googleapis
diff --git a/‎google/cloud/securitycenter/v2/BUILD.bazel‎
Lines changed: 7 additions & 0 deletions b/‎google/cloud/securitycenter/v2/BUILD.bazel‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎google/cloud/securitycenter/v2/affected_resources.proto‎
Lines changed: 31 additions & 0 deletions b/‎google/cloud/securitycenter/v2/affected_resources.proto‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎google/cloud/securitycenter/v2/ai_model.proto‎
Lines changed: 61 additions & 0 deletions b/‎google/cloud/securitycenter/v2/ai_model.proto‎
Lines changed: 61 additions & 0 deletions
diff --git a/‎google/cloud/securitycenter/v2/chokepoint.proto‎
Lines changed: 35 additions & 0 deletions b/‎google/cloud/securitycenter/v2/chokepoint.proto‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎google/cloud/securitycenter/v2/disk.proto‎
Lines changed: 1 addition & 1 deletion b/‎google/cloud/securitycenter/v2/disk.proto‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎google/cloud/securitycenter/v2/file.proto‎
Lines changed: 30 additions & 0 deletions b/‎google/cloud/securitycenter/v2/file.proto‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎google/cloud/securitycenter/v2/finding.proto‎
Lines changed: 37 additions & 2 deletions b/‎google/cloud/securitycenter/v2/finding.proto‎
Lines changed: 37 additions & 2 deletions
diff --git a/‎google/cloud/securitycenter/v2/group_membership.proto‎
Lines changed: 3 additions & 0 deletions b/‎google/cloud/securitycenter/v2/group_membership.proto‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎google/cloud/securitycenter/v2/indicator.proto‎
Lines changed: 1 addition & 0 deletions b/‎google/cloud/securitycenter/v2/indicator.proto‎
Lines changed: 1 addition & 0 deletions
@@ -25,11 +25,14 @@ proto_library(
     name = "securitycenter_proto",
     srcs = [
         "access.proto",
+        "affected_resources.proto",
+        "ai_model.proto",
         "application.proto",
         "attack_exposure.proto",
         "attack_path.proto",
         "backup_disaster_recovery.proto",
         "bigquery_export.proto",
+        "chokepoint.proto",
         "cloud_armor.proto",
         "cloud_dlp_data_profile.proto",
         "cloud_dlp_inspection.proto",
@@ -50,13 +53,16 @@ proto_library(
         "group_membership.proto",
         "iam_binding.proto",
         "indicator.proto",
+        "ip_rules.proto",
+        "job.proto",
         "kernel_rootkit.proto",
         "kubernetes.proto",
         "label.proto",
         "load_balancer.proto",
         "log_entry.proto",
         "mitre_attack.proto",
         "mute_config.proto",
+        "network.proto",
         "notebook.proto",
         "notification_config.proto",
         "notification_message.proto",
@@ -71,6 +77,7 @@ proto_library(
         "source.proto",
         "toxic_combination.proto",
         "valued_resource.proto",
+        "vertex_ai.proto",
         "vulnerability.proto",
     ],
     deps = [
 
@@ -0,0 +1,31 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "AffectedResourcesProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Details about resources affected by this finding.
+message AffectedResources {
+  // The count of resources affected by the finding.
+  int64 count = 1;
+}
@@ -0,0 +1,61 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "AiModelProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Contains information about the AI model associated with the finding.
+message AiModel {
+  // The platform on which the model is deployed.
+  enum DeploymentPlatform {
+    // Unspecified deployment platform.
+    DEPLOYMENT_PLATFORM_UNSPECIFIED = 0;
+
+    // Vertex AI.
+    VERTEX_AI = 1;
+
+    // Google Kubernetes Engine.
+    GKE = 2;
+  }
+
+  // The name of the AI model, for example, "gemini:1.0.0".
+  string name = 1;
+
+  // The domain of the model, for example, “image-classification”.
+  string domain = 2;
+
+  // The name of the model library, for example, “transformers”.
+  string library = 3;
+
+  // The region in which the model is used, for example, “us-central1”.
+  string location = 4;
+
+  // The publisher of the model, for example, “google” or “nvidia”.
+  string publisher = 5;
+
+  // The platform on which the model is deployed.
+  DeploymentPlatform deployment_platform = 6;
+
+  // The user defined display name of model. Ex. baseline-classification-model
+  string display_name = 7;
+}
@@ -0,0 +1,35 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "ChokepointProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Contains details about a chokepoint, which is a resource or resource group
+// where high-risk attack paths converge, based on [attack path simulations]
+// (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations).
+message Chokepoint {
+  // List of resource names of findings associated with this chokepoint.
+  // For example, organizations/123/sources/456/findings/789.
+  // This list will have at most 100 findings.
+  repeated string related_findings = 1;
+}
@@ -27,6 +27,6 @@ option ruby_package = "Google::Cloud::SecurityCenter::V2";
 // Contains information about the disk associated with the finding.
 message Disk {
   // The name of the disk, for example,
-  // `https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}`.
+  // "https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}".
   string name = 1;
 }
@@ -38,6 +38,33 @@ message File {
     string relative_path = 2;
   }
 
