Petra Security

Features

Modern identity defense for Microsoft 365.

Petra is the ITDR built for the BEC and token-theft era. Every attack is caught, contained, investigated, and reported.

01 / Detection

Petra detects intent across every M365 surface to stop even the most complex attacks.

Petra analyzes attacker behavior across logins, Exchange, and SharePoint rather than relying solely on origin location. This catches attacks using residential proxies, legitimate sessions, and credentials already cleared by MFA.

  • Behavioral detection across logins, Exchange, and SharePoint
  • Detects residential proxies and known-bad infrastructure
  • Catches credentials that already passed MFA or Conditional Access
  • Zero configuration, including no allowlists to maintain
We tested both Blackpoint and Huntress, but Petra is so far the only real solution to the massive increase in BECs we are seeing.
David Rafsky, Hansen GressDavid Rafsky, Hansen Gress
Detection
02 / Remediation

An alert is the end of your work, not the beginning.

Petra eliminates all traces of compromise, restoring the environment to its pre-attack state — removing attacker-registered devices, added MFA methods, malicious inbox rules, and phishing emails.

  • Reverses attacker-added MFA methods and device registrations
  • Removes malicious inbox rules and forwarding completely
  • Fleet-wide phishing email retraction in one action
  • Reverses attacker activity inside SharePoint
Petra detected and quarantined within 2 minutes. What else can I say? Petra made us look like heroes.
Daniel Byrd, TeamLogic ITDaniel Byrd, TeamLogic IT
Remediation
03 / Forensics

Petra traces every attack from phish to contained.

Petra automatically reconstructs complete attack narratives — identifying the source phishing email, attacker IP and infrastructure, and creating chronological timelines across logins, mail, files, and Teams.

  • Finds the root-cause phishing email automatically
  • Full attacker timeline across logins, mail, files, and Teams
  • Surfaces the IP, ISP, and infrastructure behind the attack
  • 12 months of searchable M365 telemetry, hot
Seeing the Autopsy results, my first thought was, 'Duh, we need this in place.' People see that report and immediately get it.
Robert Shank, Office Information SystemsRobert Shank, Office Information Systems
Forensics
04 / Reporting

Show your clients they're protected.

Petra generates executive-friendly reports automatically, demonstrating how attacks were discovered and stopped before damage occurred.

  • Client-ready PDF generated automatically per incident
  • White-labeled reports covering every attack and anomaly per client
  • Pre-sales incident scan to size the gap for new prospects
  • Anonymized incident library to use in sales conversations
My customers are really impressed at the speed and the visibility of the incident, and the reports are crystal clear.
Pascal Pelletier, MicroAge RimouskiPascal Pelletier, MicroAge Rimouski
Reporting

See what's in your last six months of logs.

Run six months of M365 logs through Petra and get insurance-grade forensics within 48 hours. Five minutes to set up with no sales call.