CASP+ has a new name. CompTIA’s advanced cybersecurity certification is now SecurityX, with the current exam version CAS-005 launched on December 17, 2024.
That name change is the first thing the old article needs to fix. People still search for CASP+, and many resumes still use the older name, but the certification to talk about in 2026 is CompTIA SecurityX.
The purpose has not changed much. SecurityX is still built for experienced cybersecurity professionals who want to prove they can design, implement, and defend enterprise security systems. It is more technical than a management credential, and it is not meant for beginners.
What Is CompTIA SecurityX?
SecurityX is CompTIA’s expert-level cybersecurity certification for senior security engineers and security architects. CompTIA recommends at least 10 years of hands-on IT experience, including 5 years of hands-on security experience, plus knowledge comparable to Network+, Security+, CySA+, Cloud+, and PenTest+.
The current CAS-005 exam includes up to 90 questions, mixes multiple-choice and performance-based questions, gives candidates 165 minutes, and is scored pass/fail.
SecurityX V5 covers four domains:
| Domain | Weight |
|---|---|
| Governance, risk, and compliance | 20% |
| Security architecture | 27% |
| Security engineering | 31% |
| Security operations | 22% |
That domain mix tells you who the exam is really for. This is not a pure policy exam. It is not a pure SOC exam either. It sits in the space where architecture, engineering, risk, and operations meet.
Who Is SecurityX Best For?
SecurityX is best for cybersecurity professionals who still want to stay close to the technology while moving into senior responsibility.
It fits people in roles like:
| Role | Why SecurityX fits |
|---|---|
| Senior security engineer | The exam maps well to architecture, controls, operations, and engineering decisions. |
| Security architect | It tests design judgment across cloud, networks, identity, risk, and operations. |
| Cybersecurity consultant | It helps show broad senior-level knowledge without tying you to one vendor. |
| Technical security lead | It supports people who guide engineers but still understand the work. |
| Systems or network engineer moving into security architecture | It builds on infrastructure experience instead of replacing it with policy language. |
The certification is weaker for someone looking for their first security job. Security+, CySA+, Network+, hands-on labs, help desk experience, system administration, or SOC analyst work usually make more sense first.
SecurityX vs. CISSP
SecurityX and CISSP overlap, but they are not the same credential.
CISSP is often stronger for security management, governance, risk leadership, and roles where employers expect a widely recognized senior credential. SecurityX is more technical and is aimed at senior engineers and architects who still make implementation decisions.
A simple way to think about it:
| Choose SecurityX when... | Choose CISSP when... |
|---|---|
| You want a technical senior-security credential. | You want the more widely recognized senior security credential. |
| You work as an engineer, architect, or technical lead. | You work in management, governance, consulting, or risk. |
| You want performance-based exam elements. | You want a credential with broader HR and executive recognition. |
| You already followed the CompTIA path. | You need a credential commonly named in senior job postings. |
The case against SecurityX is recognition. CISSP is still the name more recruiters know. The case for SecurityX is fit. If your work is security architecture, cloud security, controls, engineering, incident response, and enterprise implementation, SecurityX may match the work more closely.
Why SecurityX Matters in 2026
Security teams are being asked to handle more than firewall rules and alerts. They are dealing with cloud platforms, identity systems, SaaS risk, CI/CD pipelines, container security, zero trust, third-party risk, incident response, and governance.
CompTIA’s current SecurityX objectives reflect that shift. The exam now names topics like Terraform, Ansible, Kubernetes, serverless workloads, CASB, SASE, SD-WAN, microsegmentation, threat modeling, MITRE ATT&CK, CAPEC, STRIDE, NIST, CSA, and ISO/IEC 27000.
That is the right direction. Senior security work is no longer one lane. The person designing a control has to understand how it affects operations, compliance, users, developers, and the business.
Career Outlook for SecurityX Candidates
SecurityX candidates typically sit inside the broader information security analyst, security engineer, and security architect job market. BLS reports a $124,910 median annual wage for information security analysts and projects 29% employment growth from 2024 to 2034. ONET lists information security engineers as a bright outlook occupation and reports a *2024 median wage of $108,970 for the broader “computer occupations, all other” wage group used for that role.
Cybersecurity demand is still strong. NIST reported CyberSeek data showing 514,359 cybersecurity job listings over a 12-month period in 2025, up nearly 57,000 listings from the prior period.
SecurityX will not replace experience. It works best as proof that your experience has reached a senior technical level.
How to Prepare for SecurityX
Do not approach SecurityX as a memorization exam. You need to understand why one architecture choice is better than another, how a control fails in production, and how a technical decision creates risk somewhere else.
Before training, make sure you can already reason through:
| Area | What to know |
|---|---|
| Enterprise architecture | Segmentation, identity, trust boundaries, secure design |
| Cloud security | AWS, Azure, Google Cloud, shared responsibility, IAM, logging |
| Security operations | Detection, response, recovery, vulnerability management |
| Risk and governance | NIST, ISO/IEC 27000, PCI DSS, policy, third-party risk |
| Engineering tools | CI/CD, containers, infrastructure as code, automation |
| Threat modeling | STRIDE, MITRE ATT&CK, CAPEC, attack paths |
TrainACE’s SecurityX training is a good fit for experienced professionals who want structure around the CAS-005 objectives and a clearer path from day-to-day experience to exam readiness.
The right candidate is not asking, “Can this get me into cybersecurity?” They are asking, “Can this prove I am ready for senior technical security work?”
Sources
CompTIA SecurityX certification
CompTIA CASP+ to SecurityX rebrand
BLS Information Security Analysts
O*NET Information Security Engineers
NIST CyberSeek 2025 update
Leave Your Comment Here