Endpoint devices within organizations often receive security updates (e.g., new malware signatures, upgraded security policies, etc.) from backend servers that provide security services for the organization. In organizations with large numbers of endpoint devices, security servers may distribute updates to the endpoint devices only after the devices poll the security server for available updates.
Unfortunately, traditional systems that enable endpoint devices to request security updates may be unable to provide adequate protection for certain endpoint devices. For example, a conventional security service implemented across multiple endpoint devices may set a standard rate or frequency with which the endpoint devices request or receive updates. As a result, endpoint devices with poor security states (e.g., devices with malware infections and/or devices that are likely to encounter malware) may experience increased security deficiencies until the devices next poll a security server for available security updates. The current disclosure, therefore, identifies and addresses a need for improved systems and methods for applying security updates to endpoint devices.