Petra Security’s primary focus is to detect account compromises. There are many benign cases of VPN and proxy use, and Petra differs from other security tools by performing deep analysis to weed out benign VPN and proxy use.However, there are many cases where VPN and proxy use can demonstrate deep analysis and launch important conversations with your stakeholders. We preserve and spotlight these benign VPN and proxy uses to help you deeply understand your environment.
All proxy and VPN use outlined here is benign. Malicious VPN/proxy use is a small fraction,
and is classified as an incident.
The reporting interface provides a straightforward (and stakeholder-friendly) view of uncommon proxy activities:
Navigate to your tenant by selecting it from the top left corner
Click on the Reporting tab in the top navigation bar
Select the Uncommon Activity sub-tab
Filter by Type: “Proxy and Data Center Use”
This will display a list of all instances where users accessed your environment through proxies or data centers. Each entry provides:
User information
Time of access
Proxy/data center details
Click on any specific entry to view more details about that particular event in context. Each is
its own page, with its own fully-functional log viewer — with the activity pre-highlighted.