After this session, the learner will understand that building an automated security platform is difficult. In this session I will go over the basics of SOAR (Security Orchestration Automation and Response), how best to approach implementation, and some lessons learned from my 4 years building an automated MSSP SOC. Come to this talk to learn from someone who's been through the trials and tribulations of automating security operations both internally and for customers for one of the largest MDRs!