A computing environment may include a large number of connected nodes in a network, whereby a node may be a computer, server, database or computing service, among others. The network may be managed by a service provider that provides off-premises and remotely accessible computing resources to customers of the service provider. Due to the connectivity of the nodes, a risk of a security breach or data exfiltration affecting a node may propagate to other nodes in the network with which the node has a connection. For example, in the event that one node is compromised by an attacker, other nodes in the network with which the node exchanges data may also be compromised by virtue of their connectivity to the compromised node.
It is often challenging to evaluate a risk measure associated with a connected node in a graph of nodes. It is also challenging to evaluate the risk measure by factoring and taking into account risk that is attributable to the node's connectivity with other nodes in a network. It is additionally challenging to take precautionary actions in response to evaluating the risk measure associated with the node.