To monitor the organization’s cloud logging stream and detect security breaches, Veronica Lauren

can utilize the Event Threat Detection service within Google Security Command Center.

Event Threat Detection: This built-in service of Google Security Command Center is designed to

monitor cloud logs across multiple projects and detect threats such as malware, brute force SSH

attempts, and cryptomining1. It uses threat intelligence and advanced analytics to identify and alert

on suspicious activity in real time.

Functionality:

Log Analysis: Event Threat Detection continuously analyzes the logs generated by Google Cloud

services.

Threat Detection: It automatically detects the presence of threats like malware, SSH brute force

attempts, and cryptomining activities.

Alerts and Findings: When a potential threat is detected, Event Threat Detection issues findings that

are integrated into the Security Command Center dashboard for further investigation.

Why Not the Others?:

Web Security Scanner: This service is primarily used for identifying security vulnerabilities in web

applications hosted on Google Cloud, not for monitoring logs for security breaches.

Container Threat Detection: While this service is useful for detecting runtime threats in containers, it

does not provide the broad log analysis capabilities that Event Threat Detection offers.

Security Health Analytics: This service provides automated security scanning to detect

misconfigurations and compliance violations in Google Cloud resources, but it is not specifically

focused on the real-time threat detection provided by Event Threat Detection.

Reference:

Security Command Center overview | Google Cloud1.