MITRE Caldera

Mitre Caldera can be used to test endpoint security solutions and assess a network's security posture against the common post-compromise adversarial techniques contained in the ATT&CK model. CALDERA leverages the ATT&CK model to identify and replicate adversary behaviors as if a real intrusion is occurring.

Which Host Group to run against.

State of the operation

Which collection of agents to run against.

Whether learning parsers are used.

How visible should the operation be to the defense (1-100), default is 51

Jitter is defined as a fraction (default is '2/8')

Populates the Adversary ID Field with Adversaries from the MITRE Caldera

This script is used in the MITRE Caldera Operation playbook. It will auto-complete the task that waits for a specific date and time for the operation to start. It should not be used manually.

Populates the Objective ID Field with Objectives from the MITRE Caldera

Populates the Event Logs with Event Logs from the MITRE Caldera

Post processing script for MITRE Caldera incidents.

Prevents specific fields from being set manually.

Populates the Planner ID Field with Planners from the MITRE Caldera

Populates the agents with agents from the MITRE Caldera

Populates the Operation Facts with Facts from the MITRE Caldera

Populates the Source ID Field with Sources from the MITRE Caldera

This playbook is used to create a new Operation in Mitre Caldera.

Mitre Caldera can be used to test endpoint security solutions and assess a network's security posture against the common post-compromise adversarial techniques contained in the ATT&CK model. CALDERA leverages the ATT&CK model to identify and replicate adversary behaviors as if a real intrusion is occurring.

Which Host Group to run against.

State of the operation

Which collection of agents to run against.

Whether learning parsers are used.

How visible should the operation be to the defense (1-100), default is 51

Jitter is defined as a fraction (default is '2/8')

Populates the Adversary ID Field with Adversaries from the MITRE Caldera

This script is used in the MITRE Caldera Operation playbook. It will auto-complete the task that waits for a specific date and time for the operation to start. It should not be used manually.

Populates the Objective ID Field with Objectives from the MITRE Caldera

Populates the Event Logs with Event Logs from the MITRE Caldera

Post processing script for MITRE Caldera incidents.

Prevents specific fields from being set manually.

Populates the Planner ID Field with Planners from the MITRE Caldera

Populates the agents with agents from the MITRE Caldera

Populates the Operation Facts with Facts from the MITRE Caldera

Populates the Source ID Field with Sources from the MITRE Caldera

This playbook is used to create a new Operation in Mitre Caldera.