Home > Latest News > New AWS Certified Security - Specialty (SCS-C03) Exam Available Replacement of SCS-C02

ALL IT Certifications

New AWS Certified Security - Specialty (SCS-C03) Exam Available Replacement of SCS-C02

December 10,2025

AWS has officially released the AWS Certified Security – Specialty (SCS-C03) exam, marking the most substantial update to this certification in years. This upgrade reflects the fast-moving evolution of cloud security, the rise of generative AI, expanded machine learning attack surfaces, and the increasing importance of real-time detection and incident response strategies.

Candidates now have two options: take the existing SCS-C02 exam until December 1, 2025, or move directly to the newly updated SCS-C03, which is already open for registration.

Below is a complete breakdown of what’s changing, why AWS made these updates, and how the new SCS-C03 exam reshapes the skills cloud security professionals need.

New AWS Certified Security - Specialty (SCS-C03) Exam Available Replacement of SCS-C02

Why AWS Updated the Security Specialty Exam

Cloud security is shifting rapidly — thanks to generative AI, increasingly complex threat vectors, and growing regulatory pressures. AWS responded by:

Expanding coverage of emerging technologies

SCS-C03 includes new exam content focused on:

● Generative AI (GenAI) security

● Machine learning (ML) security

● LLM-specific risks and mitigations (e.g., OWASP Top 10 for LLM apps)

Restructuring domains for clearer security workflows

For the first time, the exam separates:

● Detection (Domain 1)

● Incident Response (Domain 2)

This makes the exam more aligned with modern SOC and SecOps job roles.

Adding deeper coverage of encryption, governance, and cross-service security architecture

Candidates must now demonstrate stronger understanding of multi-Region protections, secure protocols, inter-resource encryption, key management, and compliance-driven architecture design.

AWS Certified Security – Specialty (SCS-C03) Exam Overview

Category: Specialty

Duration: 170 minutes

Questions: 65 (multiple choice / multiple response)

Cost: USD $300

Testing Options:

● Pearson VUE testing centers

● Online proctored exam

Available Languages: English, Japanese, Korean, Portuguese (Brazil), Simplified Chinese, Spanish (Latin America)

Detailed Breakdown of SCS-C03 Exam Domains

AWS introduced six refined domains for SCS-C03. They not only redistribute weight but also bring clarity to specific skill requirements.

1. Detection (16%) – Monitoring, Signals, and Threat Identification

This domain tests your ability to:

● Detect malicious patterns in GuardDuty findings

● Build effective log pipelines with CloudTrail, CloudWatch Logs, and EventBridge

● Correlate signals to validate threats

● Identify anomalous IAM behavior

You must understand both detection fundamentals and advanced threat-analysis methods.

2. Incident Response (14%) – Containing and Remediating Cloud Security Events

AWS separated this from detection to emphasize hands-on response capabilities:

● Assessing scope and impact of an attack

● Prioritizing alerts using Security Hub

● Automating playbooks using Lambda or Step Functions

● Validating remediation steps and restoring secure operations

IR is now more practical and scenario-driven.

3. Infrastructure Security (18%) – Hardening AWS Workloads and Networks

This domain includes:

● Network segmentation and VPC-level protections

● WAF rule customization (including third-party rule ingestion)

● Hybrid infrastructure protections

● Edge security (CloudFront, Route 53, Shield)

● EKS, EMR, and container security configurations

4. Identity and Access Management (20%) – Modern Identity Controls and Access Governance

IAM increased from 16% → 20%, highlighting how identity is now the core of cloud security.

Topics include:

● IAM roles vs. resource policies

● IAM Identity Center

● SCPs and multi-account governance

● Permission boundaries

● Least-privilege design across microservices

5. Data Protection (18%) – Encryption, Masking, and Key Management

This domain covers:

● KMS multi-Region key strategy

● CloudWatch log data masking

● SNS message data protection

● Securing sensitive data in transit

Candidates must understand how to combine encryption with scalable data workflows.

6. Security Foundations & Governance (14%) – Risk, Compliance, and Organizational Controls

This includes:

● AWS Well-Architected Security Pillar

● Organizational guardrails (SCPs, Config rules, Security Hub standards)

● Compliance frameworks and mapping to AWS services

● Designing secure multi-account environments with AWS Organizations

SCS-C02 vs. SCS-C03: What Changed?

Here is the official comparison of domain weight changes:

SCS-C02 Domain	SCS-C03 Equivalent
Threat Detection & IR (14%)	Detection (16%)
Security Logging & Monitoring (18%)	Incident Response (14%)
Infrastructure Security (20%)	Infrastructure Security (18%)
IAM (16%)	IAM (20%)
Data Protection (18%)	Data Protection (18%)
Management & Governance (14%)	Security Foundations & Governance (14%)

What’s Newly Added in SCS-C03

● Integrations with third-party tools via OCSF format

● Advanced GenAI/LLM security patterns

● Inter-resource encryption (EKS, EMR, SageMaker)

● Deep KMS and private CA lifecycle management

● Sensitive-data masking in observability tools

● Validation of security service findings

● Integration with AWS edge services

AWS significantly modernized the exam to reflect how cloud security works in 2025.

Should You Take SCS-C02 or Upgrade to SCS-C03? A Practical Decision Guide

Choose SCS-C02 if:

● You already studied using older materials

● You want a more traditional exam format

● You prefer not to deal with GenAI/ML security topics

● You plan to take the exam before Dec 1, 2025

Choose SCS-C03 if:

● You want a future-proof, industry-aligned certification

● You work with AI, ML, or cloud-native architectures

● You want stronger hands-on security and detection content

● You aim for a SOC, IR, or cloud security engineering role

Both certifications are valid, but SCS-C03 clearly better matches today’s security environment.

Final Thoughts: The AWS Security Specialty Upgrade Reflects the Future of Cloud Defense

The release of AWS Certified Security – Specialty (SCS-C03) marks one of the most significant updates AWS has made to a specialty exam in years. With new domains, deeper coverage of identity and detection, and entirely new topics around generative AI security, this exam reflects the real skills modern cloud security professionals must master.

Whether you stick with SCS-C02 or switch to SCS-C03, now is a great time to validate your security expertise and level up your AWS career.

Related Suggestion: AWS Certified Security - Specialty (SCS-C02) Dumps September 02,2023; AWS Certified Machine Learning Engineer - Associate (MLA-C01) Dumps December 05,2024; AWS Certified AI Practitioner AIF-C01 Dumps September 02,2024; AWS Certified Machine Learning - Specialty (MLS-C01) Exam Dumps January 02,2024; AWS Certified DevOps Engineer – Professional DOP-C02 Dumps August 24,2023; AWS Certified Solutions Architect Professional (SAP-C02) Real Dumps June 20,2023; AWS Certified Database – Specialty (DBS-C01) Dumps May 19,2023; Tips To Pass AWS Certified Developer - Associate DVA-C02 exam April 29,2023; How To Pass AWS Certified Solutions Architect – Associate SAA-C03 Exam? April 08,2023; AWS Certified Cloud Practitioner (CLF-C02) Exam Dumps Replacement of CLF-C01 September 26,2023; AWS Certification Pathway 2023 For Your Career August 12,2023