SecurityX replaces CASP+ as CompTIA’s flagship advanced certification. Practitioners who master enterprise architecture, risk-driven decisions, and resilient operations drive this evolution. The rebrand to SecurityX signals a sharper focus on hands-on technical mastery for senior security architects and engineers.

The Rebrand Delivers a Targeted Refresh

CompTIA launched SecurityX with exam code CAS-005 on December 17, 2024. The certification now belongs to the CompTIA Xpert series. Existing CASP+ holders receive automatic badge and transcript updates to SecurityX with no loss of validity or CE credits.

The exam streamlines content while elevating relevance. SecurityX covers 23 objectives instead of the previous 28. This consolidation removes overlap and deepens coverage of cloud-native, hybrid, automation, and emerging threats. The four core domains remain, but weights and emphasis shift to match real-world enterprise demands.

Domain Weight Comparison:

• Governance, Risk, and Compliance: 20% (up from 15%)
• Security Architecture: 27% (down slightly from 29%)
• Security Engineering: 31% (up from combined Engineering & Cryptography at 26%)
• Security Operations: 22% (down from 30%)

SecurityX increases focus on governance and engineering while trimming broader operations coverage. This adjustment reflects how enterprises now embed risk decisions deeper into architecture and automation pipelines.

Key Technical Shifts That Matter in Practice

SecurityX sharpens technical depth where threats evolve fastest:

• Cloud and Hybrid Architectures: Candidates now design and secure CASB implementations (API- and proxy-based), detect shadow IT, apply shared responsibility models, and protect CI/CD pipelines, Infrastructure as Code (Terraform, Ansible), containers, orchestration, and serverless workloads. These elements move beyond theory into daily configuration and threat modeling decisions.
• Zero Trust and SASE: The exam elevates these frameworks from mentions to core architectural principles. Engineers must integrate them across on-premises, cloud, and hybrid boundaries.
• Automation and AI: SecurityX demands proficiency with scripting (PowerShell, Bash, Python), event-driven triggers, IaC, cloud APIs, generative AI for security tasks, containerization, automated patching, SOAR platforms, and workflow orchestration. These tools turn static defenses into adaptive systems that respond faster than attackers pivot.
• Post-Quantum Cryptography: The certification introduces awareness of quantum-resistant algorithms alongside traditional cryptography. This addition prepares architects for the cryptographic transition already underway in high-assurance environments.
• Compliance-as-Code and Threat Modeling: Engineers embed compliance checks directly into DevOps pipelines and apply structured threat modeling across the enterprise lifecycle.

These updates address gaps that older CASP+ content left open in modern hybrid enterprises. Performance-based questions test the ability to implement and troubleshoot these solutions under pressure.

Is CASP+ Dead?

No. CASP+ lives on through the rebrand and content refresh. Current certificate holders retain full value and automatically transition to the SecurityX credential. The CAS-004 exam retired in mid-2025, so new candidates pursue CAS-005 exclusively. The underlying body of knowledge evolves rather than disappears.

SecurityX maintains DoD 8140.03M approval and alignment with the same NICE work roles. Employers continue to recognize the credential’s rigor for senior technical positions.

Who Should Pursue SecurityX?

Target professionals possess roughly 10 years of hands-on IT experience, including at least 5 years in security roles. Strong foundations in Network+, Security+, CySA+, Cloud+, and PenTest+ prove essential. The certification suits security architects who design resilient systems and senior engineers who implement, automate, and operate them.

SecurityX emphasizes practical solution delivery within defined policies more than broad managerial oversight. This focus distinguishes it from credentials heavier on governance or policy.

Strategic Takeaway

SecurityX does not dilute the advanced nature of the original CASP+. It refines the certification to match the speed and complexity of today’s hybrid environments. Engineers who master its domains build systems that anticipate threats, automate defenses, and integrate governance without sacrificing velocity.

For a complete breakdown of CAS-005 objectives and preparation strategies, explore the Ultimate Guide to CompTIA SecurityX (CAS-005).