SecProve
ExpertVendor-neutralCompTIA· issued from US

CASP+

CompTIA Advanced Security Practitioner+

CompTIA's SecurityX (formerly CASP+, current exam code CAS-005) is one of the few vendor-neutral advanced certifications for technical security experts without management focus. It deliberately positions itself as a technical alternative to CISSP and is recognized by DoD and US government agencies as an 8570-compliant credential, which is a real advantage in government environments. In the private sector, market perception is mixed: CISSP clearly dominates job postings, but SecurityX provides a credible signal for technically deep skills. The pass/fail format without score disclosure is unusual and criticized by some as lacking transparency. Performance-based questions increase the practical rigor.

Official page at CompTIA↔ Compare with another cert
⚠ Lifecycle: in transition

A new version is in rollout — confirm which one is currently scheduled. End-of-life: 2025-12. CompTIA rebrands CASP+ as SecurityX (CAS-005) in late 2024; CAS-004 retires 2025-12. Confirm the active version when scheduling.

Exam fee
$494
Ongoing
$0/yr AMF · 17 CPE/yr
Study time
100–200 hrs
Delivery
Hybrid
Validity
3 yrs (renewal cycle)

› Quality score

29.5 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
Advanced Security Practitioner ECO — performance-tier CompTIA cert.
7.5/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
Includes performance-based items grounded in scenarios.
6.0/10
Currency & upkeep
How aggressively content is kept current with the field.
Refreshed in 2023 (CAS-005) with cloud / zero-trust additions.
7.5/10
Market recognition
How often this signal actually moves a hiring decision.
DoD 8140 IAT-III baseline; recognized practitioner credential. [Holders: 15k, 2024-12] [DoD 8140 listed]
8.5/10

› Market signals

public, citable inputs to the recognition score
Holders worldwide
15,000
as of 2024-12 · source
DoD 8140 baseline
Listed
IAT-III, IAM-II, IASAE-I, IASAE-II

› Exam format

Max. 90 questions (multiple-choice + performance-based), 165 minutes, proctored via Pearson VUE. Passing threshold: Pass/Fail.

Passing score
Pass/Fail (no scaled score published; CompTIA's only ungraded exam)
Retake policy
Fee: $509 per attempt
Wait: 14d between attempts

First retake immediate; 14-day wait before each subsequent attempt.

› Recertification

Valid for 3 years. Renewal through 75 CEUs or re-exam. Automatically renews all lower-level certs (Security+, CySA+, PenTest+).

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

OG-WRL-014OG-WRL-012DD-WRL-001DD-WRL-002DD-WRL-004DD-WRL-005DD-WRL-006DD-WRL-008IN-WRL-001IN-WRL-002
Recognition
Global
Exam languages
en

› Core domains covered

The 3 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A25Security Architecture & Engineering

Reference architectures, control frameworks (NIST SP 800-53, CIS Controls), secure-by-design patterns, threat modeling, trust-boundary design, technology standards.

A4Application Security

OWASP Top 10, secure SDLC, SAST/DAST/IAST, API security, code review, DevSecOps.

A5Cloud Security

AWS/Azure/GCP security controls, IAM policies, CSPM, container security, shared responsibility model.

› Prerequisites

Experience

No formal prerequisites. Recommended: 10 years IT experience, including 5 years hands-on security.

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (2)
Security+CompTIACySA+CompTIA
CASP+
CompTIA
Required by (0)

No certs require this one.

Recommended next (0)

No follow-on certs reference this one yet.

› Study materials

Curated starting points. Not exhaustive — vet each against your learning style and the current exam version.

Official guides
  • CompTIA CASP+ Study Guide (CAS-004) by Nadean TannerSybex
  • CompTIA Advanced Security Practitioner (CASP+) Cert GuidePearson IT Certification
Practice tests
  • Boson ExSim-Max for CASP+ CAS-004
Free / community

› Version & lifecycle

Current version
CAS-004 (rebranding to SecurityX CAS-005)
Released
2021-10
Prior-version EOL
2025-12

CompTIA rebrands CASP+ as SecurityX (CAS-005) in late 2024; CAS-004 retires 2025-12. Confirm the active version when scheduling.

› Salary signal

Senior security engineer / DoD security professional, US, 5+ years. Concentrated in defense / federal contractor roles.

$115K$160K
median $130K

Robert Half Salary Guide + DoD 8140 listing data · 2024 · US base only · p25–p75 range

› How it compares

vs
CISSP

CISSP carries broader hiring-manager recognition outside DoD; CASP+ has no AMF and is hands-on-flavored.

↔ Compare side-by-side

› Careers that commonly pursue this cert

Security Engineer

Design, build, and maintain security infrastructure. The architects of an organization's defensive posture.

Vulnerability Management Lead

Owns the end-to-end find → prioritize → fix → verify loop at scale, now increasingly AI-driven.

Threat Exposure Management / Attack Surface Analyst

External-first role: inventories what an attacker can see, tracks what's new, and drives closure through the org. The outside-in counterpart to vuln management.

› Common exam traps to study

Cybersecurity cert exams reuse the same 25 distractor patterns over and over — category confusion, RTO vs RPO, IDS vs IPS, MD5 vs SHA-256, and more. Once you can name the trap, you stop falling for it. Each archetype page covers what it is, the specific pairs candidates confuse, and how to avoid it.

Browse all 25 cert-exam trapsStart with: BEST vs correct

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications