Described is a technology for managing network security by having network clients that are capable of self-assessment assess themselves for security risks and/or security vulnerabilities. Other clients may be remotely assessed for security risks and/or security vulnerabilities. Assessments may include antimalware scans, vulnerability assessment, and/or port scans. The results of the self-assessments and remote assessments are combined into a data set (e.g., a view) indicative of the network security state. In this manner, for example, significant network resources are conserved by allowing those clients capable of self-assessment to assess themselves and thereafter only provide their self-assessment results. Clients capable of self-assessment may also be remotely assessed, to determine whether any discrepancies exist between their remote assessments and self-assessments. Clients may be discovered, along with their self-assessment capabilities, by network communication.