+  // Operation(s) performed on a file.
+  message FileOperation {
+    // The type of the operation
+    enum OperationType {
+      // The operation is unspecified.
+      OPERATION_TYPE_UNSPECIFIED = 0;
+
+      // Represents an open operation.
+      OPEN = 1;
+
+      // Represents a read operation.
+      READ = 2;
+
+      // Represents a rename operation.
+      RENAME = 3;
+
+      // Represents a write operation.
+      WRITE = 4;
+
+      // Represents an execute operation.
+      EXECUTE = 5;
+    }
+
+    // The type of the operation
+    OperationType type = 1;
+  }
+
   // Absolute path of the file as a JSON encoded string.
   string path = 1;
 
@@ -62,4 +89,7 @@ message File {
 
   // Path of the file in terms of underlying disk/partition identifiers.
   DiskPath disk_path = 7;
+
+  // Operation(s) performed on a file.
+  repeated FileOperation operations = 8;
 }
@@ -19,9 +19,12 @@ package google.cloud.securitycenter.v2;
 import "google/api/field_behavior.proto";
 import "google/api/resource.proto";
 import "google/cloud/securitycenter/v2/access.proto";
+import "google/cloud/securitycenter/v2/affected_resources.proto";
+import "google/cloud/securitycenter/v2/ai_model.proto";
 import "google/cloud/securitycenter/v2/application.proto";
 import "google/cloud/securitycenter/v2/attack_exposure.proto";
 import "google/cloud/securitycenter/v2/backup_disaster_recovery.proto";
+import "google/cloud/securitycenter/v2/chokepoint.proto";
 import "google/cloud/securitycenter/v2/cloud_armor.proto";
 import "google/cloud/securitycenter/v2/cloud_dlp_data_profile.proto";
 import "google/cloud/securitycenter/v2/cloud_dlp_inspection.proto";
@@ -40,17 +43,21 @@ import "google/cloud/securitycenter/v2/file.proto";
 import "google/cloud/securitycenter/v2/group_membership.proto";
 import "google/cloud/securitycenter/v2/iam_binding.proto";
 import "google/cloud/securitycenter/v2/indicator.proto";
+import "google/cloud/securitycenter/v2/ip_rules.proto";
+import "google/cloud/securitycenter/v2/job.proto";
 import "google/cloud/securitycenter/v2/kernel_rootkit.proto";
 import "google/cloud/securitycenter/v2/kubernetes.proto";
 import "google/cloud/securitycenter/v2/load_balancer.proto";
 import "google/cloud/securitycenter/v2/log_entry.proto";
 import "google/cloud/securitycenter/v2/mitre_attack.proto";
+import "google/cloud/securitycenter/v2/network.proto";
 import "google/cloud/securitycenter/v2/notebook.proto";
 import "google/cloud/securitycenter/v2/org_policy.proto";
 import "google/cloud/securitycenter/v2/process.proto";
 import "google/cloud/securitycenter/v2/security_marks.proto";
 import "google/cloud/securitycenter/v2/security_posture.proto";
 import "google/cloud/securitycenter/v2/toxic_combination.proto";
+import "google/cloud/securitycenter/v2/vertex_ai.proto";
 import "google/cloud/securitycenter/v2/vulnerability.proto";
 import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
@@ -239,9 +246,13 @@ message Finding {
     // Describes a potential security risk to data assets that contain sensitive
     // data.
     SENSITIVE_DATA_RISK = 8;
+
+    // Describes a resource or resource group where high risk attack paths
+    // converge, based on attack path simulations (APS).
+    CHOKEPOINT = 9;
   }
 
