The cybersecurity threat landscape is rapidly evolving, and cybercriminals are becoming more sophisticated. Traditional threat detection techniques that rely on signature-based threat detection are no longer effective. In fact, signature-based antivirus systems were only capable of detecting and blocking half of malware in the last quarter of 2019.
Anomaly-based detection enables the detection of cyberthreats designed to evade traditional detection systems by looking for abnormal behavior within a network or on a computer system. However, this approach to threat detection requires analysts to have the ability to differentiate benign anomalies from true threats. The CompTIA Cybersecurity Analyst (CySA+) validates analysts’ ability to use these strategies to effectively protect an organization against cyber threats.
What is the CySA+ certification?
The CySA+ certification is an intermediate-level certification designed for cybersecurity analysts. The focus of this certification is on the use of behavioral analytics and continuous monitoring to detect and respond to the cyberthreats that are frequently missed by traditional detection systems.
The CySA+ certification is on the cybersecurity pathway of the CompTIA certification path. The assumption is that a potential student already holds the certifications (or equivalent knowledge) for the Core Skills Certifications (IT Fundamentals, A+, Network+ and Security+). At this point, the student can branch into taking either the CySA+ certification or the PenTest+ certification, based on their area of specialization.
The CompTIA CySA+ certification exam contains a mix of multiple-choice questions and hands-on exercises. It meets the ISO 17024 standard and fulfills DoD Directive 8570.01-M requirements, as well as being FISMA-compliant.
What roles need the CySA+ certification?
The CySA+ certification is designed to cover the core skills required for intermediate-level security analysts. The focus is on behavior-based threat detection, but the certification also includes elements of software and application security, automation, threat hunting and IT regulatory compliance.
This (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/GLYB8WwZK_M/