[Workshop Speakers]
Adversary Village at
DEF CON 32

Rachel Murphy

Cyber Security Engineer at MITRE Corp.

Rachel Murphy is a Cyber Security Engineer at MITRE Corp. She has a B.S. in Mechanical Engineering and prior to joining MITRE, she worked as a mechanical engineer at NASA performing thermal analysis for the International Space Station at Johnson Space Center in Houston, TX. Rachel has worked on projects in adversary emulation, red teaming, cyber threat intelligence, and software development.
Part of this work includes supporting Caldera’s research in artificial intelligence, developing Caldera workshops like this one, and promoting Caldera’s benefactor program. She has also served as a red team operator for MITRE Engenuity’s ATT&CK Evaluations.

Hands-on workshop: Introduction to MITRE Caldera Through Adversary Emulation

| Aug 9th 2024 | Adversary Village Area | Las Vegas Convention Center.
Adversarial Emulation

MITRE Caldera is a scalable, automated adversary emulation, open-source cybersecurity platform developed by MITRE. It empowers cyber practitioners to save time, money, and energy through automated security assessments. Caldera not only tests and evaluates detection/analytic and response platforms, but it also provides the capability for your red team to perform manual assessments with computer assistance. This is achieved by augmenting existing offensive toolsets. The framework can be extended to integrate with any custom tools you may have. The development team behind the platform is a group of red teamers, software developers, exploit writers, cyber threat analysts, AI researchers, cybersecurity engineers, and computer scientists. They all pursue the common goal of building a premier adversary emulation platform for our security defenders around the world.

To showcase Caldera at DEF CON 32, we will present a scenario that a commercial or corporate entity may ask of a security team. In this scenario, a concerned organization is requesting a security team to develop a repeatable adversary emulation plan based on current cyber threat intelligence (CTI) for a specific advanced persistent threat (APT) that has been targeting the organization’s industry sector. We will create three cyber threat intelligence reports for this adversary detailing the tactics, techniques, and procedures (TTPs) attributed to them. These TTPs will correspond with the abilities available in Caldera’s Stockpile and Atomic plugins. This collection of abilities makes the job of developing an adversary emulation very simple.

We will go on to demonstrate how to develop an adversary emulation plan in Caldera utilizing the relevant TTPs described in the CTI reporting. Finally, we will execute the new adversary emulation plan against the target machines and display the facts that Caldera collects during an operation, the outputs of all commands run, and the final report generated by the Debrief plugin.

*We also plan to provide 3 workstations so that audience members without a personal computer may take part.

We Engage.


Join Adversary Village Discord Server.

Join Adversary Village official Discord server to connect with our amazing community of adversary simulation experts and offensive security researchers!