Organizations may use security threat information to make changes to their networks, e.g., in response to perceived or actual threats. For instance, an organization may learn about a software vulnerability and install a software update that removes the vulnerability or change network settings to prevent, or reduce the likelihood, of a malicious actor exploiting the vulnerability.