Building on nearly a decade of development, not-for-profit organization MITRE is contributing Caldera to the Apache Incubator as Apache Caldera (Incubating). Developed by MITRE with support from the National Science Foundation, Caldera’s transition to the Apache Software Foundation (ASF) is intended to expand collaboration across the global cybersecurity and open-source communities, increase platform adoption, and support long-term sustainability through vendor-neutral governance.
Caldera is an open-source cybersecurity platform for automated adversary emulation, meaning it simulates real-world cyber attack behaviors so organizations can test, validate, and improve their defenses. It is built on the MITRE ATT&CK framework and is widely used for red teaming, purple teaming, security validation, and cyber research.
“This next phase for Caldera reflects MITRE’s approach to innovation: develop impactful capabilities, prove them through operational use, and enable them to scale through open collaboration,” said Mark Perry, Caldera lead and principal cybersecurity engineer, MITRE. “ASF governance enables Caldera to continue growing as a global cybersecurity resource while MITRE remains actively involved in its development and direction.”
The ASF’s acceptance of Caldera into the Apache Incubator highlights MITRE’s role in transforming federally funded innovation into scalable, community-driven capabilities that strengthen cybersecurity for both government and the broader industry ecosystem.
Apache Caldera (Incubating) introduces a new governance and collaboration model for the open-source core platform while preserving MITRE’s active involvement and Caldera’s mission. The open-source core of Caldera has moved to ASF infrastructure and will now operate under The ASF’s transparent, merit-based governance model, expanding opportunities for collaboration and contribution across the global cybersecurity community. Public repositories, documentation, and release processes will transition to ASF-hosted resources, with existing MITRE-hosted resources redirecting users to their new locations.
MITRE remains actively involved through ongoing technical leadership, long-term stewardship supporting the project’s sustainability, and governance contributions. Caldera’s mission of advancing open, ATT&CK-aligned adversary emulation remains unchanged, as do MITRE’s sponsor-focused capabilities, sensitive research efforts, advanced integrations, and plugin development, which will continue to be maintained within protected MITRE-managed environments.
