Petra Response is a per-tenant setting that allows you to authorize the Petra team to remediate incidents for you.

Enabling Petra Response allows our team to remediate an incident, remove persistence mechanisms, and retract phishing emails as soon as the incident occurs. We have an extremely low surfaced false-alarm rate, so business disruption is minimal. We highly recommend that everyone enables Petra Response.

Steps to Remediate an Account

If Response is enabled, we will take care of the first 3 steps, leaving you to reset the password and re-enable the account.

  1. Revoke Sessions and Lock Account
  2. Retract Phishing Emails
  3. Disable Persistence Mechanisms
  4. Reset Password
  5. Re-enable Account
  6. Mark as Remediated

✅ = Petra Response does this step.

How to Enable Petra Response

Go to the Home Page by clicking the logo in the top left corner. In the list of tenants, toggle the Petra Response switch to enable or disable it.

You’ll only need to do this if Petra Response is disabled. Otherwise, a member of the Petra team will take care of it as soon as the incident occurs.

When Petra detects a compromised account, it immediately appears as an active incident and notifies you via configured notification methods, such as your PSA, Teams chat, calls, or texts.