When Security Command Center is activated at the project level only, you can enable Vulnerability Assessment for Google Cloud on the single project.

Feature

Security Command Center has new predefined rules and controls:

• Additional predefined security graph rules to support Agent Runtime

• Additional support in existing correlated threats rules for Agent Runtime

• Additional runtime detectors in Agent Platform Threat Detection

• Additional Event Threat Detection rules to support AI agents

Feature

Security Command Center findings that are related to AI security risks are available in the Security tab of the Gemini Enterprise Agent Platform. The feature helps provide comprehensive visibility into findings, active threats, and attack path simulations. This feature requires Security Command Center Premium or Enterprise.

For more information, see View security findings.

Through the Application Design Center, Security Command Center helps you perform proactive security assessments (Preview) throughout your application development lifecycle. This integration shows both design-time and runtime findings in Security Command Center. For more information, see Application lifecycle security assessments.

Feature

Data Security Posture Management has new controls in Preview. The controls help you secure Cloud Storage objects and include the following:

• Govern the minimum retention period for Cloud Storage objects
• Require Customer-Managed Encryption for Cloud Storage objects
• Restrict Public Access to Cloud Storage objects

For more information, see Advanced data governance and security cloud controls.

AI Protection supports agentic workloads in Preview, including Gemini Enterprise Agent Platform and Model Context Protocol (MCP) servers. This update includes the following:

• Agent Platform Vulnerability Assessment: Identifies software vulnerabilities (CVEs) in agentic workloads that are deployed with Gemini Enterprise Agent Platform. Findings are surfaced for vulnerabilities of HIGH or CRITICAL severity that are detected in your custom dependencies.
• Expanded detection and controls: Includes new threat detection findings and recommended security controls for AI agents and MCP servers.
• Enhanced inventory and filtering: Provides an updated AI security dashboard view and new filtering options for agentic resources in the console.

When you activate Security Command Center Standard or Premium tier for a project, several services are automatically enabled and service-specific service agents are provisioned with the required IAM roles and permissions.

For more information, see Activate for a project when Security Command Center is not active in the organization.

Cloud Run Threat Detection monitors Cloud Run worker pools. For a list of resources that Cloud Run Threat Detection monitors, see Supported resources.

Key insights from Security Command Center are available on the Security & compliance page in Cloud Hub. This feature is available in Preview.

Security Command Center Risk Engine supports Managed Service for Apache Spark resources in attack paths and Managed Service for Apache Spark clusters and jobs in high-value resource sets.

Risk Engine supports aiplatform.googleapis.com/ReasoningEngine in both attack paths and high value resource sets.

Risk Engine has launched enhanced heuristics to help identify default high-value resources.

If you are using the default high-value resource set, you might observe changes in the exposure scores of their findings, resources, and issues. For information about these changes, see Default high-value resource set.

The following Compliance Manager frameworks were updated:

• CIS GKE 1.7 (version 3.0)
• CIS Critical Security Controls v8 (version 6.0)
• CSA Cloud Controls Matrix v4.0.11 (version 5.0)
• ISO 27001:2022 (version 7.0)
• Qutar National Information Assurance Standard v2.1 (version 4.0)
• NIST 800-53 Revision 5 (version 7.0)
• NIST Cybersecurity Framework 1.1 (version 6.0)
• PCI DSS v4.0.1 (version 4.0)
• Security Essentials (version 12.0)
• SOC 2017 (version 5.0)

The names of Event Threat Detection rules pertaining to AI control plane have changed.

The Cloud Run Threat Detection rule Privilege Escalation: Fileless Execution in /dev/shm has been shut down.

In March 2026, Risk Engine will launch enhanced heuristics to more accurately identify default high-value resources.

No action is required. As a result of this enhancement, customers using the default high-value resource set may observe changes in the exposure scores of their findings, resources, and issues. Customers using custom resource value configurations are not affected.

AI Protection is generally available (GA) in the Security Command Center Premium tier at the organization level.

