Security Command Center Risk Engine supports Managed Service for Apache Spark resources in attack paths and Managed Service for Apache Spark clusters and jobs in high-value resource sets.

Risk Engine now supports aiplatform.googleapis.com/ReasoningEngine in both attack paths and high value resource sets.

Risk Engine has launched enhanced heuristics to help identify default high-value resources.

If you are using the default high-value resource set, you might observe changes in the exposure scores of their findings, resources, and issues. For information about these changes, see Default high-value resource set.

The names of Event Threat Detection rules pertaining to AI control plane have changed.

The Cloud Run Threat Detection rule Privilege Escalation: Fileless Execution in /dev/shm has been shut down.

In March 2026, Risk Engine will launch enhanced heuristics to more accurately identify default high-value resources.

No action is required. As a result of this enhancement, customers using the default high-value resource set may observe changes in the exposure scores of their findings, resources, and issues. Customers using custom resource value configurations are not affected.

AI Protection is generally available (GA) in the Security Command Center Premium tier at the organization level.

For regional availability, see Locations for AI Protection.

Security Command Center lets you filter findings, issues, and compliance information to view only the resources that are registered to an App Hub application. For information, see Integration with App Hub.

The Security Command Center Standard tier, available at no charge, has a new set of capabilities and is activated automatically for some organizations. For information about these changes, see Standard tier enhanced and automatically activated for some customers.

The following Container Threat Detection detectors have been released to General Availability:

• Command and Control: Piped Encoded Code Execution Detected
• Command and Control: Piped Encoded Download

You can configure Model Armor floor settings for Google-managed Model Context Protocol (MCP) servers to define baseline safety and security filters. This feature is in Preview.

You can also configure Cloud Logging for sanitization operations. The Model Armor floor settings perform these operations on traffic to and from Google-managed MCP servers and Vertex AI models.

Multiple pages in Security Command Center Standard have been improved:

• The Risk overview page is enhanced to provide separate views for misconfiguration, vulnerabilities and identity-related findings.
• The Findings page includes predefined filter views for vulnerabilities and identity findings.
• The left navigation has been updated.

Feature

AI Protection is generally available (GA) in the Security Command Center Enterprise tier and is available as a Preview in the Security Command Center Premium tier.

Security Command Center Risk Engine supports Cloud Build Attack Paths with Cloud Build Resources supported in the high-value resource set.

You can configure Model Armor to enhance the security of your agentic AI applications that interact with Google Cloud Model Context Protocol (MCP) servers. This feature is in Preview. For configuration details, see Model Armor integration with Google Cloud MCP servers.

Security Command Center Risk Engine uses the storage.restrictAuthTypes organization policy constraint to determine whether Cloud Storage buckets are reachable using signed URLs.

The monitoring dashboard is available in General Availability.

Model Armor integration with Vertex AI is available in General Availability.

The following updates simplify Security Command Center Standard and Premium tier activation for organizations:

• You need fewer Identity and Access Management (IAM) roles to activate Security Command Center.
• A variety of services are automatically enabled during activation. Service-specific service agents are automatically enabled with the IAM roles and permissions that are required for these services to function.

See the following for detailed information about activating a specific tier:

• Activate Security Command Center Standard tier for an organization
• Activate Security Command Center Premium tier for an organization

Agent Engine Threat Detection, a built-in service of Security Command Center, is available in Preview to the Security Command Center Enterprise and Premium tiers. This service helps you detect and investigate potential attacks on AI agents that are deployed to Vertex AI Agent Engine Runtime.

Feature

The following AI Protection features are available:

• AI Security dashboard: The dashboard has an updated AI Inventory section, which includes an overview of AI agents.
• Assets page: You can filter for AI resources, including AI agents that are deployed to Vertex AI Agent Engine.

AI Protection is available in Preview to the Security Command Center Enterprise tier.

Data Security Posture Management (DSPM) supports the Security Command Center Premium tier at the organization level.

Several features and updates have been made available to Security Command Center in a federated identity environment:

• Exporting findings to a CSV file.
• Exporting findings to Cloud Storage.

The following features aren't supported by identity federation but are being moved to other sections in the documentation:

• Sending feedback in Security Command Center
• Managing Google SecOps settings.

Model Armor is available in the following regions:

• europe-west1 (Belgium)
• europe-west2 (London)
• europe-west3 (Frankfurt)
• asia-south1 (Mumbai)

For more information, see Locations for the Model Armor API.

Feature

Data Security Posture Management (DSPM) has been released to General Availability for the Security Command Center Enterprise tier.

You can use customer-managed encryption keys (CMEK) organization policies with Security Command Center. For more information, see Use CMEK organization policies with Security Command Center.

Feature

The monitoring and auditing capabilities for Compliance Manager have been released to General Availability.

Security Command Center Risk Engine supports Cloud Run attack paths for the following high-value resources:

• run.googleapis.com/Job
• run.googleapis.com/Service

Compliance Manager supports the Security Command Center Premium tier at the organization level.

In addition to the Enterprise service tier, Issues are available on the Security Command Center Premium service tier at the organization level. This update includes capabilities such as Toxic Combinations, Chokepoints, and Graph Search (Preview). The console navigation has been updated to reflect an Issues page for Premium tier users.

The release note for Security Command Center and attack path simulations, published on October 16, 2025, was updated to clarify that attack path simulations use Compute Engine and Google Kubernetes Engine OS and software vulnerability findings to detect toxic combinations and chokepoints.

Container image vulnerability findings has been released to General Availability.

Customers with an organization-level activation of Security Command Center Premium have an organization-level discovery subscription at no charge from Sensitive Data Protection. For more information, see Sensitive data discovery in Security Command Center Premium.

Security Command Center and attack path simulations use Compute Engine and Google Kubernetes Engine operating system and software vulnerabilities to detect toxic combinations and chokepoints.

UPDATE: Attack path simulations analyze OS and software vulnerability findings for Compute Engine and Google Kubernetes Engine resources to detect toxic combinations and chokepoints.

The following features in Compliance Manager are available in General Availability:

• Applying and updating built-in frameworks and cloud controls
• Creating, applying, and editing custom frameworks and cloud controls
• Support for VPC Service Control perimeters
• Audit logging
• Client libraries
• REST APIs