This is used to help identify detection visibilities over IT infrastructures, and to help make recommendations on incident response procedures. Especially in a situation one node is compromised, this tool should help to track if other parts are covered during incident repsonse procedures.