I took the CySA+ from CompTIA in Nov 2022. In my experience, the CompTIA CySA+ certification was a mixed bag. I studied for a bit, but much of the material felt like common sense rather than a deep dive into cybersecurity analysis. The exam touches on important topics like threat detection, vulnerability management, and security monitoring, but it didn’t feel as challenging or comprehensive as I had hoped. While it provides a broad overview of cybersecurity concepts, it seemed more focused on reinforcing general knowledge than truly testing advanced analytical or technical skills.
If you’re new to cybersecurity or looking for an entry point into the field, it might be worth considering. However, for those with prior experience or hands-on exposure to security operations, this certification might not feel like a significant accomplishment. While it’s a good way to demonstrate baseline competency, I’m iffy on recommending it unless you’re specifically pursuing a job or role where CySA+ is a required credential.
After completing the CySA+, I was eligible for the CSAP (CompTIA Secure Analytics Professional) stackable certification, which is essentially a badge for holding both the CySA+ and Security+ credentials. Honestly, it feels like a cash grab. The CSAP doesn’t require any additional work or demonstrate any new expertise—it’s just a title awarded for certifications you’ve already earned. It’s marketed as a way to showcase advanced skills, but in reality, it doesn’t hold much value in the professional world. Most employers probably don’t even recognize it, making it feel unnecessary and redundant.