🔍 Help Shape the Future of the SC‑200 Certification

Microsoft is updating the SC‑200: Microsoft Security Operations Analyst certification, and the blueprinting survey is a key part of this process. As MCTs, your insights directly influence how the updated exam reflects modern SOC workflows, tools, and responsibilities.

The exam blueprint defines how many questions will be allocated to each skill area within the SC‑200 certification. Input from trainers and subject matter experts ensures the exam remains accurate, relevant, and aligned with real‑world SOC tasks.

Microsoft is now collecting feedback through the SC‑200 Blueprinting Survey, open to all MCTs and qualified security practitioners—including external SMEs. This ensures broad representation from those who actively teach, deploy, and operate Microsoft security technologies.

By taking the survey, you help ensure that skills such as threat investigation, incident response, KQL-based hunting, Defender XDR capabilities, and Sentinel workflows are weighted according to their real operational impact. Your input helps prevent mis‑weighting or over‑emphasis on low‑value skills, a challenge noted in previous blueprint cycles.

Survey Link:
https://microsoftlearning.co1.qualtrics.com/jfe/form/SV_3eXv88iTMTckTVI

Deadline: January 6, 2026

If you have questions regarding the survey process, you may contact:

• John Sowles (josowles@microsoft.com)
• Don Tanedo (dtanedo@microsoft.com)

Your contribution ensures the SC‑200 certification continues to reflect the evolving responsibilities of today’s Security Operations Analysts.

Your expertise as an MCT plays a critical role in shaping the future of the SC‑200 certification. Completing the survey ensures the exam remains aligned with real-world SOC practices and the latest Microsoft Defender XDR and Sentinel capabilities. Broad participation strengthens the credibility and relevance of the certification for learners worldwide.