AI Protection supports data residency in the European Union (EU) for the Security Command Center Premium tier.
For more information, see Planning for data residency.
The following Security Command Center finding category names from AI Protection have new names that clarify that AI Protection detects Gemini foundation models:
VERTEX_AI_MODEL_DETECTED changes to GEMINI_MODEL_DETECTED.VERTEX_AI_MODEL_NOT_PROTECTED_BY_MODEL_ARMOR changes to
GEMINI_MODEL_NOT_PROTECTED_BY_MODEL_ARMOR.For more information about AI Protection findings, see AI Protection overview.
]]>Risk Engine detects toxic combinations that are related to Managed Service for Apache Spark (formerly known as Dataproc), including Lightning Engine.
Risk reports are updated to include more content in the Risk Engine introduction and the System attack exposure pages. For more information about what's included in risk reports, see Risk reports overview.
]]>The following Compliance Manager frameworks were updated:
The Security Command Center Enterprise service tier is deprecated. It will be shut down on May 21, 2027. By default, your organization will automatically move to the Premium service tier on that date.
Artifact guard is available in Preview to the Security Command Center Enterprise and Premium tiers. Artifact guard is a service that helps you prevent the deployment of vulnerable packages throughout the software development lifecycle.
Risk Engine detects toxic combinations that are related to Cloud Build resources.
]]>Vulnerability Assessment for Google Cloud supports scanning XFS and NTFS disk partition types.
]]>Vulnerability Assessment for Google Cloud supports scanning GKE clusters that have Image streaming enabled.
]]>Compliance Manager can be enabled for a single project. For more information, see Enable Compliance Manager.
New Standard tier activations at the organization level support the enhanced Standard tier features. New Standard tier activations at the project level continue to support Standard-legacy tier features. For more information, see Standard tier enhanced and automatically activated for some customers.
]]>When Security Command Center is activated at the project level only, you can enable Vulnerability Assessment for Google Cloud on the single project.
Security Command Center has new predefined rules and controls:
Additional predefined security graph rules to support Agent Runtime
Additional support in existing correlated threats rules for Agent Runtime
Additional runtime detectors in Agent Platform Threat Detection
Additional Event Threat Detection rules to support AI agents
Security Command Center findings that are related to AI security risks are available in the Security tab of the Gemini Enterprise Agent Platform. The feature helps provide comprehensive visibility into findings, active threats, and attack path simulations. This feature requires Security Command Center Premium or Enterprise.
For more information, see View security findings.
]]>Through the Application Design Center, Security Command Center helps you perform proactive security assessments (Preview) throughout your application development lifecycle. This integration shows both design-time and runtime findings in Security Command Center. For more information, see Application lifecycle security assessments.
Data Security Posture Management has new controls in Preview. The controls help you secure Cloud Storage objects and include the following:
For more information, see Advanced data governance and security cloud controls.
]]>AI Protection supports agentic workloads in Preview, including Gemini Enterprise Agent Platform and Model Context Protocol (MCP) servers. This update includes the following:
When you activate Security Command Center Standard or Premium tier for a project, several services are automatically enabled and service-specific service agents are provisioned with the required IAM roles and permissions.
For more information, see Activate for a project when Security Command Center is not active in the organization.
]]>Cloud Run Threat Detection monitors Cloud Run worker pools. For a list of resources that Cloud Run Threat Detection monitors, see Supported resources.
]]>Key insights from Security Command Center are available on the Security & compliance page in Cloud Hub. This feature is available in Preview.
]]>Security Command Center Risk Engine supports Managed Service for Apache Spark resources in attack paths and Managed Service for Apache Spark clusters and jobs in high-value resource sets.
]]>Risk Engine supports
aiplatform.googleapis.com/ReasoningEngine
in both attack paths and high value
resource
sets.
Risk Engine has launched enhanced heuristics to help identify default high-value resources.
If you are using the default high-value resource set, you might observe changes in the exposure scores of their findings, resources, and issues. For information about these changes, see Default high-value resource set.
]]>The following Compliance Manager frameworks were updated:
The names of Event Threat Detection rules pertaining to AI control plane have changed.
The Cloud Run Threat Detection rule
Privilege Escalation: Fileless Execution in /dev/shm has been shut
down.
In March 2026, Risk Engine will launch enhanced heuristics to more accurately identify default high-value resources.
No action is required. As a result of this enhancement, customers using the default high-value resource set may observe changes in the exposure scores of their findings, resources, and issues. Customers using custom resource value configurations are not affected.
]]>AI Protection is generally available (GA) in the Security Command Center Premium tier at the organization level.
For regional availability, see Locations for AI Protection.
]]>Security Command Center lets you filter findings, issues, and compliance information to view only the resources that are registered to an App Hub application. For information, see Integration with App Hub.
]]>The Security Command Center Standard tier, available at no charge, has a new set of capabilities and is activated automatically for some organizations. For information about these changes, see Standard tier enhanced and automatically activated for some customers.
]]>The following Container Threat Detection detectors have been released to General Availability:
Command and Control: Piped Encoded Code Execution DetectedCommand and Control: Piped Encoded DownloadYou can configure Model Armor floor settings for Google-managed Model Context Protocol (MCP) servers to define baseline safety and security filters. This feature is in Preview.
You can also configure Cloud Logging for sanitization operations. The Model Armor floor settings perform these operations on traffic to and from Google-managed MCP servers and Gemini Enterprise Agent Platform models.
]]>Multiple pages in Security Command Center Standard have been improved:
AI Protection is generally available (GA) in the Security Command Center Enterprise tier and is available as a Preview in the Security Command Center Premium tier.
]]>Security Command Center Risk Engine supports Cloud Build Attack Paths with Cloud Build Resources supported in the high-value resource set.
]]>You can configure Model Armor to enhance the security of your agentic AI applications that interact with Google Cloud Model Context Protocol (MCP) servers. This feature is in Preview. For configuration details, see Model Armor integration with Google Cloud MCP servers.
]]>Security Command Center Risk Engine
uses the storage.restrictAuthTypes
organization policy constraint to determine whether Cloud Storage buckets are
reachable using signed URLs.
The monitoring dashboard is available in General Availability.
]]>Model Armor integration with Gemini Enterprise Agent Platform is available in General Availability.
]]>The following updates simplify Security Command Center Standard and Premium tier activation for organizations:
See the following for detailed information about activating a specific tier:
]]>