Skip to content
FantasticLogs.Cloud

GCP Events

GCP Security Events

Section titled “GCP Security Events”

Google Cloud Platform (GCP) specific security events, detections, and incident response procedures. These events are typically sourced from Cloud Audit Logs, Cloud Logging, Security Command Center, and other GCP native logging services.

Common GCP Attack Patterns

Section titled “Common GCP Attack Patterns”
  • Identity and Access Management: Unauthorized IAM policy changes or service account abuse
  • Compute Engine Compromise: Unauthorized instance access or configuration changes
  • Cloud Storage Exposure: Bucket misconfigurations or unauthorized data access
  • Cloud Functions Abuse: Serverless function exploitation for persistence
  • BigQuery Data Exfiltration: Unauthorized data queries or exports

GCP-Specific Log Sources

Section titled “GCP-Specific Log Sources”
  • Cloud Audit Logs: Administrative activity and data access logs
  • Cloud Logging: Application and system logs aggregation
  • Security Command Center: Security findings and asset inventory
  • VPC Flow Logs: Network traffic analysis
  • Cloud Monitoring: Infrastructure and application metrics
Section titled “Events Related to GCP”

No events found for this cloud provider.