CLOUD CONNECTOR

Google Cloud Platform

Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end user products, such as Google Search, Gmail, and YouTube. Alongside a set of management tools, it provides a series of modular cloud services including computing, data storage, data analytics, and machine learning.

Securonix integrates with GCP's Cloud Audit Logging, ingesting events from multiple GCP services for threat detection and event correlation and enrichment.

Service/Module Covered Admin Activity logs Data Access logs Related Threats
Access Approval GA Data Access audit logs are not written for this service. GCP Account Compromise, Credential Fraud, Insider Threat
Access Context Manager GA GA GCP Account Compromise, Credential Fraud, Insider Threat
AI Platform Notebooks Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
AI Platform Optimizer Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
AI Platform Prediction Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
AI Platform Training Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
Anthos Service Mesh GA Data Access audit logs are not written for this service. GCP Account Compromise, Credential Fraud, Insider Threat
App Engine GA Data Access audit logs are not written for this service. GCP Account Compromise, Credential Fraud, Insider Threat
Application Identity: Audits OAuth 2.0 client IDs and brands. Beta Data Access audit logs are not written for this service. GCP Account Compromise, Credential Fraud, Insider Threat
AutoML Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
BigQuery: System Event audit logs are also available for this service GA GA: BigQuery Data Access audit logs are enabled by default and don't count against your logs allotment. GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Bigtable GA Data Access audit logs are not written for this service. GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Billing Beta Data Access audit logs are not written for this service. GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Build GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud CDN GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Composer GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Data Fusion Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Data Loss Prevention GA GA GCP Account Compromise, Credential Fraud, Insider Threat, DLP
Cloud Debugger GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Deployment Manager GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud DNS GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Functions GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Healthcare API Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Identity and Access Management (Cloud IAM) GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Key Management Service GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Life Sciences Beta Beta GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Load Balancing GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Logging GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Monitoring GA GA GCP Account Compromise, Credential Fraud, Insider Threat
Cloud NAT GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Profiler Admin Activity audit logs are not written for this service GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Run Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Source Repositories GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Spanner GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud SQL GA GA SQL Injection, DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Storage: Does not include request/response information. GA: If an object ACL is set to public, Admin Activity audit logs are not written for any updates to that object ACL.
GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Trace Admin Activity audit logs are not written for this service GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Translation GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Cloud Vision GA Data Access audit logs are not written for this service. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Compute Engine: System Event audit logs are also available for this service. GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Compute Engine Serial Port Access GA Data Access audit logs are not written for this service. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Connectivity Tests GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Container Analysis GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Dataflow GA Data Access audit logs are not written for this service. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Dataproc GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Datastore GA GA: Audits requests to start managed import or export operations. Audit does not include entity-specific read/write logs for those operations. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Data Catalog Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Dialogflow GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Error Reporting GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Firebase Management Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Firebase Notifications Console Admin Activity audit logs are not written for this service GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Firestore GA GA: Audits requests to start managed import or export operations. Audit does not include entity-specific read/write logs for those operations. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Game Servers Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Google Cloud Armor GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Google Kubernetes Engine GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Identity Platform GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Identity-Aware Proxy Admin Activity audit logs are not written for this service GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
IoT Core GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Managed Service for Microsoft Active Directory Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Memorystore Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Pub/Sub: System Event audit logs are also available for this service.
GA Data Access audit logs are not written for this service. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
reCAPTCHA Enterprise GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Recommendations AI Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Resource Manager GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Secret Manager Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Security Command Center GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Serverless VPC Access Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Service Directory Beta Beta DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Service Management: System Event audit logs are also available for this service.
GA Data Access audit logs are not written for this service. DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Transparency and Control Center GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat
Virtual Private Cloud (VPC) GA GA DDoS, Network based threats, GCP Account Compromise, Credential Fraud, Insider Threat