mitre/caldera

Operation weights

volnodumcev opened this issue · 2 comments

volnodumcev commented

I've already checked whole Caldera documentation, but I can't found where weights of every steps in Adversaries are noticed. In this presentation (https://www.blackhat.com/docs/eu-17/materials/eu-17-Miller-CALDERA-Automating-Adversary-Emulation.pdf) guys are telling that Caldera using a heuristic model based on rewards (weights). But I still can't understand where these weights are coded.

github-actions commented

Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/

elegantmoose commented

So weights would found in the Caldera Planners - https://caldera.readthedocs.io/en/latest/How-to-Build-Planners.html.

In short, by default Caldera uses the "Atomic" planner which is just a planner that follows the order of actions as specified in the adversary profile. However, you can use other planners, or build other planners, that use more advanced decision logic.

We have put out some posts of planners we have made in previous years as examples:

An external contributor also recently created a plugin that also has an advanced planner: https://medium.com/@mitrecaldera/emulating-complete-realistic-cyber-attack-chains-with-the-new-caldera-bounty-hunter-plugin-196e6fa44663