(301) 220 2802
CompTIA SecAI+ is CompTIA’s first “expansion” certification focused on securing AI systems and the secure application of AI in cybersecurity operations—built to help security professionals respond to the real risks showing up in production AI (prompt injection, model abuse, data leakage, adversarial attacks).
At TrainACE, we position SecAI+ as the “bridge” certification for teams who already know security fundamentals and now need practical, vendor-neutral skills for AI threat modeling, AI system controls, AI-assisted security operations, and AI governance.
Got Questions?
For more information about your specific needs, call us at (301) 220 2802 or complete the form below:
Learn More About SecAI+ Training
Jump To:
Class Schedule
-
Greenbelt & Live-Online
07/11/26 - 08/01/26
Saturday (8:30am-5pm)
-
Greenbelt & Live-Online
08/17/26 - 08/20/26
Mon-Thu (8:30am-5pm)
-
Greenbelt & Live-Online
09/28/26 - 10/01/26
Mon-Thu (8:30am-5pm)
-
Greenbelt & Live-Online
11/30/26 - 12/03/26
Mon-Thu (8:30am-5pm)
Get your CompTIA SecAI+ Training and Certification training in our convenient IT training centers in Maryland or Virginia.
Why Take SecAI+ Training in Maryland?
The DMV region has a high concentration of federal agencies, contractors, and regulated enterprises adopting AI for security automation, analytics, and mission systems—while simultaneously being under pressure to prove responsible AI governance and reduce AI-enabled risk. SecAI+ directly addresses that intersection by validating skills to:
- Apply AI concepts to strengthen security outcomes
- Implement security controls to protect AI systems and data
- Improve threat detection/response and security task automation using AI
- Navigate governance, risk, and compliance factors impacting AI adoption
Who Needs CompTIA SecAI+ Training?
SecAI+ is ideal for professionals who already work in cybersecurity and want to expand into AI security and AI-enabled security operations—especially those who already hold Security+, CySA+, PenTest+, or equivalent experience.
Common-fit job titles (based on the exam’s governance/operations emphasis and AI roles listed in the objectives) include:
- SOC Analyst / Senior SOC Analyst (AI-assisted triage, detection, automation)
- Incident Responder / Threat Hunter (AI-enabled tooling + AI threat patterns)
- GRC Analyst / Security Compliance Lead (AI governance + policy + global compliance factors)
- MLOps / Platform Engineer supporting AI systems (access controls, logging, lifecycle security)
- AI Risk Analyst / AI Auditor / AI Governance Engineer (explicitly referenced as AI-related roles)
What Are the Benefits of CompTIA SecAI+ Training?
SecAI+ is designed to help you become credible and job-ready in AI security by validating you can:
- Apply foundational + advanced AI concepts to strengthen cybersecurity
- Implement controls and best practices to protect AI systems and data
- Leverage AI-driven tools to enhance threat detection, response, and automation
- Navigate GRC frameworks and global compliance factors affecting AI
It also focuses on modern AI-driven threats you’re increasingly seeing in the real world—prompt injection, model abuse, data leakage, and adversarial attacks—and emphasizes secure-by-design principles for AI use cases, policies, and workflows.
What You Need to Know Before Taking CompTIA SecAI+ Training
CompTIA recommends learners have the equivalent of 3–4 years of IT experience and ~2 years of hands-on cybersecurity experience.
It’s also a strong add-on (“expansion”) for professionals who already hold CompTIA cybersecurity certs like Security+, CySA+, PenTest+ or equivalent experience.
How Long Does CompTIA SecAI+ Training Take?
This course spans 4 full days, combining expert-led lectures with lab-based learning that reinforces real-world administrative tasks.
How Hard is the SecAI+ Course?
SecAI+ is best viewed as an advanced add-on to an existing cybersecurity foundation: it’s not “AI for beginners,” but a certification that expects you to already understand security operations and then apply that knowledge to:
- AI concepts used in cybersecurity (LLMs/SLMs, GANs, training techniques, prompt engineering)
- Security controls for AI systems (guardrails, prompt firewalls, rate/token limits, encryption, monitoring/auditing)
- Global governance and compliance impacts (EU AI Act, OECD, ISO AI standards, NIST AI RMF)
SecAI+ Exam and Certification Requirements
Exam: CompTIA SecAI+ CY0-001
Test details:
- Max 60 questions
- Question types: multiple-choice + performance-based
- 60 minutes
- Passing score: 600 (scale 100–900)
Exam domains (what CompTIA measures):
- 1.0 Basic AI Concepts Related to Cybersecurity (17%)
- 2.0 Securing AI Systems (40%)
- 3.0 AI-assisted Security (24%)
- 4.0 AI Governance, Risk, and Compliance (19%)
What Will I Learn in This CompTIA SecAI+ Class?
