In this demonstration, we will highlight the use-cases of CALDERA, then we walk through a demo (from installation to execution) highlighting the Center for Threat Informed Defense’s Adversary Emulation Plans to execute real-world, automated testing and evaluation of network security. CALDERA is built on MITRE ATT&CK, a free and globally accessible knowledge base of adversary tactics and techniques developed from real-world observations. ATT&CK includes aggregated information on threat groups as well as the tactics and techniques they’ve been reported on using. Using these threat groups, the Center for Threat Informed Defense developed the adversary emulation plan library to enable systematic network security evaluation using real-world adversary TTPs.
In attending this demo, participants will develop an understanding of how they can leverage CALDERA, ATT&CK, and the Adversary Emulation Library to further their understanding of automated adversary emulation in an open source, community focused ecosystem.