In this talk, we will share our experience with the development, maintenance, and operation of a modern security data automation platform at a large scale. We will discuss security telemetry data as well as contextual data that we use in our environment to support our security team. Multiple analytical scenarios with varying level of automation will be discussed, including the ultimate use-case – building huge knowledge graphs for cyber situation awareness.