MBT - Certified Blue Teamer


MCSI Certification Programs are truly worldclass with cutting-edge content that offers you uniquely-designed, hands-on practical and challenging exercises that teach skills immediately applicable in the field towards benefiting career advancement.

This Certification has no expiry date, no renewal fees, no hidden fees, and is accessible with no time limits.

MCSI Certified Blue Teamer:
  • Investigate compromised machines and uncover what the attackers did
  • Rapidly reverse engineer and analyse malware samples to understand adversary capabilities
  • Identify anomalies and indicators of attacks on the network that enterprise security products have failed to catch
  • Track ongoing attack campaigns and provide actional advice to teams in charge of defending the network(s)
  • Harden and protect networks against the most common attack vectors

Career Outcomes

Students who have successfully achieved their MBT Certification can apply Blue Teamer jobs worldwide, fully confident that they have the competencies that the industry is seeking for these roles.

Training Curriculum and Online Assessment

Students must successfully complete 100 practical exercises in MCSI's Online Learning Platform (OLP) prior to undertaking the Final Online Assessment to obtain this Certification.

As an MCSI Certified Blue Teamer you will be fully capable of performing the following:

  1. Deploy and manage incident mitigation strategies and tools:
    • Application whitelisting
    • Patching applications and operating system
    • Hardening user applications and operating system
    • Automated analysis and content filtering
    • Restrict administrative privileges
    • Network segmentation
    • Intrusion detection and response
    • Backup and recovery
  2. Investigate and contain security intrusions on Windows systems:
    • Using all log types and sources
    • Performing timeline analysis
    • Conducting impact assessments
    • Recover compromised systems
    • Writing detection rules
  3. Analyse suspicious binaries and malware samples:
    • Structured reverse engineering
    • Static and dynamic analysis
    • Rapidly identifying different malware types
    • Reverse engineering shellcode
  4. Identify “unknown unknowns” in the network
  5. Produce usable and actionable threat intelligence that assists business leaders make cyber security investment and divestment decisions
  6. Write custom security tools to defend large-scale enterprise networks


“The MBT has really helped me develop my skills across multiple areas of cyber defence. The new skills I am learning directly translate into my job role, improving my performance as a member of the SOC.”

SOC Analyst, Financial Services

“Amazing how one training curriculum can transform an entire workforce. The MBT was able to provide hands-on, online training to team members spread across the country, allowing us to manage and assess the skills of everyone. Once we started weekly practice with the MBT, we saw an immediate mprovement across the board in the outcomes produced.”

Cyber Defence Operations Lead, Healthcare Industry

“The MBT has been excellent at providing cost-effective, online training for the entire SOC. We can set aside time throughout the week for team members to upskill through an online platform. These gives us the ability to prepare employees with the right skills to face real cyber challenges.”

SOC Manager, Financial Services

Why MCSI’s Blue Teamer Certification is World Class

  • World-Class Requirements Met Are Above Standard: Holders of the MBT Certification have completed 100 practical online exercises thus demonstrating that they have the skills and knowledge in the following areas: cyber defence, digital forensics, threat hunting, reverse engineering and threat intelligence.
  • Internals Focused: Students who have obtained this Certification have demonstrated that they have a full understanding of the internals of Windows for digital forensics, incident response, threat hunting and malware analysis purposes.
  • Programming Oriented: The challenges that students have had to overcome successfully in order to obtain this Certification have required them to write software in C/C++, Golang, PowerShell, and Python. This guarantees that Blue Teamers certified by MCSI can write custom defence tools to defend large-scale enterprise networks.

Course Overview