Re: "The US DoD has opened up all of its publicly facing systems and apps to investigation"
They don't need to.
These systems are publicly-facing, so they're already "open" to state-sponsored actors and other professionals. "Opening" these systems in a case like this just means "we won't hassle you if you look for vulnerabilities".
Since publicly-facing systems are already under attack (all of them, constantly), there's nothing new here as far as the professionals are concerned. And, of course, by logging attacks and feeding those logs into SIEM / UEBA systems, you learn some information about your attackers.