This regional healthcare organization has several hospitals and offices that serve more than 500,000 patients annually. Their IT infrastructure has a wide range of hardware and software systems to support clinical and administrative operations. The organization has a complex hybrid cloud environment with various software applications, such as electronic health record (EHR) systems, patient scheduling and billing systems, as well as clinical decision support tools. Additionally, the organization has invested millions of dollars protecting patient data. However, the security operation center (SOC) analysts were constantly switching between security tools, spending too much time bouncing back and forth rather than quickly finding IoCs to stop attacks. Their Mean-Time-to-Resolution (MTTR) was significantly higher than desired, sometimes reaching multiple weeks. One common situation was finding a malware alert in their EDR tool and spending precious time trying to find the cause in their NDR tool.