/
GCP
Document toolboxDocument toolbox

GCP

Owned by Juan Tomás Alonso Nieto (Deactivated)
Last updated: Sept 07, 2023 by Former user (Deleted)
4 min read

Google Cloud Platform (GCP) is one of the largest cloud providers out there, and as such requires organizations to protect themselves with cloud security monitoring. Devo’s Threat Research Team’s content contains many GCP detections so your organization can monitor your GCP infrastructure, look for areas of risk, or help respond to threats as they emerge.

An attacker could intend to modify, or gain, privileges on a Cloud SQL Database.

Source table → cloud.gcp

An attacker could be performing reconnaissance on a GCP project trying to enumerate permissions.

Source table → cloud.gcp

An attacker may have created a new Route to bypass restrictions on traffic routing segregating trusted and untrusted networks.

Source table → cloud.gcp

An adversary could create a Google Cloud Pub/Sub topic to collect data.

Source table → cloud.gcp

An adversary could delete a Google Cloud Pub/Sub topic to impair event aggregation and analysis mechanisms.

Source table → cloud.gcp

Related content

Firewall detections
Firewall detections
Devo latest
Read with this
GCP
GCP
Devo v7.10.0
More like this
AWS
AWS
Devo latest
Read with this
Platform alert pack: GCP
Platform alert pack: GCP
Devo latest
More like this
Windows detections
Windows detections
Devo latest
Read with this
Release 3 - Out-of-the-box alerts
Release 3 - Out-of-the-box alerts
Devo v7.12.0
More like this