This disclosure relates to network security.
With the prevalence and accessibility of computing systems and computer networks, many entities, e.g., business entities, utilize distributed computing environments, e.g., geographically distributed computing systems, to conduct their operations. For example, a business entity may have multiple offices at geographically diverse locations, with each office constituting a local computing environment.
Although utilizing a distributed computing environment may provide benefits to an entity, e.g., a local presence to service the entity's clientele, it also presents certain challenges. For example, with such a distributed computing environment, monitoring and recognizing security concerns, e.g., security vulnerabilities, for the entity across the distributed environment can be burdensome. Consider, for example, business entities with multiple offices typically monitor security concerns for each office locally (within that office's local computing environment) and then use push/pull synchronization techniques to upload security logs identifying or reflecting the security concerns for each office to a centralized database. However, such synchronization techniques can be slow and consume significant portions of the bandwidth available to the entity. Further, such synchronization may not be possible if the entity has employed different network access providers to provide network access for the multiple offices.
Additionally, comparing security concerns between entities can provide valuable insight into the overall security state of an entity. For example, comparing the security concerns of an entity with the security concerns of other similarly-positioned entities (e.g., entities similar in size, resources, or business verticals) can alert the entity to abnormal network activity, security vulnerabilities, etc. However, the feasibility of such comparisons is limited by, for example, the availability of security information for a collection of entities and a mechanism to facilitate the aggregation and comparison of the security information.