Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about a human-centered framework for creating investigation playbooks that augment security analysts rather than replace them in this 50-minute conference talk. Discover how cognitive science and investigative reasoning principles can overcome the limitations of traditional playbooks by helping analysts manage memory constraints, generate new investigation ideas, minimize intuitive biases, and consolidate collective knowledge. Explore the theoretical foundation behind this approach as Chris Sanders explains how cognitive playbooks improve decision-making, reduce analyst fatigue, and enable consistent, high-quality incident response outcomes. Watch Josh Brower demonstrate the practical implementation of this model through Security Onion's new Guided Analysis feature, walking through real-world detection scenarios that show how the platform empowers analysts to make informed investigative choices. Gain insights into best practices for creating educational playbooks with practical outcomes, whether you're a security analyst, SOC leader, or tool builder looking to effectively leverage investigative playbooks in your security operations.
