Console

AI threat findings

Security Command Center analyzes various logs for potential threats that affect AI services. The following log-based detections are available with Event Threat Detection:

Initial Access: Dormant Service Account Activity in AI Service

Persistence: New AI API Method

Persistence: New Geography for AI Service

Privilege Escalation: Anomalous Impersonation of Service Account for AI Admin Activity

Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Admin Activity

Privilege Escalation: Anomalous Multistep Service Account Delegation for AI Data Access

Privilege Escalation: Anomalous Service Account Impersonator for AI Admin Activity

Privilege Escalation: Anomalous Service Account Impersonator for AI Data Access

What's next

Learn about Event Threat Detection.
Refer to the Threat findings index.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-09-17 UTC.

AI threat findings Stay organized with collections Save and categorize content based on your preferences.

What's next

AI threat findings