Maintaining your CompTIA SecurityX (CASP+) certification: Renewal requirements and CEUs

Maintaining your CompTIA SecurityX (CASP+) certification: Renewal requirements and CEUs 

As of 2024, the CompTIA CASP+ exam is renamed “SecurityX.” The new SecurityX certification page from CompTIA outlines more details about the changes, along with the latest exam version, CAS-005. The new exam name emphasizes the advanced level of the test, aligning with the “Xpert” level certifications in the CompTIA portfolio.  

To review these changes in detail, watch the free SecurityX is here (CASP+ is no more) webinar. 

Luckily, existing CASP+ holders will not experience any disruption of their certification status or continuing education (CE) program, and active holders will receive the rebranded SecurityX badge and certificate. If you’re potentially exploring other cybersecurity certifications, check out the cybersecurity certifications and skills roadmap from Infosec to compare different cloud, management and technical certifications to determine what’s best for your unique career path. 

What are the SecurityX exam changes? 

This unique exam is the only hands-on performance-based certification for advanced practitioners (not managers) that covers both security architecture and engineering. As of June 17, 2025, the CAS-004 will no longer be an option, and the CAS-005 exam will fully replace it. This includes an updated exam outline, domains and job roles. 

According to CompTIA, the Security X exam will continue to: 

• Validate job tasks performed by a security professional with 10 years of IT experience and five years of security experience 

• Be designed around the tasks performed by senior security engineer and security architect roles 

• Be a natural progression from the job roles aligned to Security+ 

To stay current with the certification, professionals need to earn Continuing Education Unit (CEU) credits by completing CompTIA’s Continuing Education (CE) activities. For the SecurityX certification, you need to earn 75 CEUs within a three-year period to maintain your active status. 

How can I earn SecurityX CEUs? 

To earn SecurityX (CASP+) CEUs, professionals can participate in live webinars, conferences, training courses and American Council on Education (ACE) courses. In addition, you can teach or mentor, create instructional materials, publish a book, post blog entries, create a whitepaper or other industry-relevant article, gain related work experience, or earn either CompTIA certification or non-CompTIA certification. 

To qualify, these activities must: 

• Be within the three-year renewal period 

• Relate 50%+ to one or more exam domains/objectives for your SecurityX certification renewal 

• Have thorough documentation (upload this documentation through the SecurityX certification portal) 

CompTIA also offers a free CEU Assessment Tool to verify these activities. 

What are the ways I can earn SecurityX CEUs? 

Maintaining your SecurityX certification is incredibly important, especially considering the SecurityX certification salary. All activities carry different weights, as documented below, and all activities require proof of attendance. Typically, you must submit the name, education content details, dates, relevant URLs, attendance emails or other supporting documentation. 

Teach or mentor 

This activity earns a maximum of 40 CEUs within a three-year CE cycle, earning one (1) CEU for each hour of mentoring or teaching. Submit required documentation to CompTIA. 

Mentoring: 

1. The SecurityX exam objectives you covered 

2. A description of the contents you covered 

3. Dates and time period of mentoring 

4. For your mentoring validity, provide a signed document from the mentee (the candidate being mentored) 

Teaching: 

1. Syllabus or lesson plan with your name 

2. A description of the contents you covered 

3. The dates when you taught the course 

Create instructional material 

Earn a maximum of 40 CEUs for your SecurityX certification within a three-year CE cycle by writing material, earning 2 CEUs for each hour of material creation. 

IT industry participation 

Earn 1 CEU for each hour of participation as a Subject Matter Expert (SME) in a CompTIA Exam Development Workshop for a maximum of 75 SecurityX CEUs within the three-year CE cycle. Submit a signed letter from a CompTIA workshop coordinator to confirm participation. 

Publishing a relevant industry whitepaper or article 

Earn a maximum of 20 SecurityX CEUs, obtaining 4 CEUs for each whitepaper or article of at least four pages in length. 

Publish a blog: 

Earn 1 CEU for each blog post of at least 500 words and a maximum of 20 SecurityX CEUs with a three-year CE lifecycle. Submit a copy of the published work or URL with your name, publication date, and a description of the content. 

Attend a live webinar: 

Earn 1 CEU for each hour you attend and a maximum of 20 SecurityX CEUs, submitting the following when complete: 

• A detailed outline of webinar contents 

• Registration or certification email with your name, the webinar name, webinar date and participated hours 

Attend a conference: 

Earn 1 CEU for each hour you attend and a maximum of 20 SecurityX CEUs within a three-year CE lifecycle by attending a conference with SecurityX-specific information and submitting the following for approval: 

• Detailed outline of session content 

• Registration or certificate email with your name, conference name, dates and participated hours 

Complete a training course: 

Earn 1 CEU for each hour of training and a maximum of 75 SecurityX CEUs within a three-year CE lifecycle. 

Complete a college course: 

Obtain 10 CEUs for each 3- to 4-credit-hour class and a maximum of 60 SecurityX CEUs within a three-year CE lifecycle. 

Complete an American Council on Education (ACE) accredited course: 

Obtain 10 CEUs for each 3- to 4-credit-hour class and a maximum of 60 SecurityX CEUs within a three-year CE lifecycle. 

Work experience: 

Obtain three SecurityX CEUs per year during your renewal cycle for work experience, earning a maximum of nine SecurityX CEUs within a three-year CE lifecycle. 

How do I calculate SecurityX CEU credits? 

There are no hard and fast rules for calculating CEUs as different activities carry different unit weights. Any combination of activities can count toward the 75 CEUs, as long as you do not submit more than the maximum number of CEUs for any given activity with a three-year CE lifecycle. A sample structure is below: 

How do I submit my completed activities? 

Submit your completed activities manually or automatically by either logging into your certification account or having CompTIA automatically renew your certification when you complete one of the following activities: 

• Obtain a higher-level CompTIA certification 

• Pass the most current or latest release of your CompTIA certification (such as the SecurityX CAS-005 exam) 

• Pass the CompTIA’s recertification exam 

Have there been any SecurityX CEU policy changes recently? 

There have been no changes to CEU policy specifically, and existing ones are documented below: 

• Earn 75 SecurityX CEUs for a three-year CE cycle 

• All CEU documentation that you submit is retained for four years 

• All CEU submissions can be audited at any time, even after the CE cycle 

However, remember that the new SecurityX exam will revise domain weights to reflect changing cybersecurity policies and threat landscapes. For example, there is a heavier emphasis on governance, risk and compliance than in the CAS-004 exam. In another example, the recommended experience is updated between the CAS-004 and the new CAS-005: 

CAS-004: At least ten years of general hands-on IT experience, with at least five years of broad hands-on security experience. 

CAS-005: Minimum 10 years of general hands-on IT experience, five years being hands-on security, with Network+, Security+, CySA+, Cloud+ and PenTest+ or equivalent knowledge. 

Watch this free webinar, SecurityX is here (CASP+ is no more), hosted by Infosec and CompTIA to demystify the new CompTIA Xpert Series, for more information on why the exam is being rebranded, as well as updated domains and job roles for SecurityX holders.