Security Command Center 會分析各種記錄,找出可能影響資料庫的潛在威脅。Event Threat Detection 提供下列以記錄為基礎的偵測功能:
-
Credential Access: CloudDB Failed login from Anonymizing Proxy IP -
Exfiltration: Cloud SQL Data Exfiltration -
Exfiltration: Cloud SQL Over-Privileged Grant -
Exfiltration: Cloud SQL Restore Backup to External Organization -
Initial Access: CloudDB Successful login from Anonymizing Proxy IP -
Initial Access: Database Superuser Writes to User Tables -
Privilege Escalation: AlloyDB Database Superuser Writes to User Tables -
Privilege Escalation: AlloyDB Over-Privileged Grant
後續步驟
- 瞭解 Event Threat Detection。
- 請參閱威脅發現項目索引。