You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am working with Caldera and trying to set it up in such a way that when a device connects to my system, I can automatically run operations through Caldera to identify its vulnerabilities. My goal is to extract and display the weaknesses of the device in a JSON report or any other suitable format. However, I have encountered a challenge.
The Caldera operation reports provide details on the steps and TTPs (Tactics, Techniques, and Procedures) used during an operation but do not directly indicate the vulnerabilities or weaknesses of the system. This has left me unsure of how to proceed.
Here are my questions:
Am I missing any configuration or setup in Caldera that would allow it to directly report the vulnerabilities or weaknesses of the connected device?
Should I focus on a specific adversary profile to simulate targeted attacks and generate vulnerability reports, or is it better to aggregate multiple adversary profiles into a single profile and run operations that way?
Any guidance or suggestions on how to achieve my goal would be greatly appreciated.
Thank you in advance!
The text was updated successfully, but these errors were encountered:
Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/
@Salman17546 its not overtly supported in Caldera. And Caldera is NOT a vulnerability scanner, just to be clear. Caldera executes TTPs/abilities as they are defined in the adversary. You would need to build TTPs/abilities that are looking for vulnerabilities, and then run those as an adversary.
Hello,
I am working with Caldera and trying to set it up in such a way that when a device connects to my system, I can automatically run operations through Caldera to identify its vulnerabilities. My goal is to extract and display the weaknesses of the device in a JSON report or any other suitable format. However, I have encountered a challenge.
The Caldera operation reports provide details on the steps and TTPs (Tactics, Techniques, and Procedures) used during an operation but do not directly indicate the vulnerabilities or weaknesses of the system. This has left me unsure of how to proceed.
Here are my questions:
Am I missing any configuration or setup in Caldera that would allow it to directly report the vulnerabilities or weaknesses of the connected device?
Should I focus on a specific adversary profile to simulate targeted attacks and generate vulnerability reports, or is it better to aggregate multiple adversary profiles into a single profile and run operations that way?
Any guidance or suggestions on how to achieve my goal would be greatly appreciated.
Thank you in advance!
The text was updated successfully, but these errors were encountered: