CySA+CompTIA CySA+
Threat detection and analytics for security analysts
Exam details independently verified January 2026
About this certification
CySA+ (Cybersecurity Analyst) is CompTIA's intermediate security certification focused on behavioral analytics, threat intelligence, and incident response. It bridges the gap between Security+ and the advanced CASP+ or CISSP.
MyCertPath verdict
The natural next step after Security+ for anyone aiming at a SOC analyst or blue-team role. CySA+ tests defensive security work — behavioral analytics, vulnerability management, incident response — and the performance-based questions actually simulate analyst tasks rather than rehearse terminology.
What it actually tests
Up to 85 questions in 165 minutes, including several PBQs that drop you into a simulated SOC view. The exam expects you to interpret log snippets, recognize attack patterns, and recommend response actions. Less terminology-heavy than Security+, more applied reasoning.
Common traps
Things candidates underestimate or get wrong on this exam.
- Treating it like Security+. CySA+ is applied — you read logs, not just recognize attack names.
- Skipping the threat-hunting domain. It's the area CompTIA refreshed most in CS0-003.
- Not practicing with simulated log or SIEM exercises before exam day.
What you'll validate
- ✓Threat intelligence
- ✓Vulnerability assessment
- ✓Security monitoring
- ✓Incident response
- ✓Compliance and assessment
Pros & Cons
Advantages
- +DoD 8570 approved
- +Fills the gap between Security+ and CISSP
- +Practical analytics and detection focus
Disadvantages
- −Less recognized than Security+ or CISSP
- −Narrow audience vs broader certs
Who it's for
Best for
- →SOC analysts advancing their credentials
- →Security+ holders targeting analyst roles
Not ideal for
- ×Penetration testers
- ×Security managers
Career paths this unlocks
Study Resources
Affiliate links — we may earn a commissionTop picks for CySA+
Register for the exam
Official vouchers — watch for bundle discounts and CompTIA CertMaster bundles
More places to study
Most popular cert prep courses, often on sale for $14.99
Highest-rated practice exams for AWS, Azure, and GCP
University-backed courses from Google, IBM, DeepLearning.AI
Practice tests and hands-on labs for 30+ cert tracks
Official study guides and exam prep books
Hands-on cloud sandboxes and cert prep subscriptions
1-month free trial — includes 21,000+ cert prep courses
MyCertPath earns a commission when you purchase through these links — at no extra cost to you. We only recommend resources we'd stand behind.
Jobs for CySA+ holders
CySA+ holders typically see a 5–15% salary increase.
LinkedIn Jobs
Updated daily
Indeed
Dice (tech roles)
Tech-focused job board
CyberSeek (cyber only)
NIST-backed supply/demand tool
Job links open external sites. Search results are live and not curated by MyCertPath.
Quick Facts
- Exam Cost
- $392
- Exam Duration
- 165 minutes
- Questions
- ~85
- Passing Score
- 750/900
- Exam Format
- Multiple Choice + Performance
- Study Time
- ~150 hours
- Validity
- 3 years
- Salary Impact
- Moderate (5–15% uplift typical)
- Last Verified
- January 2026
Prerequisites
- !Security+ recommended; 3–4 years of IT/security experience
Actyra Training
Custom eLearning built on the science of how people actually learn
Actyra designs and builds cert-prep training programs for enterprise teams — custom courseware grounded in cognitive science.
Talk to a training expert →