Monday, May 5, 2025
HomeCyber Security NewsCaldera: A New Security Tool to Emulate Attacks in Critical Infrastructure

Caldera: A New Security Tool to Emulate Attacks in Critical Infrastructure

Published on

SIEM as a Service

Follow Us on Google News

MITRE has CISA (America’s cyber defense agency) unveiled a collection of plugins designed to extend the capabilities of Caldera into the Operational Technology (OT) environment. 

MITRE Caldera is a cyber security platform designed to easily automate adversary emulation, assist manual red teams, and automate incident response.

These plugins promise to bolster the defense mechanisms and testing capabilities within critical infrastructure systems.

- Advertisement - Google News

Contained within the “caldera-ot” repository, these plugins serve as essential tools for securing OT environments. 

They are available as Git submodules, making them easily accessible to security professionals and researchers.

Installation Made Simple

To install the full suite of Caldera for OT plugins, users can employ the following command:

git clone https://github.com/mitre/caldera-ot.git --recursive

Alternatively, individuals can set up specific plugins individually, tailoring their OT security approach to their precise needs. 

Currently, three key plugins are available:

  • BACnet Catering to Building Automation and Control Networks (BACnet) protocol.
  • DNP Addressing the Distributed Network Protocol 3 (DNP3).
  • Modbus Supporting the Modbus protocol.

These plugins are poised to bring a new level of sophistication and customization to OT security strategies.

Unifying and Exposing Open-Source OT Protocol Libraries

MITRE’s Caldera for OT plugins serves to unify and expose open-source OT protocol libraries, offering them as protocol-specific plugins. 

Each plugin provides comprehensive documentation, including high-level README.md files, source code-specific README.md files under /src, and Caldera Field Manual documentation under /docs.

Enhanced Security and Training

The motivation behind these plugins lies in enabling adversary emulation within the OT environment. 

This empowers organizations to bolster their security defenses and prepare for potential threats effectively. 

Moreover, it supports traditional Caldera use cases, such as operator training and comprehensive testing of security measures.

MITRE’s initiative represents a significant step forward in the ongoing effort to safeguard critical infrastructure systems and bolster security within the OT realm. 

For those seeking more detailed information, MITRE has also provided a presentation on “Emulating Adversary Actions in the Operational Environment with Caldera (TM) for OT.”

Stay tuned for further updates as the security community explores the potential of these Caldera for OT plugins in fortifying critical infrastructure against emerging threats.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems...

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21...

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its...