AI threat findings

Security Command Center has detectors for general AI-related threats and detectors that are designed for AI agents deployed to Vertex AI Agent Engine Runtime.

General AI threats

The following log-based detections are available with Event Threat Detection :

• Initial Access: Dormant Service Account Activity in AI Service
• Persistence: New AI API Method
• Persistence: New Geography for AI Service
• Privilege Escalation: Anomalous Impersonation of Service Account for AI Admin Activity
• Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Admin Activity
• Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Data Access
• Privilege Escalation: Anomalous Service Account Impersonator for AI Admin Activity
• Privilege Escalation: Anomalous Service Account Impersonator for AI Data Access

Threats to agents deployed to Vertex AI Agent Engine Runtime

Preview

This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms . Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions .

Security Command Center performs runtime and control plane monitoring of AI agents deployed to Vertex AI Agent Engine Runtime.

Runtime finding types

The following runtime detections are available with Agent Engine Threat Detection :

• Execution: Added Malicious Binary Executed
• Execution: Added Malicious Library Loaded
• Execution: Built in Malicious Binary Executed
• Execution: Container Escape
• Execution: Kubernetes Attack Tool Execution
• Execution: Local Reconnaissance Tool Execution
• Execution: Malicious Python Executed
• Malicious Script Executed
• Malicious URL Observed
• Execution: Modified Malicious Binary Executed
• Execution: Modified Malicious Library Loaded
• Reverse Shell
• Unexpected Child Shell

Control plane finding types

The following control plane detections are available with Event Threat Detection :

• Exfiltration: Agent Engine Initiated BigQuery Data Extraction
• Exfiltration: Agent Engine Initiated BigQuery Data Exfiltration
• Exfiltration: Agent Engine Initiated Cloud SQL Exfiltration
• Initial Access: Agent Engine Identity Excessive Permission Denied Actions
• Discovery: Agent Engine Service Account Self-Investigation
• Privilege Escalation: Agent Engine Suspicious Token Generation (cross-project access token)
• Privilege Escalation: Agent Engine Suspicious Token Generation (cross-project OpenID token)
• Privilege Escalation: Agent Engine Suspicious Token Generation (implicit delegation)

What's next

• Learn about Event Threat Detection .
• Learn about Agent Engine Threat Detection .
• Learn how to respond to AI threat findings .
• Refer to the Threat findings index .