Domain 1.0 Basic AI Concepts Related to Cybersecurity (17%)
You’ll build a security-focused AI foundation so you can communicate clearly with AI/ML teams and make better control decisions:
- AI types & techniques used in cybersecurity: generative AI, ML/statistical learning, transformers, deep learning, GANs, NLP, LLMs vs SLMs
- Model training techniques: validation, supervised/unsupervised learning, reinforcement learning, federated learning, fine-tuning (plus concepts like epoch, pruning, quantization)
- Prompt engineering fundamentals: system vs user prompts, zero/one/multi-shot prompting, roles, and templates
- Data security for AI: data cleansing/verification, lineage/integrity/provenance, augmentation/balancing, data types, watermarking, and RAG concepts (vector storage + embeddings)
- Secure AI life cycle: security across use case alignment → data collection/prep → model selection/evaluation → deployment/validation → monitoring/feedback; plus human-in-the-loop/oversight/validation
Domain 2.0 Securing AI Systems (40%)
This is the largest domain—focused on practical controls and how to respond when AI goes wrong:
- Threat modeling resources: OWASP Top 10 (LLM Top 10 + ML Security Top 10), MIT AI Risk Repository, MITRE ATLAS, CVE AI Working Group, and threat-modeling frameworks
- AI security controls: Model controls (evaluation, guardrails, prompt templates) | Gateway controls (prompt firewalls, rate/token limits, input quotas, modality limits, endpoint access controls) | Guardrail testing/validation
- Access controls for AI systems: controlling model access, data access, agent access, and API access
- Data security controls: encryption in transit/at rest/in use; anonymization, classification labels, redaction, masking, minimization
- Monitoring & auditing: prompt/query/response monitoring, log monitoring + sanitization + protection, confidence levels, rate/cost monitoring, and auditing for hallucinations/accuracy/bias/fairness/access
- Attack analysis + compensating controls: recognize common attacks (poisoning, prompt injection, jailbreaking, model theft, inversion, supply chain attacks, DoS, sensitive info disclosure, insecure output handling, excessive agency/overreliance) and select compensating controls (prompt firewalls, guardrails, least privilege, encryption, integrity controls, rate limiting)
Domain 3.0 AI-assisted Security (24%)
You’ll learn how to use AI safely and effectively to improve security productivity and operational outcomes::
- AI-enabled tools for security tasks: IDE/browser/CLI plugins, chatbots, personal assistants, Model Context Protocol (MCP) server
- Security use cases: signature matching, vulnerability analysis, automated pentesting, anomaly detection, incident management, threat modeling, fraud detection, translation, summarization
- How AI amplifies attack vectors: deepfakes/impersonation/misinfo/disinfo, recon, social engineering, obfuscation, automated correlation, and automated attack generation (payloads/malware/honeypots/DDoS)
- Automating security tasks with AI: low-code/no-code scripting, incident ticket management, change management, agents, CI/CD security automation (code scanning, SCA, testing, automated rollback)
Domain 4.0 AI Governance, Risk, and Compliance (19%)
This domain equips you to support leadership and compliance teams with practical, security-first AI governance:
- Governance structures and roles: policies/procedures, AI Center of Excellence, and roles such as AI security architect, AI governance engineer, AI risk analyst, AI auditor (plus MLOps/platform/data roles)
- AI risk management concepts: fairness, transparency, privacy/security, explainability, accountability, differential privacy, awareness training; plus risks like bias, accidental leakage, IP risk, reputation loss, autonomous systems, shadow AI
- Compliance impacts: EU AI Act, OECD standards, ISO AI standards, NIST AI RMF; corporate policies (sanctioned vs unsanctioned, private vs public models, sensitive data governance), third-party evaluations, data sovereignty