Microsoft is retiring the AZ-500 exam and the Azure Security Engineer Associate certification on August 31, 2026 — including the renewal assessment. Its replacement is SC-500: Implementing End-to-End Security Controls for Cloud and AI Workloads, which leads to a new credential: Microsoft Certified: Cloud and AI Security Engineer Associate. The exam runs 120 minutes, requires 700/1000 to pass, and spreads its weight across four domains — with an AI security skill set that never existed on AZ-500.
The beta opened May 15, 2026, and GA is expected in July 2026. This guide covers what the SC-500 certification actually tests (from the official study guide), what the AZ-500 retirement means if you hold the old credential, and where to focus your prep.
What Is the SC-500 Certification?
SC-500 is Microsoft's intermediate-level exam for security engineers who implement end-to-end security controls across Azure, hybrid, and AI-enabled environments. Passing it earns the Cloud and AI Security Engineer Associate certification — a new credential, not a rename of Azure Security Engineer Associate.
The audience profile in the study guide describes a role spanning identity, network, application, data, and compute security, with a line that would have been unthinkable on AZ-500: you "help ensure that platforms, data, identities, and infrastructure used by AI workloads are securely implemented and monitored." Microsoft expects practical Azure administration experience, strong familiarity with Microsoft Entra ID, and — new for this exam — familiarity with Microsoft 365 administration, because several AI security tasks live in Purview and the M365 admin center rather than the Azure portal.
This is the same pattern Microsoft ran with its AI certifications this year: retire the old exam, launch a successor with AI workloads folded into the core role. If you watched AI-102 give way to AI-103 in June, SC-500 is the security-engineer version of the same move.
AZ-500 Retires on August 31, 2026
The official AZ-500 certification page now carries a retirement warning: the certification, the exam, and the renewal assessments all retire on August 31, 2026, and you can't earn or renew the credential after that date. What that means depends on where you stand:
- If you hold Azure Security Engineer Associate: you have one last free renewal window. Renew before August 31 and the credential stays active for another 12 months; after that there is no renewal path and it lapses at its printed expiration date. If your renewal lands after August, your realistic option is taking SC-500.
- If you were mid-study for AZ-500: you can still sit it until the retirement date, but think hard about whether a credential with a maximum ~12-month remaining lifespan is worth the same effort as one that's current. Most of your prep transfers — the identity, networking, and Defender for Cloud material carries over almost directly.
- If you're starting fresh: take SC-500. The SERP is still full of AZ-500 study material, but you'd be studying for a certificate that dies within weeks of you earning it.
SC-500 Exam Details
| Detail | SC-500 |
|---|---|
| Full name | Implementing End-to-End Security Controls for Cloud and AI Workloads |
| Certification earned | Microsoft Certified: Cloud and AI Security Engineer Associate |
| Level | Intermediate (Associate) |
| Duration | 120 minutes |
| Passing score | 700 / 1000 |
| Cost | Standard associate pricing — $165 USD in the US, varies by country |
| Languages | English (at launch) |
| Beta opened | May 15, 2026 |
| General availability | Expected July 2026 |
| Delivery | Proctored via Pearson VUE, may include interactive components |
Two beta-period caveats. First, beta attempts aren't scored on the spot — Microsoft holds results while it evaluates question quality, so expect your score after the exam reaches GA. Second, the official Practice Assessment doesn't exist yet; Microsoft says these usually appear within eight weeks of an exam leaving beta. The early-bird 80% beta discount (code VistaSC500, first 300 seats) expired June 8, 2026.
SC-500 vs AZ-500: What Actually Changed
The short version: SC-500 keeps the core Azure security engineering job — identity, Key Vault, network security, Defender for Cloud, Sentinel — and bolts on an AI security layer plus longer exam time. Here's the side-by-side:
| AZ-500 (retiring) | SC-500 (new) | |
|---|---|---|
| Credential | Azure Security Engineer Associate | Cloud and AI Security Engineer Associate |
| Duration | 100 minutes | 120 minutes |
| Passing score | 700 / 1000 | 700 / 1000 |
| Domains | 4 (identity, networking, compute/storage/DB, Defender + Sentinel) | 4 (identity/governance, storage/DB/networking, compute, posture management) |
| AI security content | None | Entra Agent ID, Foundry guardrails, Purview DSPM, Defender for AI, Security Copilot |
| M365 knowledge expected | No | Yes — Purview, Copilot risk, M365 admin center |
| Languages | 10 | English only at launch |
Beyond the AI additions, a few quieter changes matter for prep. Governance gets more explicit — the study guide names Azure Policy custom definitions, overprivileged-access remediation with RBAC, and securing infrastructure as code as assessed skills. Network security adds Microsoft Entra Private Access and Azure Virtual WAN, reflecting Microsoft's Security Service Edge push. And posture management now includes Defender EASM and connecting AWS and GCP environments to Defender for Cloud — Microsoft assumes your estate is multicloud, the same assumption AWS makes in its Security Specialty exam.
