AI threat findings

Security Command Center has detectors for general AI-related threats and detectors that are designed for AI agents deployed to Vertex AI Agent Engine Runtime.

General AI threats

The following log-based detections are available with Event Threat Detection:

• Initial Access: Dormant Service Account Activity in AI Service
• Persistence: New AI API Method
• Persistence: New Geography for AI Service
• Privilege Escalation: Anomalous Impersonation of Service Account for AI Admin Activity
• Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Admin Activity
• Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Data Access
• Privilege Escalation: Anomalous Service Account Impersonator for AI Admin Activity
• Privilege Escalation: Anomalous Service Account Impersonator for AI Data Access

Threats to agents deployed to Vertex AI Agent Engine Runtime

Security Command Center performs runtime and control plane monitoring of AI agents deployed to Vertex AI Agent Engine Runtime.

Runtime finding types

The following runtime detections are available with Agent Engine Threat Detection:

• Execution: Added Malicious Binary Executed
• Execution: Added Malicious Library Loaded
• Execution: Built in Malicious Binary Executed
• Execution: Container Escape
• Execution: Kubernetes Attack Tool Execution
• Execution: Local Reconnaissance Tool Execution
• Execution: Malicious Python Executed
• Execution: Modified Malicious Binary Executed
• Execution: Modified Malicious Library Loaded
• Malicious Script Executed
• Malicious URL Observed
• Reverse Shell
• Unexpected Child Shell

Control plane finding types

The following control plane detections are available with Event Threat Detection:

• Discovery: Agent Engine Service Account Self-Investigation
• Exfiltration: Agent Engine Initiated BigQuery Data Exfiltration
• Exfiltration: Agent Engine Initiated BigQuery Data Extraction
• Exfiltration: Agent Engine Initiated Cloud SQL Exfiltration
• Initial Access: Agent Engine Identity Excessive Permission Denied Actions
• Privilege Escalation: Agent Engine Suspicious Token Generation (cross-project access token)
• Privilege Escalation: Agent Engine Suspicious Token Generation (cross-project OpenID token)
• Privilege Escalation: Agent Engine Suspicious Token Generation (implicit delegation)

What's next

• Learn about Event Threat Detection.
• Learn about Agent Engine Threat Detection.
• Learn how to respond to AI threat findings.
• Refer to the Threat findings index.