As a CERT-In Empanelled Security Auditor, we help customers by carrying out a comprehensive Website Security Audit and help them achieve CERT-In Certification for the websites.

A Security Certificate from a CERT-In Empanelled Security Auditor is required by a wide range of Indian Compliance Standards and Regulatory Requirements. These include:

  1. RBI Cyber Security Compliance
  2. CERT-IN Website Security Audit & Certification
  3. System Audit Report for Data Localization (SAR)
  4. UIDAI – AUA KUA Compliance Security Audit
  5. ISNP Security Audit
  6. SEBI Cyber Security and Cyber Resilience Framework
  7. VSCC Certificate for SBI – Vendor Site Compliance Certificate

From CERT-IN Website Security Audit to Certification

The journey to CERT-IN certification involves a comprehensive audit process that scrutinizes every nook and cranny of your digital infrastructure.

  • Initial Assessment: A bird’s eye view of your current security posture.
  • In-Depth Analysis: Delving deeper into your website’s architecture and data handling processes.
  • Vulnerability Assessment: Identifying potential weaknesses and areas for improvement.
  • Reporting: A detailed report outlining findings and recommendations.
  • Re-Testing & Certification: Final round of testing to verify all fixes, and issuing the CERT-In Website Security Certificate.

CERT-In Security Audit Baseline Requirements

CERT-In has provided a set of Baseline Requirements to serve as the minimum-security assurance baseline
expected across the Cyber Information Infrastructure of organisations and form the criterion for conduct of Cyber Security Audits.

The key sections of these baseline security controls include:

  1. Management
  2. Protection
  3. Detection
  4. Response
  5. Recovery
  6. Lesson Learnt & Improvements

Speak To Our Experts

First Name*

Last Name*

Work Email*



Client Speak

Juby P - Botree Software
{In an age where cyber threats constantly evolve, having a trusted ally like Security Brigade is essential. The Security Brigade team consistently delivered well-structured reports that spotlighted critical vulnerabilities and potential security weaknesses. These reports were accompanied by actionable recommendations, allowing our teams to prioritize and rectify issues efficiently. Professionalism, responsive, and depth of expertise well appreciated, and we are happy to have engaged Security Brigade as our VAPT provider.
Juby Pappachan
Senior Manager - InfoSec, Botree Software
Gobinda Chandra Patra - ISIT Consultants
{We started working with Security Brigade as a cost effective solution for doing VAPT for applications and networks for our customers. But we have developed a great partnership with Security Brigade over the last 6+ years. They treat our customers as their own customers and provide solutions and do the activities as per agreed terms and sometimes even they don’t mind going beyond and deliver to customer. We will be happy to continue working with them and refer others as well.
Gobinda Chandra Patra
CEO and Co-Founder, ISIT Consultants
Peter Theobald Author Of Cybersecurity Demystified
{I have been using Security Brigade services for the past fourteen years. In my role as leading the cybersecurity Initiative at multiple national system integrators in India, I have worked with them to provide VA/PT, External Attack Surface Management, and Red Teaming services to large corporate customers. In each case they have met or exceeded expectations resulting in repeat business. I have no hesitation recommending their services for quality conscious customers wanting to enhance their security posture.
Peter Theobald, A.C.A
Cybersecurity Industry Veteran, Author of Cybersecurity Demystified

CERT-IN Website Security Audit Certificate

CERT-In Empanelled Website Security Audit Certificate

CERT-In Empanelled Security Auditor

Security Brigade has been a CERT-In empanelled IT Security Auditor since 2008 and conducted thousands of assessments for Government Departments, IT Companies, BFSIs, etc across the last 18 years.