AI threat findings

Security Command Center has detectors for general AI-related threats and detectors that are designed for AI agents deployed to Vertex AI Agent Engine Runtime.

General AI threats

The following log-based detections are available with Event Threat Detection :

• Initial Access: Dormant Service Account Activity in AI Service
• Persistence: New AI API Method
• Persistence: New Geography for AI Service
• Privilege Escalation: Anomalous Impersonation of Service Account for AI Admin Activity
• Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Admin Activity
• Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Data Access
• Privilege Escalation: Anomalous Service Account Impersonator for AI Admin Activity
• Privilege Escalation: Anomalous Service Account Impersonator for AI Data Access

Threats to agents deployed to Vertex AI Agent Engine Runtime

Preview

This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms . Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions .

Security Command Center performs runtime and control plane monitoring of AI agents deployed to Vertex AI Agent Engine Runtime.

Runtime finding types

The following runtime detections are available with Agent Engine Threat Detection :

• Execution: Added Malicious Binary Executed
• Execution: Added Malicious Library Loaded
• Execution: Built in Malicious Binary Executed
• Execution: Container Escape
• Execution: Kubernetes Attack Tool Execution
• Execution: Local Reconnaissance Tool Execution
• Execution: Malicious Python Executed
• Execution: Modified Malicious Binary Executed
• Execution: Modified Malicious Library Loaded
• Malicious Script Executed
• Malicious URL Observed
• Reverse Shell
• Unexpected Child Shell

Control plane finding types

The following control plane detections are available with Event Threat Detection :

• Credential Access: Agent Engine Anomalous Access to Metadata Service
• Discovery: Agent Engine Evidence of Port Scanning
• Discovery: Agent Engine Service Account Self-Investigation
• Discovery: Agent Engine Unauthorized Service Account API Call
• Exfiltration: Agent Engine Initiated BigQuery Data Exfiltration
• Exfiltration: Agent Engine Initiated BigQuery Data Extraction
• Exfiltration: Agent Engine Initiated Cloud SQL Exfiltration
• Initial Access: Agent Engine Identity Excessive Permission Denied Actions
• Privilege Escalation: Agent Engine Suspicious Token Generation (cross-project access token)
• Privilege Escalation: Agent Engine Suspicious Token Generation (cross-project OpenID token)
• Privilege Escalation: Agent Engine Suspicious Token Generation (implicit delegation)
• Privilege Escalation: Agent Engine Suspicious Token Generation (signJwt)

What's next

• Learn about Event Threat Detection .
• Learn about Agent Engine Threat Detection .
• Learn how to respond to AI threat findings .
• Refer to the Threat findings index .