Stay organized with collectionsSave and categorize content based on your preferences.
Cloud Run Threat Detectionis a built-in service of Security Command Center that continuously monitors the state of
Cloud Run resources to detect the most common runtime attacks. If
Cloud Run Threat Detection detects an attack, it generates a
finding in Security Command Center in near-real time.
Cloud Run Threat Detection's runtime detectors monitor the scanned resources for suspicious
binaries and libraries and uses natural language processing (NLP) to detect
malicious Bash and Python code. These runtime detectors support only
Cloud Run resources that run on thesecond generation execution environment.
If you don't specify an execution environment and use Cloud Run Threat Detection,
Cloud Run sets the second generation environment by default for
your resources.
For instructions on how to configure threat detection in your Cloud Run
resources, seeUse Cloud Run Threat Detectionin the Security Command Center documentation.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Use Cloud Run Threat Detection\n\n| **Preview\n| --- Cloud Run Threat Detection**\n|\n|\n| This feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| Pre-GA features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\n[Cloud Run Threat Detection](/security-command-center/docs/cloud-run-threat-detection-overview)\nis a built-in service of Security Command Center that continuously monitors the state of\nCloud Run resources to detect the most common runtime attacks. If\nCloud Run Threat Detection detects an attack, it generates a\nfinding in Security Command Center in near-real time.\n\nCloud Run Threat Detection's runtime detectors monitor the scanned resources for suspicious\nbinaries and libraries and uses natural language processing (NLP) to detect\nmalicious Bash and Python code. These runtime detectors support only\nCloud Run resources that run on the [second generation execution environment](/run/docs/about-execution-environments).\nIf you don't specify an execution environment and use Cloud Run Threat Detection,\nCloud Run sets the second generation environment by default for\nyour resources.\n\nFor instructions on how to configure threat detection in your Cloud Run\nresources, see [Use Cloud Run Threat Detection](/security-command-center/docs/use-cloud-run-threat-detection)\nin the Security Command Center documentation."]]
