service designed to prevent automated attacks such as account takeovers, fake account creation, and policy-violating behaviors. It monitors browser characteristics, user behavior, and request patterns to detect malicious activity.

## x-castle-request-token

When interacting with Castle-protected endpoints, you must include a valid `x-castle-request-token`. This token is generated using various browser-specific factors, including the `__cuid` cookie and other session details. Our API generates this token, making it easy to integrate with Castle-protected websites.

An example website using it is [DailyPay](http://dailypay.com).