The Indian Computer Emergency Response Team (CERT-In) has published a 38-page CISG-2026-02 guideline that sets strict timelines for vulnerability remediation: known exploited vulnerabilities in internet-accessible systems must be remediated within 12 hours wherever feasible. The document is directly motivated by the growing threats stemming from attackers’ use of artificial intelligence tools and large language models to automate the discovery and exploitation of vulnerabilities. The guideline covers all organizations that rely on cloud infrastructure, software supply chains, operational technologies and AI-based platforms.
Key remediation timeline requirements
CERT-In introduces a differentiated set of patching timelines based on risk assessment. This is one of the most aggressive vulnerability management models among national CERT teams:
- Known exploited vulnerabilities in internet-facing and critical systems — 12 hours (where feasible)
- Critical vulnerabilities in external systems — 1 day
- Known exploited vulnerabilities in internal systems — 1 day (if no alternative mitigation measures are documented)
- Critical internal vulnerabilities in high-value systems — 3 days
- High-severity vulnerabilities — 5 days, based on risk prioritization
When a patch is not available, CERT-In recommends applying temporary measures: isolating affected systems, limiting access, protecting them via WAFs and API gateways, strengthening monitoring, or disabling vulnerable functionality until a fix is released.
Why 12 hours: the AI attack-acceleration factor
The rationale for such compressed timelines directly follows from CERT-In’s assessment of AI’s impact on the threat landscape. According to the guideline, “AI-powered cyber attacks reduce the time required for adversaries to discover, weaponise and exploit vulnerabilities, exposed services, weak credentials, insecure APIs and misconfigured systems.”
CERT-In highlights several ways adversaries use AI: attack surface reconnaissance, exploit analysis, generation of convincing phishing content and creation of malware. These capabilities are said to significantly shorten attack preparation cycles and help bypass traditional defenses. It is worth noting that the guideline does not provide specific quantitative data on the scale of such use; it discusses a trend that CERT-In considers mature enough to warrant a regulatory response.
A separate section of the guideline focuses on risks to AI systems themselves. CERT-In warns about threats such as prompt injection, data leakage, model jailbreaks, model manipulation, poisoning of training data, model theft and compromise of orchestration pipelines.
Defensive principles and architectural requirements
The guideline sets out a comprehensive defensive strategy that goes far beyond patch management:
- Assume breach — preparing for rapid detection, containment and recovery
- Zero Trust architecture — continuous verification and least privilege access
- Defense-in-depth — multi-layered controls to avoid single points of failure
- Secure-by-design — embedding security into systems, applications and AI workflows
- Supply chain risk management — through SBOM, provenance validation of components and dependency assessment, including for AI models
- Formal governance of AI systems — establishing mechanisms to control the use of AI and ensure visibility into their integrations and behavior
CERT-In also insists on regularly testing the effectiveness of defenses through penetration testing, vulnerability assessments, red team exercises and independent audits.
Context: earlier warning on frontier AI models
The guideline was issued a month after CERT-In released a separate advisory CIAD-2026-0020 on the cyber capabilities of frontier AI models from Anthropic and OpenAI. That document emphasized that the “dual-use nature” of these models can “lower the barrier to entry for adversaries and be leveraged to accelerate attack execution, automate exploitation workflows and scale cyber campaigns.” The new guideline is therefore a logical continuation of CERT-In’s systematic work to adapt the regulatory framework to the reality of AI-augmented threats.
Practical recommendations
For organizations that fall within the scope of the CERT-In guideline, the following steps are priorities:
- Audit all internet-facing systems and map them against catalogs of known exploited vulnerabilities. Ensure the ability to apply emergency patches within 12 hours.
- Implement continuous vulnerability management covering not only software defects but also configuration errors, insecure APIs, publicly exposed services and weak credentials.
- Develop temporary mitigation procedures for situations where no patch is available: WAF rule templates, isolation playbooks, procedures for disabling functionality.
- Assess AI-specific risks — inventory the models in use, check protections against prompt injection and data leakage, and ensure control over the AI component supply chain.
- Formalize AI governance — document policies for the use of AI systems and ensure monitoring of their integrations.
The CERT-In guideline sets a benchmark that is likely to influence regulatory expectations in other jurisdictions as well. Organizations should assess now whether they can sustain a 12-hour patching cycle for critical vulnerabilities — and if current processes do not allow this, start by automating vulnerability discovery and deployment of fixes on externally accessible systems.
