How Impact Business Technology Uses Petra Scan to Win New Clients
Petra Security: ITDR 2.0 for MSPs and their clients.
The Stack
Impact wanted a focused ITDR with stable detection rules they could rely on across a private equity book.
Impact had been a heavy Defender for Cloud Apps user for years. The product handles a lot of what an MSP needs from M365 detection. As Impact's PE and financial book grew, the team wanted a dedicated ITDR they could rely on for one job, with rules that would stay where they put them.
"What I like about Petra is you do one thing, and you do it extraordinarily well." -Neil Holme, Founder & CEO of Impact Business Technology
Live Detection
When attackers hit the chairman and the CEO of one PE client within a week, Petra stopped both in minutes.
In April, attackers ran a coordinated campaign against one of Impact's private equity clients. The chairman and the CEO of the firm were each phished nine days apart. Both attacks used residential proxies to make the logins look local, paired with device code phishing.
Petra contained the first attack in 3 minutes and the second in 5 minutes. Across both incidents, attackers accessed 0 emails and 0 documents.
"We get the alert from Petra. Then we look in here and we see what they did. And our communication to the client is: nothing to worry about. We got you. We don't need to sound any alarms, because I can look here and tell the customer, yeah, the account was breached. Let's deal with how you got breached. But don't worry, we cut them out before they could do anything. We've got proof that nothing happened. That's the story we tell customers. And it's a beautiful thing."
Petra Scan
Petra Scan turned a competitor's compromise into Impact's next new client.
Neil was renegotiating Impact's own cyber insurance coverage with a Texas brokerage. Days later, that brokerage was itself hit by a 17-day phishing compromise. The attackers used compromised broker accounts to send fraudulent renewal emails and attempted a wire-fraud redirect, narrowly averted. The compromised mailbox held personal information about clients across dozens of states, which triggered breach-notification obligations in each one and a full carrier-mandated incident response. Total remediation cost: roughly $150,000.
Neil pitched the brokerage on switching to Impact using Petra.
"I onboarded them last week. I got global admin rights while I was on the plane down to Texas, on the plane's Wi-Fi. I onboarded Petra. By the time I landed, I had a full Scan."
He showed the broker the Petra Scan report, walked through the 17 days of attacker access and the wire-redirect attempt, then laid Petra's response time alongside it.
"And they say, 'all right, how quickly would you lock them out?' And I said, 'how's 26 minutes?' And in fact, it was actually one second. And they say: 'you're hired.'"
Petra as a Growth Engine
Wins like this are opening referral paths into the broader insurance market.
"[Petra] enables us to show that these attacks don't need to happen. Our new client has already referred me to another client, a much bigger insurance broker in Texas. I've got a call with him next week."
–
Impact Business Technology is a managed IT and cybersecurity services firm based in Sandy Hook, Connecticut, supporting private equity firms, hedge funds, and portfolio companies. To get best-in-class M365 identity protection through a world-class MSP serving the financial sector, visit https://impactbt.com.
.svg)
.webp)
