Skip to main content

Step 1: Generate forensics for a past compromise

Pick a client who has had a BEC in the last 6 months, especially one in which the attacker had a lot of activity (e.g. sent emails, inbox rules, app registrations, etc.). Click the “Add Tenant” button and select “Continue with Autopsy”. This will pull and analyze the past 6 months of logs for the tenant. This client will also be included in monitoring.

Step 2: Add 5 tenants for monitoring

After you onboard a past compromise, add 5 other clients for monitoring. The one you chose for Autopsy is already included in monitoring.
Don’t add your own tenant yet. We will give you an NFR after you sign up, but it makes for a bad POV experience.

Step 3: Check back in 24 hours to see your Autopsy result

Check back in 24 hours to see your Autopsy result. This will include a detailed report of the compromise, including the attacker’s activity, the tenant’s activity, and the Petra team’s recommendations for remediation.