Security Brigade – A CERT-In Empanelled Security Auditor

Since 2008, we’ve been recognized as a CERT-In empanelled IT Security Auditor, a testament to our deep-rooted expertise in conducting comprehensive Information Security Audits.

As a CERT-In Empanelled Security Auditor, we help customers comply with a wide range of Indian Compliance  Standards and Regulatory Requirements. These include:

  1. RBI Cyber Security Compliance
  2. CERT-IN Website Security Audit & Certification
  3. System Audit Report for Data Localization (SAR)
  4. UIDAI – AUA KUA Compliance Security Audit
  5. ISNP Security Audit
  6. SEBI Cyber Security and Cyber Resilience Framework
  7. VSCC Certificate for SBI – Vendor Site Compliance Certificate

Our status as a CERT-In empanelled auditor reflects our proficiency and qualifications in scrutinizing the security of websites, networks, and applications. We take immense pride in our ability to navigate the intricate landscapes of cyber security, ensuring that every audit we conduct aligns seamlessly with the rigorous CERT-In Guidelines.

About CERT-In

CERT-In, the Indian Computer Emergency Response Team, established under MEITY, CERT-In is like a digital fortress safeguarding India’s cyber ecosystem.

CERT-In’s Role and Responsibilities

At its core, CERT-In is tasked with enhancing the security of India’s Internet domain. It’s a mammoth task that involves responding to cyber incidents, spreading awareness about cyber security, and issuing guidelines and advisories on prevailing cyber threats.

CERT-In’s role is not just reactive; it’s also about proactive preparation. Through its comprehensive guidelines and frameworks, it aids organizations in fortifying their cyber defences. Adhering to these standards is not just about compliance; it’s about building a resilient and robust digital infrastructure.

CERT-In Security Audit Empanelment Process

The Indian Computer Emergency Response Team (CERT-In) is a national initiative to tackle emerging challenges in the area of information security and country-level security risks and vulnerabilities incidents as and when they happen.

In its effort to create a qualified panel of Security Auditing organization, Cert-In has adopted a stringent process to evaluate the participants. This is to verify the participating organization’s technical knowledge and skill to perform an Information security audit.

The certification process involves an online practical test and conducting real-world Vulnerability Assessment and Penetration Testing on a web-server hosted by CERT-In. To be successful you need to identify at least 90% of the vulnerabilities present on the web-server.

Speak To Our Experts


First Name*

Last Name*

Work Email*

Company*

Mobile*

Client Speak

Juby P - Botree Software
{In an age where cyber threats constantly evolve, having a trusted ally like Security Brigade is essential. The Security Brigade team consistently delivered well-structured reports that spotlighted critical vulnerabilities and potential security weaknesses. These reports were accompanied by actionable recommendations, allowing our teams to prioritize and rectify issues efficiently. Professionalism, responsive, and depth of expertise well appreciated, and we are happy to have engaged Security Brigade as our VAPT provider.
Juby Pappachan
Senior Manager - InfoSec, Botree Software
Gobinda Chandra Patra - ISIT Consultants
{We started working with Security Brigade as a cost effective solution for doing VAPT for applications and networks for our customers. But we have developed a great partnership with Security Brigade over the last 6+ years. They treat our customers as their own customers and provide solutions and do the activities as per agreed terms and sometimes even they don’t mind going beyond and deliver to customer. We will be happy to continue working with them and refer others as well.
Gobinda Chandra Patra
CEO and Co-Founder, ISIT Consultants
Peter Theobald Author Of Cybersecurity Demystified
{I have been using Security Brigade services for the past fourteen years. In my role as leading the cybersecurity Initiative at multiple national system integrators in India, I have worked with them to provide VA/PT, External Attack Surface Management, and Red Teaming services to large corporate customers. In each case they have met or exceeded expectations resulting in repeat business. I have no hesitation recommending their services for quality conscious customers wanting to enhance their security posture.
Peter Theobald, A.C.A
Cybersecurity Industry Veteran, Author of Cybersecurity Demystified

CERT-In Empanelled Security Certificate

CERT-In Empanelled Security Audit Certificate

CERT-In and Compliance Standards

While CERT-In compliance is a regulatory requirement for many organizations, its benefits extend far beyond just ticking a box. It’s about building a resilient, secure, and trustworthy digital environment for your organization.

In India, various sectors are increasingly recognizing the importance of adhering to CERT-In guidelines. For instance, the banking sector, under the directives of the Reserve Bank of India (RBI), often requires financial institutions to conduct regular cyber security audits by CERT-In empanelled auditors. This ensures that banks are not just safeguarding their financial assets but also protecting sensitive customer data against cyber threats.

Similarly, the Information Technology Act, 2000, and its amendments lay down specific provisions for data protection and security, indirectly necessitating CERT-In compliance for IT companies and service providers. In the realm of healthcare, with the rising digitization of medical records, compliance with CERT-In standards is becoming crucial for protecting patient data, aligning with guidelines under the Digital Information Security in Healthcare Act (DISHA).

Furthermore, companies dealing with critical infrastructure, such as power and telecommunications, are also mandated to align with CERT-In’s security protocols, as outlined by respective regulatory authorities like the Telecom Regulatory Authority of India (TRAI). This ensures the integrity and security of essential services that form the backbone of the nation’s economy and daily functioning.

For enterprises operating globally, complying with CERT-In standards often complements international regulations like the General Data Protection Regulation (GDPR) of the European Union, enhancing their global cybersecurity posture and reputation.

In essence, CERT-In Cyber Security Audits and Certificates play a pivotal role across various sectors, providing a framework for organizations to secure their digital infrastructure while meeting both national and international regulatory requirements. As these standards continue to evolve, staying abreast and compliant with CERT-In guidelines becomes not just a regulatory necessity but a strategic advantage in the global digital arena.

CERT-IN Website Security Audit & Certification

As a CERT-In Empanelled Security Auditor, we carry out a comprehensive security audit of your website, network & applications as per the CERT-In Guidelines for IT Security Audits. Once the audit is completed successfully and all the requirements have been fulfilled, we issue a certification in-line with CERT-In