Dear Apache Incubator Community,
My name is Mark Perry, and I’m reaching out to introduce a project we would like to propose for incubation: Caldera, an open-source adversary emulation platform developed by MITRE and currently hosted at https://github.com/mitre/caldera/. Caldera helps security teams automate and simulate real-world attacker behaviors in enterprise environments, with the goal of validating and improving detection, response, and defense capabilities. The framework supports both red and purple team workflows and is built around a plugin-driven architecture that makes it highly extensible for the community. While there are many tools in the security testing ecosystem, Caldera fills a unique space: * Automation-first adversary emulation: Caldera was built from the ground up to simulate end-to-end attacker campaigns with minimal human intervention — supporting continuous validation in SOC and detection engineering workflows. * Highly extensible plugin system: Community-driven plugins allow Caldera to emulate a broad range of adversary behaviors across IT and OT environments, and to integrate with internal tools and data pipelines. * Trusted and actively used: Caldera has been adopted by security teams across industry, government, and research. It is currently maintained by MITRE and has support from organizations using it in production for detection validation. * Focused on accessibility: Many adversary emulation platforms require deep expertise or costly commercial licenses. Caldera lowers that barrier — making realistic threat simulation more accessible to internal security teams and the open-source community. We believe Caldera aligns well with the ASF’s mission of open development and collaborative governance. As part of preparing our proposal, I’m reaching out to this list to: * Introduce the project to the community * Request initial feedback on suitability for incubation * Seek a Champion and Mentors who are willing to help guide us through the incubation process We’re excited about the opportunity to bring Caldera into the Apache community and would deeply value any guidance or interest from members who might be willing to support us. Please let me know if there’s interest in discussing further or if there are additional steps we should take at this stage. V/R --- Mark Perry Lead Applied CyberSecurity Engineer Defensive Cyber Operations (L511) Office (703) 983-7322 [signature_4231769529] [signature_374093419]
