Cloud Security Command Center - June 25th, 2024 [Announcement, Change, Feature]

## Announcement **Introducing the Security Command Center Risk Engine** Security Command Center introduces _Risk Engine_ as the name of the functionality that provides attack path simulations, attack exposure scores, attack path visualizations, and toxic combination findings. For more information, see [Assess risk with Risk Engine](https://cloud.google.com/security-command-center/docs/concepts-security-sources#risk-engine). ## Feature **Toxic combination findings release to Preview** In the Enterprise tier of Security Command Center, the Risk Engine generates a finding when it detects a toxic combination during attack path simulations. A toxic combination is a group of security issues that, when they occur together in a particular pattern, create a path to one or more of your high-value resources. The toxic combinations features introduces a new finding class, `Toxic combination`, and adds new fields in the `Finding` object to hold information about toxic combinations. For more information, see [Overview of toxic combinations](https://cloud.google.com/security-command-center/docs/toxic-combinations-overview). **UPDATE**: The Preview release of the toxic combination feature is being rolled out to customers in stages. You might not receive toxic combination findings or see the new features in the Security Operations console for up to two weeks. ## Change The release note for the toxic combination feature published on June 25, 2024 was updated to explain the staged release of the feature. ## Change **Install new version of the Security Command Center Enterprise use case** The installation and configuration of a new version of the `SCC Enterprise - Cloud Orchestration & Remediation` use case in the Security Operations console is required for the toxic combination functionality of Security Command Center Enterprise. The new use case, identified by date, June 25, 2024, introduces new widgets, new playbooks, and other enhancements to support the management of toxic combination findings and cases in the Security Operations console. For installation instructions, see [Update Enterprise use case, June 2024](https://cloud.google.com/security-command-center/docs/enterprise-security-operations-software-update).