Current technological advances have allowed for computer networks and systems to become integral components of businesses, government bodies, and other organizations. A large amount of information, either confidential or public, may transfer between entities over available networks and be susceptible to attack and intrusion. These attacks and intrusions may lead to identity theft or other theft of confidential information such as consumer's credit card information, personal contact information, and/or banking information. Various network security monitoring devices have been developed to help protect this sensitive information during transmission and storage from unauthorized person and/or entities. Further, entities seeking to protect this information may be part of an information sharing network that proliferates security threat information obtained by participating entities. However, while participating entities may benefit from the proliferation of said information, the amount of data transmitted quickly becomes cumbersome and difficult to utilize in an efficient and useful way. For example, entities may report or communicate up to 1 million security threat events to a particular organization and each event may require identification, analysis, and action by the organization. As the amount of security threat events received increases the complexity, difficulty, and resource requirements to properly address the events also grows leading to increased costs of operation for the organization and misuse of computational resources for the organization.
Embodiments of the invention address these and other problems individually and collectively.