SOAR Implementation Pain Points and How to Avoid Them

As cybersecurity threats continue to escalate in complexity and frequency, organizations increasingly rely on automation to enhance their defenses. Security Orchestration, Automation, and Response (SOAR) platforms have emerged as powerful tools for streamlining operations and reducing the burden of repetitive tasks on security teams. However, implementing SOAR is not without its challenges. This presentation will explore the common challenges organizations encounter when deploying SOAR and provide actionable strategies to overcome them. By examining real-world scenarios and best practices, attendees will gain insights into managing expectations, developing effective playbooks, addressing training and adoption barriers, and ensuring seamless integration with existing tools such as Security Information and Event Management (SIEM) systems. The session will cover practical approaches to conducting readiness assessments, planning phased rollouts, and measuring success to ensure that SOAR implementations deliver tangible results. Additionally, lessons learned from successful deployments will be shared to help participants avoid common pitfalls and realize the full potential of SOAR in their security operations. Common SOAR Pain Points to discuss: Integration challenges with existing tools and technologies, such as SIEMs and threat intelligence platforms. Misaligned expectations between stakeholders and technical teams. Automation pitfalls, including over-automation and inadequate planning. Training and adoption barriers within security teams. Maintaining playbook relevance in evolving threat landscapes. Intended Audience: This session is designed for cybersecurity managers, SOC analysts, engineers, and other professionals who are considering or actively planning to implement SOAR solutions in their organizations. It will provide valuable insights into overcoming implementation challenges and maximizing the benefits of SOAR to streamline operations and enhance incident response capabilities.

About the Presenter: Saikat Asaduzzaman

Saikat Asaduzzaman is an ISACA and GIAC certified information security professional with extensive expertise in incident response, penetration testing, and threat hunting. Currently serving as a Senior Manager in Cyber Security Operations Centre at Bank Of Montreal, Canada, Saikat has successfully led major incident response initiatives and developed strategic processes for automation and threat hunting in large-scale environments. With a strong academic background that includes a Master’s in IT Management and certifications like GCIH, GPEN, GWAPT and CISA, he is a seasoned educator, teaching cybersecurity courses at institutions such as George Brown College, Sheridan College, and Lambton College.

Saikat has a proven track record of managing complex cybersecurity challenges, including responding to mass phishing attacks and coordinating multidisciplinary teams across global locations. A frequent speaker and mentor, Saikat is passionate about sharing his expertise in cybersecurity strategies, ethical hacking, and leveraging automation to enhance security operations.