Utility Provider Strengthens Patch Assurance and Reduces Risk
Summit Utilities provides gas distribution services to residential and commercial customers across the US. Their infrastructure spans diverse cloud and on-prem environments.
The Challenge
Blind Spots and Ticketing InefficienciesPrior to Zafran, Summit relied heavily on Microsoft’s patch management tools to handle the bulk of its remediation efforts. While effective for most scenarios, this process often left gaps, particularly for vulnerabilities that aged beyond 30-45 days or fell outside predefined severity thresholds.There was also no streamlined workflow for identifying, tracking, and assigning remediation efforts; the team lacked clarity and consistency in addressing lingering risk.
The Solution
Summit deployed Zafran to augment its existing patch management strategy, without needed new agents. Zafran integrated directly into Defender’s output, enriching vulnerability signals with runtime presence, internet exposure, and control coverage to uncover hidden risks.
Instead of buying a separate vulnerability scanner, Summit used Zafran’s intelligence to filter the flood of alerts down to what truly mattered, surfacing missed patches and risks aging past 30–45 days. With Jira integrations, Zafran enabled structured workflows using RemOps, including dashboards and ticket pipelines for SLA-aligned remediation.
Implementation
The Zafran rollout at Summit was driven by the security operations team, which quickly adopted bi-weekly cadences and dashboard reviews. Summit is now expanding its use of mitigation insights and control context, with plans to build aging-based assignment rules and deeper remediation visibility.
Results
Since implementing Zafran, Summit has:
Surfaced critical patching blind spots previously missed by WSUS and Microsoft Defender
Delayed or canceled the purchase of additional vulnerability scanners; freed up budget and reduced tool sprawl
Reduced operational risk by cutting through noisy, inflated criticality scores and surfacing real threats
Automated triage and ticket creation through Zafran’s Jira integration, aligning remediation with SLAs
Zafran is now helping Summit bridge the last mile of patch management — reducing operational risk, improving accountability, and strengthening overall posture.
Summit Utilities provides gas distribution services to residential and commercial customers across the US. Their infrastructure spans diverse cloud and on-prem environments.
Industry
Primary Use Cases
Key Outcome
With Zafran, we’ve got a clear view into what matters, structured workflows to act on it, and fewer risks slipping through the cracks.
Director of InfoSec
Summit Utilities
Learn More
Zafran works closely with its customers, to transform exposure management to remain ahead of adversaries, to know with confidence what is most exploitable in their environment, and to rapidly remediate the risk. We invite you to see what our customers already know. Come see the power of Zafran.
See Zafran in Action
Prioritize and fix what is truly exploitable using risk context from your existing security tools
