An MCSI qualified professional Threat Hunter Teamer is capable of delivering threat hunting engagements in large-scale Windows networks.
Students who have successfully achieved their MTH Certification from MCSI can apply for Cyber Threat Hunter jobs worldwide with the confidence that they have the competencies that the industry is seeking.
MCSI Certifications are world-class. The content is cutting-edge, uniquely-designed, hands-on and challenging. Our exercises teach in-demand skills that are immediately applicable in the field. MCSI's unique approach helps students around the world advance their careers.
This Certification has no expiry date. It has no renewal fees, no hidden fees, and is accessible with no time limits.
MCSI Certified Threat Hunter:
Capture digital forensics artefacts in large-scale enterprise networks and index them for threat hunting
Hunt for cyber adversaries that have bypassed/avoided/defeated enterprise security solutions using Python and YARA
Rapidly analyse suspicious binaries to confirm whether they are malware or not
Align your approach and methodology to the MITRE ATT&CK Matrix
Practice threat hunting against thousands of machines and gigabytes worth of malware samples
Lab setup - 7 exercises
Fundamental Skills - 2 exercises
Windows Internals Fundamentals - 3 exercises
Pandas Fundamentals - 7 exercises
Threat Hunting with YARA - 20 exercises
Threat Hunting with Pandas - 16 exercises
Digital Forensics and Incident Response - 11 exercises
Memory Forensics - 5 exercises
Malware Analysis - 7 exercises
Capability Development - 13 exercises
Threat Hunting Simulations - 10 exercises
Below are three (3) exercises from the 100+ exercises available in MTH - Certified Threat Hunter:
Write A YARA Rule That Identifies Binaries Compiled In The Last 24 hours (Novice)
Write A Query To Search For Signs Of Lateral Movement (Advanced Beginner)
Build A MultiThreaded Python Tool To Convert A Redline Outputs To Parquet At Scale (Competent)
Ability to comfortably read and understand IT documentation written in English. Ideally, an IELTS score of 6.5 with no band less than 6 (or equivalent).
Note: You can register for this course without having undertaken an English test.
We recommend that you have some experience in software programming prior to registering for this course.
The preferred programming language for this course is Python.
Frequently Asked Questions
What is the MCSI Method™?
Are solutions included in certifications and bundles?
No. Our method of teaching cyber security consists of challenging you with real-world problem statements that you're expected to research and solve by doing your own research. This is how you'll be expected to work in the field. When you fail an exercise, we provide you with constructive feedback to improve and try again.
Do the videos provides the answers to exercises?
No. The videos teach concepts, mindset, methodologies, procedures and professional skills such as report writing, interviewing and preparing proposals.
Do bundles, training content, or certificates ever expire? Am I expected to buy again in the future?
Once purchased, bundles and certificates are unlocked forever. They are no recurring or ongoing fees.
Do I need to buy the training and the certification separately?
No. The price provided covers both. You only pay once.
Do you offer any special offers and discounts?
If I can't solve the exercise where do I go for help?
We have an online forum where you can ask questions and our team of professional instructors will help you out.
An `Unofficial Curriculum` contains MCSI's practical exercises aligned to a non-MCSI Industry Certification syllabus.
We offer unofficial curriculums for the OSCP, ISACA CISA, ISACA CISM, ISACA CRISC, CCT ICE, CCSAS, CCT ACE.
Do you provide Continuing Professional Education (CPE) credits?
Yes. Every single exercise offers CPE credits. The number of credits earned depends on the difficulty of the exercise completed. Below are the CPE Credits achieve for an exercise in each difficulty:
Novice exercises = 1 CPE credits
Advanced Beginner exercises = 2 CPE credits
Competent exercises = 5 CPE credits
Proficient exercises= 8 CPE credits
Beyond Proficient exercises = 16 CPE credits
Are MCSI courses/certifications recognized and have value outside of Australia?
Yes. MCSI certifications have value worldwide and are recognized by employers looking for individuals with practical cyber security skills.
MCSI's training is 100% practical with real cybersecurity problems designed to teach immediately applicable skills in the field. To solve our practical exercises, students must do their own research and develop their own solutions.
