Utility Provider Strengthens Patch Assurance and Reduces Risk
Summit Utilities is a multistate utility provider committed to reliable, secure service delivery. With patching processes built around a Microsoft stack, Summit needed a way to catch high-risk vulnerabilities that escaped standard workflows and aged into risk.
The Challenge
Patch Blind Spots and Ticketing Inefficiencies
Prior to Zafran, Summit relied heavily on Microsoft’s patch management tools to handle the bulk of its remediation efforts. While effective for most scenarios, this process often left gaps, particularly for vulnerabilities that aged beyond 30-45 days or fell outside predefined severity thresholds.
There was also no streamlined workflow for identifying, tracking, and assigning remediation efforts; the team lacked clarity and consistency in addressing lingering risk.
The Solution
Summit deployed Zafran to augment its existing patch management strategy, without needed new agents. Zafran integrated directly into Defender’s output, enriching vulnerability signals with runtime presence, internet exposure, and control coverage to uncover hidden risks.
Instead of buying a separate vulnerability scanner, Summit used Zafran’s intelligence to filter the flood of alerts down to what truly mattered, surfacing missed patches and risks aging past 30–45 days. With Jira integrations, Zafran enabled structured workflows using RemOps, including dashboards and ticket pipelines for SLA-aligned remediation.
Implementation
The Zafran rollout at Summit was driven by the security operations team, which quickly adopted bi-weekly cadences and dashboard reviews. Summit is now expanding its use of mitigation insights and control context, with plans to build aging-based assignment rules and deeper remediation visibility.
With Zafran, we’ve got a clear view into what matters, structured workflows to act on it, and fewer risks slipping through the cracks.
Director of InfoSec
Summit Utilities
Results
Since implementing Zafran, Summit has:
Surfaced critical patching blind spots previously missed by WSUS and Microsoft Defender
Delayed or canceled the purchase of additional vulnerability scanners; freed up budget and reduced tool sprawl
Reduced operational risk by cutting through noisy, inflated criticality scores and surfacing real threats
Automated triage and ticket creation through Zafran’s Jira integration, aligning remediation with SLAs
Zafran is now helping Summit bridge the last mile of patch management — reducing operational risk, improving accountability, and strengthening overall posture.
Summit Utilities provides gas distribution services to residential and commercial customers across the US. Their infrastructure spans diverse cloud and on-prem environments.
Industry
Primary Use Cases
Key Outcome
See Zafran in action
Learn More
Zafran works closely with its customers, to transform exposure management to remain ahead of adversaries, to know with confidence what is most exploitable in their environment, and to rapidly remediate the risk. We invite you to see what our customers already know. Come see the power of Zafran.
See Zafran in Action
Prioritize and fix what is truly exploitable using risk context from your existing security tools
