CERT-In Empaneled
For Cyber Security Services

Eventus as CERT-IN empaneled meets rigorous standards to offer a comprehensive range of services - including vulnerability assessment, penetration testing, security auditing, incident readiness and response.

ContactUs

”Cyber security incidents mandatorily to be reported by service providers, intermediaries, data centres, body corporate and Government organisations to CERT-In within 6 hours”

How Eventus SOC helps with CERT-In Directive

The Indian Computer Emergency Response Team (CERT-In) issued new instructions on April 28, 2022, requiring that any cybersecurity problems be reported to CERT-In no later than six hours after the incident is identified. This new guidance will assist enterprises in improving their cybersecurity posture, enhancing the protection of vital national infrastructure, preventing reputational damage from cyberattacks, and avoiding service interruptions.

Breach Attack Simulation

To get ready for what's coming up, use simulations to evaluate the efficiency of their controls and procedures and pinpoint any holes.

Incident Response

To effectively drive protection, containment, and remediation efforts, organisations must investigate and react to cyber occurrences that influence their environment.

Attack Surface Managaement

To lessen the risk of exposure to cyber threats, organisations could identify risks, test quickly, and manage the remedy of vulnerabilities found in their environment.

Threat Intelligence

To provide better insight into the changing danger landscape, organisations may choose to use cutting-edge market products and trustworthy intelligence.

Threat Detection And Response

Based on a centralised picture of network activity, businesses can identify threats, look into them, and take action.

Threat Hunting and Investigation

To keep safe, watchful, and resistant to any incoming attacks, it is crucial to actively look for sophisticated threats that escape detection by traditional security procedures.

CERT-In Directive

The following must be followed by organisations in accordance with the CERT-In directives:

All of their information and communication technology (ICT) systems should have logs enabled.

Logs must be kept for 180 days.

Report any eligible cybersecurity incidents to CERT-In within six hours.

Report events using the appropriate phrasing

Utilize the Network Time Protocol from the National Informatics Centre to synchronise time.

Establish a SPOC for this activity and provide CERT-In with their contact information.

Make sure that cloud service providers, VPN providers, and VPS providers keep proper records for 5 years.

Reportable types of cyber security events

Targeted network/system probing of crucial systems

Compromise of important systems or data

Unauthorized use of computer systems and data

Website vandalism, intrusion, and unauthorised alterations, including the insertion of malicious code and links to other websites.

Malicious code attacks, including the dissemination of viruses, worms, trojan horses, bots, spyware, ransomware, and crypto miners

Attacks on network devices such routers and servers such as those hosting databases, mail, and DNS

Attacks involving spoofing, phishing, and identity theft

Attacks that cause a denial of service (DoS) or distributed denial of service (DDoS)

Attacks against operational technological systems, wireless networks, and vital infrastructure

Attacks against online services like e-government and e-commerce, etc.

Data breaches

Data leaks

Attacks on Internet of Things (IoT) devices and the networks, systems, software, and servers that support them

Accidents or assaults targeting electronic payment systems

Attacks made possible by nefarious smartphone apps

Phoney mobile apps

Accessing social media accounts without authorization

Attacks on cloud computing systems, servers, software, or apps, or other malicious or suspicious activity

Attacks or nefarious/suspicious activity affecting Big Data, blockchain, virtual assets, virtual asset exchanges, custodial wallets, robotics, 3D and 4D printing, additive manufacturing, or other systems, servers, networks, software, or applications

Attacks or nefarious/suspicious activity affecting AI and ML-related servers, software, and apps.