New exam reflects the shift to AI-driven cyber defense in increasingly complex environments
DOWNERS GROVE, Ill. – CompTIA has released an updated version of its CySA+ certification exam, aligning the credential with how cybersecurity teams must operate today to detect and respond to increasingly sophisticated threats.
The refreshed CompTIA CySA+ V4 emphasizes critical, real-world tasks performed in security operations center (SOC) environments. The exam reflects the evolving demands on cybersecurity analysts as organizations adopt more advanced, intelligence-driven approaches to cyber defense. Available worldwide, the exam comes from the leading provider of vendor-neutral technology certifications and training.
“As cyber threats grow more complex, organizations can’t rely on monitoring alone,” said Katie Hoenicke, chief product officer for CompTIA. “There’s a growing need for professionals who can quickly interpret signals, act on threats and mitigate risk in real time while leaning into AI tools to expedite detection and mitigation. CySA+ validates the hands-on capabilities analysts need in modern security operations.”
The exam prioritizes applied, scenario-based skills spanning the full security operations lifecycle—from threat hunting and vulnerability management to incident response and stakeholder communication.
“As cybersecurity operations become more automated and AI-driven, certifications must keep pace,” said Carl Bowman, senior vice president for exam services at CompTIA. “The new exam emphasizes real-world SOC tasks and expands coverage of AI, so CySA+ certified analysts are equipped with the practical skills they need to operate effectively in today’s more complex security environments.”
The updated CompTIA CySA+ exam expands coverage across key areas shaping modern security operations, including:
- AI in security operations: Practical applications such as log analysis and automation, alongside emerging risks like hallucinations and data exposure.
- Modern infrastructure and identity security: Zero Trust and identity-focused approaches for hybrid and critical environments.
- Advanced vulnerability prioritization: Tools and methods, including EPSS, to better focus remediation in complex environments.
- Automation and SOC efficiency: Technologies and workflows that reflect the shift toward more automated, scalable security operations.
- Expanded threat detection: Increased focus on identity-based attacks, cloud activity and social engineering.
- Reporting and metrics: Connecting technical findings to business impact through clear reporting and KPIs.
New learning products for CompTIA CySA+ exam are available, including CertMaster Learn, CertMaster Labs and CertMaster Perform. Content in these resources reflects new exam objectives around the use of AI and tools in a cybersecurity analyst role. Learn more about CompTIA CySA+ at https://www.comptia.org/en-us/certifications/cybersecurity-analyst/v4/.
About CompTIA
CompTIA, Inc. is the leading global provider of vendor-neutral training and certification products in the information technology (IT) space. Over four million CompTIA certifications have been awarded to current and aspiring technology workers, business professionals, government and military personnel, career changers, students and others. Working in partnership with thousands of academic institutions, governments, training providers and workforce development organizations, CompTIA uses best-in-class learning solutions, industry-recognized certifications and career resources to help job seekers reach their full potential and employers develop skilled technical talent. Learn more at https://www.comptia.org/.