Customer story
Energy and Utilities

Tri-State Generation and Transmission Association

Utilities provider detects cyberattacks in real-time


Tri-State Generation and Transmission Association




Protect Tri-State’s corporate and subscriber data and prevent cyberattacks to power grid

Selection criteria

Easy-to-use security solution that provides visibility into internal network and activity on critical hosts


  • Provide visibility of internal hosts to halt active network breaches
  • Gain real-time insight of real and false threats
  • Reduce time spent chasing false alarms

How Tri-State Generation & Transmission Association Protects Against Cyberattacks


Tri-State Generation and Transmission Association faced the urgent need to protect its critical infrastructure against escalating cyberattack threats to the national power grid, necessitating real-time monitoring and threat detection across a vast service territory.


By adopting Vectra's Network Detection and Response platform, Tri-State gained immediate visibility into its internal networks, enabling real-time monitoring and addressing of security issues. The platform's data science, machine learning, and behavioral analysis proactively detected and prioritized threats, providing intelligent security that surpassed the limitations of traditional tools like firewalls and intrusion prevention systems.

Customer benefits

Vectra not only eliminated false-positive threats, preventing unnecessary interruptions in business processes but also streamlined threat investigations by displaying significant threats in real time based on contextual scoring. Tri-State plans to expand the platform to power plants and field locations, anticipating enhanced security across its critical infrastructure with automated, real-time breach detection.

“Vectra gives us visibility into our networks, so we can monitor our internal hosts and address any security issues in real-time.”

Dave Buffo
IT security administrator at Tri-State Generation and Transmission Association

“Vectra monitors the hosts and shows us real threats. It doesn’t get confused by normal traffic that can set off bogus alerts.”

Dave Buffo
IT security administrator at Tri-State Generation and Transmission Association