While completing exercises, students also develop their own comprehensive cybersecurity portfolio of skills. Individuals use this portfolio to demonstrate their cybersecurity competencies to solve real industry problems to future employers or hiring managers.
Do I need to complete an exam to receive MCSI Certification?
No. MCSI Certifications are completed by solving practical cybersecurity exercises.
This certification successfully prepares you for the following
Cyber Threat Hunter
Security Operations Centre (SOC) Analyst
Threat Detection Analyst
Training Curriculum and Certifications
Students unlock Certificates of Completion for every exercise they complete. Industry Certifications are unlocked upon achieving Skills Proficiency Milestones.
Obtain CPE points by solving exercises
Achieve multiple certifications
Receive help from instructors online
MCSI's MTH certification covers all six levels of the Australian Signals Directorate's Cyber Skills Framework. You will achieve a certificate upon reaching each level. You will earn an industry certification at Level 5. Click here to learn more.
ASD Skills Proficiency Level
Curriculum Completion Requirement
Scenarios Completion Requirement
MCSI Threat Hunter Learner
MCSI Novice Threat Hunter Practitioner
MCSI Threat Hunting Practitioner
MCSI Senior Threat Hunting Practitioner
MCSI Certified Principal Threat Hunting Practitioner
MCSI Certified Expert Threat Hunter Practitioner
As an MCSI Certified Threat Hunter you will be fully capable of performing the following:
Capture digital forensics logs in large-scale computer networks
Using open-source tools to capture snapshots of workstations and servers
Capturing the physical memory (RAM)
Capturing Windows Event Logs
Configuring Windows systems to log key security event courses for digital forensics purposes
Extracting malicious payloads from Microsoft Office and PDF documents
Knowledge of the key Windows components: processes, registry keys, services, scheduled tasks, event logs, etc.
Use Python to hunt for indicators of compromise at scale
15 practical threat hunting exercises of various difficulties: novice, advanced beginner, competent and proficient
Hundreds of IOCs to detect across the entire MITRE ATT&CK Matrix:
Command and Control
Use YARA to hunt for malicious binaries at scale
Build a “goodware” dataset and a malware dataset
Learn how to use YARA’s professionally and many of its pattern matching techniques
Detect obfuscated binaries
Detect exploits, vulnerabilities, shellcode and zero-days
Identify new malware samples based on features
Increase the speed of incident response
Build your own private anti-virus software using retro-hunting
Perform deep-dive digital forensics investigations and write rapid incident response reports
Finding good Threat Hunting training is more difficult than actual Threat Hunting. I discovered MCSI and the MTH Certification which included quite challenging exercises. It was well worth it! My team has produced world-class outcomes with the advanced skills gained from MCSI’s practical Threat Hunting training.
Head of Threat Hunting, Financial Services
The best Threat Hunting training I have done! I am an experienced Threat Hunter, and the MTH still found a way to advance my existing skill set. The exercises get progressively more difficult with each more challenging than the next, but each teaches a new skill that I use in my job. Thank you, MCSI.
Senior Threat Hunter, Retail Industry
The MTH is the best way to continually train my team to detect unknown APTs on a network. I went through the training myself, so I can say that the curriculum is quite challenging in the best way. It’s self-paced, with quick instructor answers to any questions. This course allowed us as a team to grow at a pace that is suited to our environment. The exercises are world-class at teaching techniques that can be transferred from the training to our daily operations.
Threat Hunting Lead, Financial Services
Why MCSI’s Threat Hunter Certification is World Class
Comprehensive, Effective, Exceeds Standards
Holders of the MTH Certification have completed 100 practical online exercises thus demonstrating that they have the skills and knowledge required to perform professional threat hunting engagements in any network environment – no matter the scale. Students take an average of 6 months to complete these exercises.
Data Science Focused
Students who have obtained this Certification have demonstrated that they have a full understanding of the threat hunting process and methodology using data science techniques. These techniques are 100% transferable to any enterprise security solution.
Many of the challenges that students must pass to obtain this certification require students to write software in Python, YARA and PowerShell. This guarantees that threat hunter certified by MCSI understand how exactly how threat hunting works and do not solely require on automated tools.