Are TsunamiSecurityScanner queries on cloud run instances an attack or Google check?
During the night, all my cloud run instances on the same project (there are python and node.js instances) received numerous requests with the tag TsunamiSecurityScanner (see attached image) ?
Is this an attack (like JNDI injection)? Or a normal Google check?
There is nothing related to that in my Security Command Center in my GCP console. And i have see in Google github the TsunamiSecurityScanner is open source and not an official product (?).
Anyone have a clue ? Thanks by advance,
TsunamiSecurityScanner queries are officially from Google and not a cyber attack. They are part of the Rapid Vulnerability Detection (RVD) with Security Command Center. Currently, there is no fixed set of IP addresses for RVD, so you cannot allowlist the traffic because the IP addresses are not static and may change. However, there is an ongoing internal feature request to address this. You can track its status here in this Public Issue Tracker.
- Why does loading parquet files into Bigquery display gibberish values in the table?
- Utilizing Gemini: Through Vertex AI or through Google/generative-ai?
- GKE Gateway for load balancing creates wrong health check path
- Multi-Attach error for volume <pvcname> Volume is already exclusively attached to one node and can't be attached to another
- Kotlin How do I update the throughput when the application is closing?
- I'm having a hard time setting up Substitution Variables for Google Cloud Build. I keep getting an invalid value for 'build.substitutions' error
- Google Cloud credentials with Terraform
- gcloud functions deploy fails: One or more users named in the policy do not belong to a permitted customer
- How to configure google load balancer to route to cloud run service using url mask but strip service from url
- Datastore export logic in Java
- Google Cloud API Gateway API Key Authentication Not Working
- Google cloud buckets data location in transit
- Does snapshot size is less than actual disk size even disk is full in google cloud?
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- GA4 Data Not Retained for More Than 60 Days Despite BigQuery Table Expiration Set to 'Never
- Firebase Firestore: Accessing Never-Retrieved Data Offline
- How to write a REGEXP_EXTRACT expression in Google Cloud Logging config json?
- Why does my GKE cluster not show any events?
- Python to get billing info from Gcloud
- Google Artifact Registry: Conditional Keep Cleanup Policy Not Respecting Tag Prefix Parameter
- Google Cloud: sign a JWT while impersonating a service account
- Google recaptcha enterprise: Your default credentials were not found
- Firebase Admin SDK cant upload to storage bucket folder
- Accessing Firestore via Cloud Function
- Problem with executing asynchronous Cloud Function
- do you need to create a separate collection/document for reading an aggregated document with firebase cloud function
- httpsCallable is not a function when calling a Firebase function
- Google Cloud Eventarc: Receive events via Pub/Sub directly
- Android Studio's project gradle file changed?
- How to listen to button triggers using Firebase