CompTIA SecurityX

SecurityX (CASP+) certification: Overview and career path [2025 update]

The SecurityX certification is a vendor-neutral credential. It used to be called the CompTIA CASP+ certification, and the qualifying exam was CAS-004. Now, the exam is CAS-005, and the certification is called SecurityX.

The SecurityX certification is an internationally recognized validation of the advanced-level technical skills and knowledge required to conceptualize, engineer, integrate and implement secure solutions across complex environments to support a resilient enterprise while considering the impact of governance, risk and compliance requirements.

The SecurityX exam domains relate to current job requirements for IT professionals asked to design, assess, mitigate and operate a secure enterprise network or lead the technical teams responsible for these tasks.

[Note: For more details about the shift from CASP+ to SecurityX, check out our webinar CompTIA SecurityX is here (CASP+ is no more): What you need to know.]

Earn your SecurityX (formerly CASP+), guaranteed!

Enroll in a CompTIA SecurityX boot camp and earn one of the industry’s most respected certifications — guaranteed.

Get Pricing

What you need to know about SecurityX

CompTIA SecurityX is accredited by the American National Standards Institute (ANSI) to show compliance with the ISO 17024 standard. ANSI is a non-profit organization that oversees the development of voluntary consensus standards for products. It ensures that the certification undergoes regular reviews and updates to address the latest technologies and meet the industry's needs.

The certification also adheres to certain requirements about the Payment Card Industry — Data Security Standard (PCI-DSS) and NIST 800-53 Risk Management Framework (RMF), which require IT pros to identify and mitigate enterprise risk. In addition, the credential is a DoD-approved 8570 baseline certification for IAT Level III, IAM Level II, IASAE I and II.

The latest version of SecurityX (CAS-005), released on December 17, 2024, covers four topics: Security Operations; Security Architecture; Security Engineering; and Governance, Risk and Compliance. The exam costs $509 and challenges candidates with a maximum of 90 multiple-choice and performance-based questions. It is pass/fail only and has no scaled score.

Who should earn the SecurityX?

As the nature of cyber threats broadens, the number of security threats to organizations grows globally. Companies know that security cannot be an afterthought nor something to be addressed after an attack has already wiped out the business: It must be developed at the foundational level to ensure the organization's electronic health and safety. This has created a need for security professionals globally.

The SecurityX is intended for those who wish to remain immersed in hands-on enterprise security, incident response and architecture, for example, as opposed to managing cybersecurity policy and frameworks." Candidates will mostly be individuals attempting to attain a position in the IT security field to address and implement the numerous security challenges facing organizations. In particular, it is a great option for security architects and senior security engineers tasked with improving an enterprise's cybersecurity readiness.

What experience do you need?

CompTIA recommends that candidates have a minimum of 10 years of general hands-on IT experience, with at least five years of broad hands-on security experience, before facing the SecurityX exam.

However, these are just recommendations. There are no experience requirements for the exam.

How does SecurityX compare to other security certs?

SecurityX is a vendor-neutral certification and is not specific to any technology. It is comparable in terms of difficulty and qualification requirements to other sought-after and high-level cybersecurity credentials. The overall choice of certification to pursue depends on the candidate's preference and the market's ability to accommodate holders of a specific certification. Make sure you have an idea of where you'd like your career to be in the years to come before embarking on a high-level certification study.

Next, we will list two alternative options.

ISACA's Certified Information Security Manager (CISM)

The CISM certification requires a minimum of five years of professional information security management work experience. It is an advanced-level certification that demonstrates expertise in information security governance, program development and management, incident management and risk management. It is for professionals with IT management experience and information security roles and responsibilities. The exam consists of 150 multiple-choice questions.

As one of the most popular and most pursued cybersecurity certifications globally, it's one of the best credentials any working professional could earn in a management position.

ISC2's Certified Information Systems Security Professional (CISSP)

The CISSP certification requires a minimum of five years of professional work experience across a wide array of security practices and principles. It is for professionals with proven deep technical and managerial competence, skills, experience and credibility to design, engineer, implement and manage an organization's overall security posture. The exam consists of multiple choice and what the organization calls "advanced innovative" questions on security and risk management, asset security, security architecture and engineering, communication and network security, identity and access management (IAM), security assessment and testing, security operations and software development security.

As one of the most esteemed cybersecurity certifications globally, it recognizes information security leaders who understand cybersecurity strategy and hands-on implementation. The CISSP certification is a great way to demonstrate your knowledge at an elite level. It shows the ability to design, engineer, implement, manage and run an information security program within an organization. CISSP was the first information security credential to meet the strict conditions of ISO/IEC Standard 17024.

Get your guide to the top-paying certifications

With more than 448,000 U.S. cybersecurity job openings annually, get answers to all your cybersecurity salary questions with our free ebook!

