https://speakerdeck.com/mishaky/scaling-detection-and-response-at-sentry

I presented this at Bsides Cambridge and at Arctic Con in Alaska. It describes how we developed a SOAR to augment our operations. We were a very lean D&R team and already had Panther set up. So we added a SOAR to ETL alerts between the SIEM and Jira. It eventually also support response automations, like capturing user responses and additional alert contextualizations depending on the responding engineers investigation.