SC-500 Exam Domains
The official study guide (skills as of April 2026) defines four domains with unusually even weighting — there's no single domain you can afford to skip:
Manage identity, access, and governance (20–25%)
Entra ID identity security (PIM, conditional access, MFA and passwordless, managed identities, OAuth consent), Azure Key Vault end to end, and governance: Azure Policy, regulatory compliance in Defender for Cloud, resource locks, custom roles, and security controls delivered through infrastructure as code.
Secure storage, databases, and networking (25–30%)
The largest domain. Storage account security and Defender for Storage, Azure SQL platform security and auditing, then the full network stack: NSGs and ASGs, Azure Virtual Network Manager, Virtual WAN, VPN security, Entra Private Access, private endpoints and Private Link, Azure Firewall, and diagnosing effective rules with Network Watcher.
Secure compute (20–25%)
This is where the AI security content lives, alongside the traditional material: disk encryption, Bastion, just-in-time VM access, Azure Arc for hybrid servers, Defender for Servers, and platform services (AKS, Container Registry, Container Apps, Functions, App Service, Web Application Firewall, API Management).
Manage and monitor security posture (20–25%)
Defender CSPM, workload protection plans, multicloud connectors for AWS/GCP, Defender EASM, the full Microsoft Sentinel data-engineering stack (workspaces, content hub, connectors, syslog/CEF, data collection rules, custom tables, automation rules, retention), and configuring Microsoft Security Copilot — workspaces, permissions, plugins, and agents.
The AI Security Topics Are the Real Study Gap
If you've done Azure security work, roughly three-quarters of SC-500 will look familiar. The part that won't is the "Implement security for AI" section inside the compute domain, and it's the part I'd weight hardest in prep because almost no existing study material covers it:
- Microsoft Entra Agent ID — conditional access for agent identities, managing agent access, and analyzing an agent's blast radius in Defender XDR. Agent identity is brand new; in the Azure tenants I work in, non-human identities already outnumber humans, and Copilot Studio agents are pushing that ratio further every quarter. Microsoft putting "blast radius for Agent ID" on an associate exam tells you where they think incidents are heading.
- Microsoft Purview DSPM — identifying overexposed SharePoint data and risks from Copilot and AI apps. This is the M365-side content the audience profile warns about.
- Microsoft Foundry security — configuring guardrails for agents and deploying AI Gateway in Azure API Management in front of Foundry. If Foundry is new to you, the AI-103 guide covers the platform this tooling protects.
- Defender for AI Services and the Data and AI security dashboard in Defender for Cloud — the monitoring half of AI security.
Prompt injection and data leakage through AI assistants moved from conference-talk material to mainstream cloud threat in about eighteen months, and this exam is Microsoft codifying the defensive side of that shift.
How to Prepare for SC-500
Work from primary sources — the exam is too new for anything else to be trustworthy:
- Start from the official study guide and turn each bullet into a hands-on task. The skill statements are specific enough to be a lab checklist ("configure firewall settings on Key Vault", "enable JIT VM access").
- Lean on AZ-500 material for the carry-over topics — identity, Key Vault, network security, Defender for Cloud, and Sentinel content is still accurate even though the exam it targeted is dying.
- Build the AI security knowledge from Microsoft Learn documentation directly — Entra Agent ID, Purview DSPM, Foundry agent guardrails, and Security Copilot docs. There is no third-party course that covers these well yet.
- Skip anything claiming "real SC-500 exam questions." The exam has existed for under two months; question dumps for it are fabricated, and using dumps violates the exam agreement anyway.
- Get hands-on before you book. Every domain assumes you've actually configured these controls, and the exam may include interactive components. If you don't have a tenant to break things in, CloudaQube's hands-on security labs cover IAM design, encryption, network security, and DevSecOps patterns in real cloud environments.
You need practical Azure administration first — if you're not already comfortable at that level, the AZ-104 guide is the sensible prior step.
My recommendation: don't wait for the practice assessment. The window where a new exam is easy to stand out with — few certified holders, hiring managers still learning the acronym — is exactly the window before the prep ecosystem matures. Book it for late summer, prep against the study guide, and be holding the credential while most security engineers are still renewing a certificate that expires underneath them.