As government migrates to the cloud, cyber must support a heterogeneous infrastructure, with vast volumes of data potentially exposed on both legacy and modernized frameworks. Existing Security Information Events Management (SIEM) applications were not designed with such a hybrid state in mind. They generally cannot support the speed and scalability needed to secure data in the cloud; nor are they able to effectively monitor the growing number of data generators at the edge—the rising tide of IoT.