MITRE Caldera Adversary Simulation

Question

Hello everyone,

I want to build a lab environment, where I have a simulated Security Operations Center with some vulnerable EC2 instances like Workstations or Windows/Linux Servers.

Furthermore I will have a Linux Ubuntu Server with the tool MITRE Caldera installed on top of it. This tool is used to simulate Red Teaming or Adversary TTPs.

Is that tool allowed to be used in AWS? Are there any restrictions for that tool or can i perform anything with that? This is a tool which simulates an attack and cleans up afterwards.

My aim is to create alerts with Caldera and check what the newly created SOC can see regarding visibility.
Thank you in advance.

Answer

Hi

I understand that you want to build a lab environment for simulating and pen-testing.

---

You can check the range of availalbe actions(pen-testing) and available services from the below link(Penestration Testing).

[+] [Penetration Testing](https://aws.amazon.com/security/penetration-testing/) (AWS Cloud Security)

Plus, you can refer to this link, which describes MITRE Caldera subscription on AWS Marketplace, and you can use MITRE Caldera on AWS.

[+] [Mitre Caldera](https://aws.amazon.com/marketplace/pp/prodview-raw27x723c3oq#pdp-pricing) (AWS Marketplace)

---

If I have missed anything or answered wrong, please feel free to ask me again. Also you have any questions, comment please!

Answer

You can refer to [AWS Customer Support Policy for Penetration Testing](https://aws.amazon.com/security/penetration-testing/) for terms and conditions.

Answer

Hi,

Mitre Caldera is on AWS Marketplace: https://aws.amazon.com/marketplace/pp/prodview-raw27x723c3oq

So, it is a clear sign that you can use it on AWS.

Best,

Didier

MITRE Caldera Adversary Simulation

Contenido relevante