Matthew Gracie
Matthew Gracie is a defensive security specialist with fifteen years of Blue Team experience in higher education, manufacturing, financial services, and healthcare. He is currently a Senior Engineer at Security Onion Solutions, as well as the interim director of the Cybersecurity graduate program at Canisius University. Matt is also the lead organizer of Infosec 716, a monthly meetup for security enthusiasts in Western New York, and the BSides Buffalo technology conference. He enjoys good beer, mountain bikes, open source security tools, and college hockey, and can be found on Bluesky as @InfosecGoon.
Session
The Human Centered Investigation Playbook (HCIP) standard is a YAML-based syntax for writing investigation playbooks that correspond to a particular alert, artifact, or attack. The goal is to have an investigation methodology that both guides the analyst and also integrates into defensive tooling to make necessary data easily available during the investigation.
In this presentation I will discuss the standard, explore its purpose and use cases, and demonstrate its functionality in a free and open monitoring platform.