Case Study: Tucson Electric Power achieves centralized vulnerability management and NERC compliance with Flexera

Dynamic Vulnerability Research Kept the Power On for this Electric Utility Company

Tucson Electric Power, which supplies electricity to more than 400,000 customers in Arizona, faced an urgent security challenge: its manual, decentralized process for tracking software vulnerabilities left the utility struggling to meet strict NERC reliability and compliance standards. Multiple teams relied on disparate vendor notifications and manual checks, creating inefficiency and gaps in oversight across generation, transmission, distribution, physical security and IT systems.

TEP implemented Secunia Research (part of Flexera’s Software Vulnerability Manager), gaining automated, centralized vulnerability intelligence covering more than 40,000 systems and applications, plus group reporting and streamlined patch assessment. The solution eliminated manual workflows, gave the IT security team a single view of vulnerabilities and patches, and enabled TEP to assess and remediate issues within the 30-day NERC requirement, improving security posture and compliance.

Tucson Electric Power

Lisa Capristo

IT Security & Compliance Manager