Console

Database threat findings

Security Command Center analyzes various logs for potential threats that affect databases. The following log-based detections are available with Event Threat Detection:

Credential Access: CloudDB Failed login from Anonymizing Proxy IP

Exfiltration: Cloud SQL Data Exfiltration

Exfiltration: Cloud SQL Over-Privileged Grant

Exfiltration: Cloud SQL Restore Backup to External Organization

Initial Access: CloudDB Successful login from Anonymizing Proxy IP

Initial Access: Database Superuser Writes to User Tables

Privilege Escalation: AlloyDB Database Superuser Writes to User Tables

Privilege Escalation: AlloyDB Over-Privileged Grant

What's next

Learn about Event Threat Detection.
Refer to the Threat findings index.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-09-17 UTC.

Database threat findings Stay organized with collections Save and categorize content based on your preferences.

What's next

Database threat findings