Report an IncidentTalk to Sales

CERT-In Empaneled
For Cyber Security Services

Eventus as CERT-IN empaneled meets rigorous standards to offer a comprehensive range of services - including vulnerability assessment, penetration testing, security auditing, incident readiness and response.
Pie chart image
”Cyber security incidents mandatorily to be reported by service providers, intermediaries, data centres, body corporate and Government organisations to CERT-In within 6 hours”

How Eventus SOC helps with CERT-In Directive

The Indian Computer Emergency Response Team (CERT-In) issued new instructions on April 28, 2022, requiring that any cybersecurity problems be reported to CERT-In no later than six hours after the incident is identified. This new guidance will assist enterprises in improving their cybersecurity posture, enhancing the protection of vital national infrastructure, preventing reputational damage from cyberattacks, and avoiding service interruptions.
Breach Attack Simulation
To get ready for what's coming up, use simulations to evaluate the efficiency of their controls and procedures and pinpoint any holes.
Incident Response
To effectively drive protection, containment, and remediation efforts, organisations must investigate and react to cyber occurrences that influence their environment.
Attack Surface Managaement
To lessen the risk of exposure to cyber threats, organisations could identify risks, test quickly, and manage the remedy of vulnerabilities found in their environment.
Threat Intelligence
To provide better insight into the changing danger landscape, organisations may choose to use cutting-edge market products and trustworthy intelligence.
Threat Detection And Response
Based on a centralised picture of network activity, businesses can identify threats, look into them, and take action.
Threat Hunting and Investigation
To keep safe, watchful, and resistant to any incoming attacks, it is crucial to actively look for sophisticated threats that escape detection by traditional security procedures.

CERT-In Directive

The following must be followed by organisations in accordance with the CERT-In directives:
All of their information and communication technology (ICT) systems should have logs enabled.
Logs must be kept for 180 days.
Report any eligible cybersecurity incidents to CERT-In within six hours.
Report events using the appropriate phrasing
Utilize the Network Time Protocol from the National Informatics Centre to synchronise time.
Establish a SPOC for this activity and provide CERT-In with their contact information.
Make sure that cloud service providers, VPN providers, and VPS providers keep proper records for 5 years.

Reportable types of cyber security events

Targeted network/system probing of crucial systems
Compromise of important systems or data
Unauthorized use of computer systems and data
Website vandalism, intrusion, and unauthorised alterations, including the insertion of malicious code and links to other websites.
Malicious code attacks, including the dissemination of viruses, worms, trojan horses, bots, spyware, ransomware, and crypto miners
Attacks on network devices such routers and servers such as those hosting databases, mail, and DNS
Attacks involving spoofing, phishing, and identity theft
Attacks that cause a denial of service (DoS) or distributed denial of service (DDoS)
Attacks against operational technological systems, wireless networks, and vital infrastructure
Attacks against online services like e-government and e-commerce, etc.
Data breaches
Data leaks
Attacks on Internet of Things (IoT) devices and the networks, systems, software, and servers that support them
Accidents or assaults targeting electronic payment systems
Attacks made possible by nefarious smartphone apps
Phoney mobile apps
Accessing social media accounts without authorization
Attacks on cloud computing systems, servers, software, or apps, or other malicious or suspicious activity
Attacks or nefarious/suspicious activity affecting Big Data, blockchain, virtual assets, virtual asset exchanges, custodial wallets, robotics, 3D and 4D printing, additive manufacturing, or other systems, servers, networks, software, or applications
Attacks or nefarious/suspicious activity affecting AI and ML-related servers, software, and apps.

Why Eventus?

operator image
100+ Years of Security Consulting Experience
customer image
250+ Contented
Talk image
Watching & Professional Counsel
customer service image
Service Coverage 365 days a year
cyber security image
Provider of end-to-end cyber security services
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram