Skip to main content
DE / EN
Cloud / Google Cloud / Products / Event Threat Detection - Security Monitoring

Event Threat Detection - Security Monitoring

Event Threat Detection identifies security threats in Google Cloud through automatic log analysis and ML-based anomaly detection.

Security
Get Expert Support Documentation
Pricing Model Part of Security Command Center Premium
Availability Global with EU regions
Data Sovereignty EU regions available
Reliability 99.9% availability SLA

What is Event Threat Detection?

Event Threat Detection is a security service in Security Command Center Premium that continuously analyzes cloud logs for threats. The service uses machine learning and rule-based detection to identify suspicious activities such as malware, cryptomining, or data exfiltration.

Core Features

  • Automatic analysis of Cloud Audit Logs and VPC Flow Logs
  • Detection of malware, cryptomining, and unusual behavior
  • Near real-time notifications for threats
  • Integration with Security Command Center for central overview
  • Export of findings to external SIEM systems

Typical Use Cases

Detection of Compromised Accounts: Event Threat Detection identifies unusual IAM activities such as access from unusual regions or creation of suspicious service accounts.

Malware Detection: The service detects known malware communication patterns and suspicious network activities that could indicate compromised workloads.

Compliance Monitoring: Continuous monitoring for security-relevant configuration changes and suspicious administrator activities to meet audit requirements.

Benefits

  • Automatic detection without manual log analysis
  • Use of Google’s Threat Intelligence
  • Central security overview in Security Command Center
  • Fast response through real-time findings

Integration with innFactory

As a Google Cloud Partner, innFactory supports you with Event Threat Detection: setup of Security Command Center, integration into existing security workflows, and development of incident response processes.

Available Tiers & Options

Recommended

Security Command Center Premium

Strengths
  • Automatic threat detection
  • Continuous log analysis
  • Integration with SIEM systems
Considerations
  • Only available in Premium tier
  • Requires Security Command Center

Typical Use Cases

Threat detection
Anomaly detection
Log analysis
Security monitoring

Technical Specifications

API REST API and client libraries
Integration Native Google Cloud integration
Security Encryption at rest and in transit

Frequently Asked Questions

What is Event Threat Detection?

Event Threat Detection is a component of Security Command Center Premium that continuously analyzes Cloud Audit Logs and VPC Flow Logs for threats and generates findings for suspicious activities.

What threats are detected?

The service detects malware, cryptomining, unusual IAM activities, data exfiltration, SSH brute-force attacks, and suspicious API calls, among others.

How quickly are threats detected?

Event Threat Detection analyzes logs in near real-time. Most threats are detected and reported as findings within minutes of occurrence.

Can I create custom detection rules?

Event Threat Detection uses predefined detection rules from Google. For custom rules, you can use Chronicle SIEM or custom log-based alerts in Cloud Monitoring.

Quick Links

Documentation Pricing Console

Google Cloud Partner

innFactory is a certified Google Cloud Partner. We provide expert consulting, implementation, and managed services.

Google Cloud Partner

Similar Products from Other Clouds

Other cloud providers offer comparable services in this category. As a multi-cloud partner, we help you choose the right solution.

AWS

Amazon Cognito: User Authentication

Amazon Cognito provides user authentication and identity management for web and mobile apps.

Pricing Pay per monthly active user
SLA 99.9% availability
Compare →
AWS

Amazon Detective - Security Analysis

Amazon Detective analyzes security data and assists with investigating security incidents in AWS environments.

Pricing Pay per GB ingested
SLA N/A
Compare →
AWS

Amazon GuardDuty - Threat Detection

Amazon GuardDuty detects threats in AWS accounts through continuous analysis of CloudTrail, VPC Flow Logs, and DNS.

Pricing Pay for events analyzed
SLA N/A
Compare →
AWS

Amazon Inspector - Vulnerability Scanning

Amazon Inspector automatically finds security vulnerabilities in EC2, Lambda and container images. Continuous …

Pricing Pay per instance assessment
SLA N/A
Compare →
AWS

Amazon Macie - Data Privacy Discovery

Amazon Macie automatically finds sensitive data like PII in S3 buckets using machine learning and pattern matching.

Pricing Pay per GB scanned
SLA N/A
Compare →
AWS

AWS Artifact - Compliance Documentation

AWS Artifact provides on-demand access to AWS compliance reports and security documentation.

Pricing No charge
SLA N/A
Compare →

28 comparable products found across other clouds.

Ready to start with Event Threat Detection - Security Monitoring?

Our certified Google Cloud experts help you with architecture, integration, and optimization.

Schedule Consultation