receiving a defined state of a product on a managed endpoint of the managed network, the defined state including one or more conditions of the product;

detecting a trigger event in the managed network, the trigger event being indicative of a circumstance that is inconsistent with the defined state;

responsive to the detection of the trigger event, initiating a scan that includes an automated scan of the managed endpoint for a first condition of the one or more conditions at the managed endpoint, wherein; the scan includes an automated network scan of additional managed endpoints in the managed network, and the automated network scan is configured to identify presence of the trigger event in one or more of the additional managed endpoints;

responsive to the automated scan identifying the first condition being inconsistent with the defined state, automatically implementing a product modification process, the product modification process including distribution of at least a control signal that is configured to change the product or the managed endpoint to bring the product or the managed endpoint into compliance with the defined state; and

implementing the product modification process at a first additional managed endpoint of the additional managed endpoints responsive to the trigger event being present at the first additional managed endpoint.