For regional availability, see Locations for AI Protection.

Security Command Center lets you filter findings, issues, and compliance information to view only the resources that are registered to an App Hub application. For information, see Integration with App Hub.

The Security Command Center Standard tier, available at no charge, has a new set of capabilities and is activated automatically for some organizations. For information about these changes, see Standard tier enhanced and automatically activated for some customers.

The following Container Threat Detection detectors have been released to General Availability:

• Command and Control: Piped Encoded Code Execution Detected
• Command and Control: Piped Encoded Download

You can configure Model Armor floor settings for Google-managed Model Context Protocol (MCP) servers to define baseline safety and security filters. This feature is in Preview.

You can also configure Cloud Logging for sanitization operations. The Model Armor floor settings perform these operations on traffic to and from Google-managed MCP servers and Gemini Enterprise Agent Platform models.

Multiple pages in Security Command Center Standard have been improved:

• The Risk overview page is enhanced to provide separate views for misconfiguration, vulnerabilities and identity-related findings.
• The Findings page includes predefined filter views for vulnerabilities and identity findings.
• The left navigation has been updated.

Feature

AI Protection is generally available (GA) in the Security Command Center Enterprise tier and is available as a Preview in the Security Command Center Premium tier.

Security Command Center Risk Engine supports Cloud Build Attack Paths with Cloud Build Resources supported in the high-value resource set.

You can configure Model Armor to enhance the security of your agentic AI applications that interact with Google Cloud Model Context Protocol (MCP) servers. This feature is in Preview. For configuration details, see Model Armor integration with Google Cloud MCP servers.

Security Command Center Risk Engine uses the storage.restrictAuthTypes organization policy constraint to determine whether Cloud Storage buckets are reachable using signed URLs.

The monitoring dashboard is available in General Availability.

Model Armor integration with Gemini Enterprise Agent Platform is available in General Availability.

The following updates simplify Security Command Center Standard and Premium tier activation for organizations:

• You need fewer Identity and Access Management (IAM) roles to activate Security Command Center.
• A variety of services are automatically enabled during activation. Service-specific service agents are automatically enabled with the IAM roles and permissions that are required for these services to function.

See the following for detailed information about activating a specific tier:

• Activate Security Command Center Standard tier for an organization
• Activate Security Command Center Premium tier for an organization

The following AI Protection features are available:

• AI Security dashboard: The dashboard has an updated AI Inventory section, which includes an overview of AI agents.
• Assets page: You can filter for AI resources, including AI agents that are deployed to Agent Runtime.

AI Protection is available in Preview to the Security Command Center Enterprise tier.

Feature

Agent Engine Threat Detection, a built-in service of Security Command Center, is available in Preview to the Security Command Center Enterprise and Premium tiers. This service helps you detect and investigate potential attacks on AI agents that are deployed to Agent Runtime Runtime.

Data Security Posture Management (DSPM) supports the Security Command Center Premium tier at the organization level.

Several features and updates have been made available to Security Command Center in a federated identity environment:

• Exporting findings to a CSV file.
• Exporting findings to Cloud Storage.

The following features aren't supported by identity federation but are being moved to other sections in the documentation:

• Sending feedback in Security Command Center
• Managing Google SecOps settings.

Model Armor is available in the following regions:

• europe-west1 (Belgium)
• europe-west2 (London)
• europe-west3 (Frankfurt)
• asia-south1 (Mumbai)

For more information, see Locations for the Model Armor API.

Feature

Data Security Posture Management (DSPM) has been released to General Availability for the Security Command Center Enterprise tier.

You can use customer-managed encryption keys (CMEK) organization policies with Security Command Center. For more information, see Use CMEK organization policies with Security Command Center.

Feature

The monitoring and auditing capabilities for Compliance Manager have been released to General Availability.

Security Command Center Risk Engine supports Cloud Run attack paths for the following high-value resources:

• run.googleapis.com/Job
• run.googleapis.com/Service