Use Cloud Run Threat Detection

Cloud Run Threat Detection is a built-in service of Security Command Center that continuously monitors the state of Cloud Run resources to detect the most common runtime attacks. If Cloud Run Threat Detection detects an attack, it generates a finding in Security Command Center in near-real time.

Cloud Run Threat Detection's runtime detectors monitor the scanned resources for suspicious binaries and libraries and uses natural language processing (NLP) to detect malicious Bash and Python code. These runtime detectors support only Cloud Run resources that run on the second generation execution environment. If you don't specify an execution environment and use Cloud Run Threat Detection, Cloud Run sets the second generation environment by default for your resources.

For instructions on how to configure threat detection in your Cloud Run resources, see Use Cloud Run Threat Detection in the Security Command Center documentation.