Get a Demo
Under Attack?
Blue hexagons on a white background with a prominent blue hexagon in the center featuring a white arrow. The word upwind is in the top left corner.

Automatically Secure Google Cloud Run Serverless Functions with Upwind

<br />
<b>Warning</b>:  Undefined variable $photo in <b>/nas/content/live/landing173/wp-content/themes/bricks/includes/elements/code.php(236) : eval()'d code</b> on line <b>33</b><br />
<br />
<b>Warning</b>:  Trying to access array offset on value of type null in <b>/nas/content/live/landing173/wp-content/themes/bricks/includes/elements/code.php(236) : eval()'d code</b> on line <b>33</b><br />
Chris Lentricchia April 08, 2025

Automatically Secure Google Cloud Run Serverless Functions with Upwind

We are excited to announce that Upwind now supports Google Cloud Run. This addition reflects our commitment to delivering comprehensive, modern cloud security – no matter where or how your applications run. With this update, all core capabilities within the Upwind Platform are now available for workloads deployed on Google Cloud Run

What is Google Cloud Run?

Google Cloud Run is a fully-managed serverless platform that lets you run containerized applications on top of Google Cloud. It handles scaling, networking, and infrastructure so you can focus on code. Google Cloud Run is optimized  for stateless workloads like APIs, websites or background processing, but it can also support database access, caching, and AI/ML powered services. Think of it as the easiest way to run container images on Google Cloud. 

Why It Matters for Security Teams

As adoption of serverless computing and Google Cloud Run continues to grow, so does the need to secure serverless environments without introducing friction or operational overhead. That’s why we’ve extended the full power of Upwind – real-time detection, posture insights, image scanning, and more – to protect your Cloud Run workloads.

Diagram showing a network map in Upwind. Central node labeled my-cloud-run-service is highlighted, with connections to other nodes like VPC project and Upwind-bucket. Sidebar displays details and metrics of the my-cloud-run-service node.

Upwind’s support of Google Cloud Run includes:

  • Proactive Posture & Configuration Management: Surface findings for Google Cloud Run resources such as misconfigurations, exposed secrets, potential compliance breaches, malware, and external exposure risks – automatically and continuously.
  • Real-time Threat Detection & Response: Detect threats targeting Google Cloud Run workloads in real time, and view contextual runtime detections in the Threads tab.
  • Vulnerability Management: Identify and prioritize vulnerabilities in Cloud Run workloads using real-time & runtime insights and the Upwind Vulnerability Funnel. 
  • Cloud Run Inventory: Automatically discover all serverless functions and container  workloads running on Cloud Run in the Assets Tab, with compute, data & scanned image visibility in the Images Tab. 
  • Monitor Real-Time Communication: Visualize how Cloud Run functions interact with other cloud resources in real-time using the Upwind Topology Map, including detailed network path and associated resource risk summaries.
  • Proactive Posture & Configuration Management: Surface findings for Google Cloud Run resources such as misconfigurations, exposed secrets, potential compliance breaches, malware, and external exposure risks – automatically and continuously.

How Does Upwind Support Google Cloud Run?

Unlike traditional workloads, Google Cloud Run doesn’t offer a node layer for deploying Upwind’s eBPF sensor.. To overcome this, the Upwind Platform uses the same innovative tracer technology we pioneered for AWS Fargate. The Upwind Tracer provides deep visibility into Google Cloud Run environments, enabling:

  • Process Communication Monitoring: Understand how processes within a container interact, detect anomalies, alerting on suspicious or malicious activity.
  • Network Visibility: Track all inbound and outbound network traffic to identify potential threats and data exfiltration attempts.
  • File Activity Tracking: Monitor file read, write, and execute operations in real-time, to flag unauthorized access or modification.

To complement the Upwind Tracer, the Upwind Platform also includes our Agentless Google Cloud Scanner for vulnerability management. This scanner analyzes container images in the Google Artifact Registry, identifying vulnerabilities before they reach production, and correlates vulnerability findings with runtime insights for prioritization.

Screenshot of a cloud scanner dashboard. It shows general details, scan statistics, and resources such as VMs, storage, and databases with their status, security issues, and last scan dates. The interface includes buttons for actions like editing and scanning.

Get Started with Upwind’s Google Cloud Run Security

Upwind’s support for Google Cloud Run makes it easier than ever to secure serverless environments in Google Cloud. Whether you’re deploying microservices, APIs, or event-driven workloads, Upwind ensures visibility and protection without compromising speed or simplicity.
To learn more about Upwind and our support for Google Cloud Run, schedule a demo with us.

401 Authorization Required

401 Authorization Required


nginx
Contents

Further Reading

Superhuman AI

Security AI Needs an Honest Scoreboard: What It’s Superhuman At, and Where It Comes Up Short

If you follow AI at all, you know the leaderboards. Every few weeks a model takes the top spot, and we all check where our favorite landed. But a leaderboard only tells you who's ahead, and it stays quiet about where any of those models still come up short. Which, conveniently, is the part that…
Focus Mode

Find What Matters with Upwind Focus Mode

Focus Mode is now available in the Upwind platform, giving security teams a faster, more focused way to work. Instead of navigating across the platform, you can switch to Focus Mode to slice and dice the Upwind platform by Vulnerability Management, Cloud Security Posture, Attack Surface Management, Administration, or Threats, and starting next week, AI…
Early Advisories

Introducing Early Advisories: Turn Emerging Threats into Action

We’re excited to introduce Early Advisories as part of the Upwind platform. Powered by Upwind's security research team, Early Advisories notify customers about emerging threats, including zero-days and supply chain attacks, before they receive a CVE identifier. Early Advisories are published directly into the Vulnerabilities module alongside CVE-based findings and automatically correlated with your live…