The Anonymize feature lets you redact any sensitive details from an incident page before sharing it with a prospect or client. Use it to tell a compelling story about an attack without exposing the name, company, emails, or files of the actual victim.Documentation Index
Fetch the complete documentation index at: https://docs.petrasecurity.com/docs/llms.txt
Use this file to discover all available pages before exploring further.
Why This Matters for Sales
Real incidents are your most powerful sales tool. A prospect who sees an actual account compromise — complete with a timeline of the attacker’s activity, what they accessed, and how it was caught — is far more convinced than one who reads a spec sheet. The Anonymize feature makes it safe to use real incidents in any sales context:- Victory lap: Show a prospect a live-monitored incident that Petra caught and stopped fast. The story sells itself: attacker gets in, Petra flags it within minutes, account is locked, threat remediated.
- Cautionary tale: Onboard a prospect’s tenant and let Petra Scan surface what attackers were already doing in their environment. Use Anonymize to walk another prospect through a similar finding without revealing who the victim was.
How to Anonymize an Incident
- Navigate to any incident in the Petra dashboard.
- Click the Anonymize button in the top right of the incident page.
- A menu opens with redaction options. Choose a preset or configure fields manually.
- The incident view updates instantly — the URL encodes your settings, so you can copy the link and share it directly with a prospect. Anyone opening the link sees the same redacted view.
Redaction Presets
| Preset | What It Does |
|---|---|
| None | No redaction. All information is visible. |
| Partial | Hides the victim’s name, company, contact info, location, IP, emails, files, and folders. Shows only the external analyst note. |
| Full | Hides everything in Partial, plus the phish subject, phish sender, and session IDs. Hides all analyst notes. |
Individual Redaction Options
If the presets don’t fit your needs, you can toggle any combination of the following fields:| Option | What Gets Hidden |
|---|---|
| User Name | Victim’s display name, email, and UPN |
| Company | Tenant name (replaced with “[Tenant Redacted]“) |
| Phish Subject | Subject line of the phishing email |
| Phish Sender | Sender name, address, and recipients of the phish |
| User Contact Info | Emails, usernames, and UPNs throughout the logs |
| User Location | City, region, and country from login logs |
| User IP | IP addresses in all logs |
| User Emails | Email subjects and accessed email content |
| Email Recipients | To/Cc recipient addresses |
| User Files | File names and paths in SharePoint activity |
| User Folders | Folder paths in Exchange and mailbox logs |
| User Session ID | Session IDs throughout all log tables |
Redacted PDF Report
In addition to the in-app anonymized view, you can download a Redacted PDF Report — a fully redacted version of the incident’s Threat Remediation Report, suitable for sending to a prospect after a meeting. For download steps and a full breakdown of what gets redacted, see Redacted Incident Reports.Tips for Using Anonymized Incidents in Sales
- Pick incidents with a strong story arc: The best ones have a clear phish-to-compromise timeline, meaningful blast radius (emails read, files accessed), and a fast Petra response. These are the ones that make a prospect say “what would have happened if no one caught this?”
- Use the Incidents List to find the right one: The Analyst Summary in the incidents list helps you quickly scan for the most compelling and diverse past compromises when picking one to share with a prospect. See the Incidents List Analyst Summary.
- Pair with the Example Scan Report: If you don’t yet have results for this prospect’s tenant, use the anonymized incident view alongside the Example Scan Report from the Marketing Hub to show both what real monitoring catches and what a Scan finding looks like.