Svetlana Arkhipova presents on QIWI's experience using Qradar as the security operations center (SOC) core. The QIWI SOC processes over 11,000 events per second from over 2,800 log sources and 700,000 network flows per minute. The Qradar deployment includes 45 virtual and 2 physical servers to handle the large volumes of log data. Key challenges include collecting logs from various sources like Windows, databases, and custom in-house applications in a standardized way and tuning the SIEM for internal security scanners. The QIWI SOC also works to automate compliance with standards like PCI, SOX, and national security regulations.