Get Your Copy

Is SecurityX worth the investment?

SecurityX requires a strong commitment by a candidate in terms of preparation, time, and effort, given the diverse technologies that candidates must master. There are, however, significant benefits to acquiring this certification. It is a way to set yourself apart from other candidates or to better position yourself for internal promotion and career advancement. It also offers a positive outlook for job prospects in terms of salary.

The following cybersecurity roles would greatly benefit from the expertise of the SecurityX credential:

Security operations center (SOC) manager

Security analyst

IT cybersecurity specialist/Infosec specialist

Cyber risk analyst

Security architect

Technical lead analyst

Senior security engineer

Applications Security Engineer

Chief Information Security Officer (CISO)

You'll find the following companies among those who often look for SecurityX-accredited professionals:

Booz Allen Hamilton

Network Solutions

U.S. Department of Defense

U.S. Military

Lockheed Martin Corp

What is the best way to train for SecurityX?

Prospective SecurityX holders can prepare for the certification in a couple of ways, depending on their preferences and level of understanding. Below is a brief overview of some preferences, so candidates can pick their best suit according to how much they already know, the time at their disposal and their learning style.

In-person boot camp or live online

The good thing about in-person boot camps is that they are well-structured, with skilled instructors leading sessions. This setup allows candidates to be accountable for their study progress while at the same time building their motivation to remain focused on mastering the four domain areas and the objectives of the study.

Candidates who prefer classroom-based study in the comfort of their home or workspace might be best served by this study mode. It's the same format as most in-person boot camps, but you connect with the instructor and your peers over software like Zoom. This study mode has various advantages. The candidate can, for example, interact in real-time with the instructor, ask questions whenever necessary, save on travel expenses by being able to study online, and, in some cases, gain access to video recordings, depending on the terms agreed upon with the facilitator of the training.

Infosec partners with CompTIA to offer a 5-day SecurityX Boot Camp available both in-person or live online.

Self-paced boot camps

Not everyone can get away for live instruction. If you need more flexible training options, many boot camps are available as a self-paced option where you can train over several months as your schedule permits, while still getting asynchronous instructor support.

This is a great option for many busy cybersecurity professionals, especially if you're not able to take the time away from your job to focus fully on the live boot camp.

Self-study

The self-study mode of training requires discipline to cover the content in the required time. The CompTIA SecurityX CAS-005 Certification Study Guide helps readers to understand what they need to learn for the exam. The text is a great place to start, regardless of your training plan. By combining that outline with other free and paid SecurityX resources, you can build out your own self-guided study program.

What knowledge and skills does a CompTIA SecurityX employee certification validate?

The SecurityX exam includes the following key areas of cybersecurity know-how:

Architect, engineer, integrate and implement secure solutions to support a resilient enterprise

Use monitoring, detection, incident response, and automation to configure and implement endpoint security controls, as well as proactively support ongoing security operations in an enterprise environment

Apply security practices to computer and mobile peripheral devices, to on-premises and cloud infrastructures, as well as to virtualization environments, while considering cryptographic technologies and techniques for an enterprise

Consider the impact of governance, risk and compliance requirements throughout the enterprise to determine the proper infrastructure security design

How does the CompTIA SecurityX employee certification benefit my business?

Finding staff with the right level of know-how and practical experience is a challenge. With so few qualified cybersecurity professionals entering the job market and a skill gap proving difficult to close, those who can prove they have the right skills, especially for advanced-level positions, are quickly being hired. The SecurityX certification can help employers who need to:

Meet internal skills gaps: SecurityX was designed to ensure that employees, including those not at the managerial level, can be trained to a high competence level in practical cybersecurity skills.

Test practical skills: The SecurityX exam uses simulations to test skills in cybersecurity systems and programs on a network and various systems

Ensure a level of mastery: SecurityX confers advanced skills needed to lead, design and implement technical solutions

Earn your SecurityX (formerly CASP+), guaranteed!

Enroll in a CompTIA SecurityX boot camp and earn one of the industry’s most respected certifications — guaranteed.

Get Pricing

Is the SecurityX certification for you?

In an evolving field like cybersecurity, it's no surprise that demand for this certification has increased. The SecurityX certification equips candidates with the necessary skills to fit into the ever-growing computer security industry. Professionals awarded the certification can showcase their hands-on ability to work with the latest technologies within an organization's security environment.

Because of this, globally recognized corporations and security firms are much more likely to hire professionals with this difficult but highly sought-after certification. Start preparing today to earn the cert and advance your cybersecurity career!

Posted: May 11, 2025

Lester Obbayi

View Profile

Lester Obbayi is a Cyber Security Consultant with one of the largest Cyber Security Companies in East and Central Africa. He has a deep interest in Cyber Security and spends most of his free time doing freelance Penetration Tests and Vulnerability Assessments for numerous organizations.