-  // The [relative resource
+  // Identifier. The [relative resource
   // name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
   // of the finding. The following list shows some examples:
   //
@@ -255,7 +266,7 @@ message Finding {
   // + `projects/{project_id}/sources/{source_id}/findings/{finding_id}`
   // +
   // `projects/{project_id}/sources/{source_id}/locations/{location_id}/findings/{finding_id}`
-  string name = 1;
+  string name = 1 [(google.api.field_behavior) = IDENTIFIER];
 
   // Output only. The canonical name of the finding. The following list shows
   // some examples:
@@ -464,9 +475,15 @@ message Finding {
   // Contains information about the org policies associated with the finding.
   repeated OrgPolicy org_policies = 43;
 
+  // Job associated with the finding.
+  Job job = 44;
+
   // Represents an application associated with the finding.
   Application application = 45;
 
+  // IP rules associated with the finding.
+  IpRules ip_rules = 46;
+
   // Fields related to Backup and DR findings.
   BackupDisasterRecovery backup_disaster_recovery = 47;
 
@@ -506,6 +523,24 @@ message Finding {
   // Data flow events associated with the finding.
   repeated DataFlowEvent data_flow_events = 62;
 
+  // Represents the VPC networks that the resource is attached to.
+  repeated Network networks = 63;
+
   // Data retention deletion events associated with the finding.
   repeated DataRetentionDeletionEvent data_retention_deletion_events = 64;
+
+  // AffectedResources associated with the finding.
+  AffectedResources affected_resources = 65;
+
+  // The AI model associated with the finding.
+  AiModel ai_model = 66;
+
+  // Contains details about a chokepoint, which is a resource or resource group
+  // where high-risk attack paths converge, based on [attack path simulations]
+  // (https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_path_simulations).
+  // This field cannot be updated. Its value is ignored in all update requests.
+  Chokepoint chokepoint = 69;
+
+  // VertexAi associated with the finding.
+  VertexAi vertex_ai = 72;
 }
@@ -34,6 +34,9 @@ message GroupMembership {
 
     // Group represents a toxic combination.
     GROUP_TYPE_TOXIC_COMBINATION = 1;
+
+    // Group represents a chokepoint.
+    GROUP_TYPE_CHOKEPOINT = 3;
   }
 
   // Type of group.
 
@@ -71,6 +71,7 @@ message Indicator {
       SIGNATURE_TYPE_FILE = 2;
     }
 
+    // The signature.
     oneof signature {
       // Signature indicating that a binary family was matched.
       MemoryHashSignature memory_hash_signature = 6;
Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,6 @@ option ruby_package = "Google::Cloud::SecurityCenter::V2";`
`27`	`27`	`// Contains information about the disk associated with the finding.`
`28`	`28`	`message Disk {`
`29`	`29`	`// The name of the disk, for example,`
`30`		- // `https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}`.
	`30`	`+ // "https://www.googleapis.com/compute/v1/projects/{project-id}/zones/{zone-id}/disks/{disk-id}".`
`31`	`31`	`string name = 1;`
`32`	`32`	`}`
Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,9 @@ message GroupMembership {`
`34`	`34`
`35`	`35`	`// Group represents a toxic combination.`
`36`	`36`	`GROUP_TYPE_TOXIC_COMBINATION = 1;`
	`37`	`+`
	`38`	`+ // Group represents a chokepoint.`
	`39`	`+ GROUP_TYPE_CHOKEPOINT = 3;`
`37`	`40`	`}`
`38`	`41`
`39`	`42`	`// Type of group.`
Original file line number	Diff line number	Diff line change
`@@ -71,6 +71,7 @@ message Indicator {`
`71`	`71`	`SIGNATURE_TYPE_FILE = 2;`
`72`	`72`	`}`
`73`	`73`
	`74`	`+ // The signature.`
`74`	`75`	`oneof signature {`
`75`	`76`	`// Signature indicating that a binary family was matched.`
`76`	`77`	`MemoryHashSignature memory_hash_signature = 6;`