Cert-In Tests Indigenous AI Tools to Fix Cyber Vulnerabilities

TECHNOLOGY
Whalesbook Logo
AuthorKavya Nair|Published at:
Cert-In Tests Indigenous AI Tools to Fix Cyber Vulnerabilities

India's cybersecurity agency, Cert-In, is using open-source AI models to scan public sector systems for security gaps. The move follows a sharp rise in cyber attacks and limited access to advanced global AI models like Anthropic's Mythos. This initiative aims to strengthen national cyber defenses as the time to exploit software flaws has dropped to just 44 days.

The Indian Computer Emergency Response Team (Cert-In) has launched a proactive initiative to secure public sector digital infrastructure by deploying indigenous platforms powered by open-source artificial intelligence. This development comes as India faces significant challenges in accessing advanced global AI tools, such as Anthropic's Mythos, which are currently subject to restrictions due to international security concerns. By utilizing open-source models, Cert-In aims to replicate about 60% of the capabilities found in leading commercial AI tools, enabling agencies to identify and patch system flaws before they can be exploited by malicious actors.

Accelerating Threat Landscape

The urgency for this AI-driven approach is highlighted by the rapidly shortening window for cyber defense. While the time taken to exploit unknown vulnerabilities was roughly 745 days in the 2022 financial year, recent trends show this has compressed to only 44 days. This acceleration makes manual security audits increasingly insufficient. With cyber attacks in India nearly doubling to 2.9 million in the 2026 financial year, the government is prioritizing a more automated, real-time response framework.

Regulatory and Sovereign Focus

Beyond technical testing, the move aligns with the government's broader strategy to manage AI-related risks. Recent regulatory rollouts already include new frameworks for banks and strict policies aimed at curbing deepfakes. Cert-In is currently collaborating with major financial services firms to integrate these AI-driven vulnerability assessments. While India continues to invest in a multi-year AI Mission, the current reliance on open-source platforms serves as a bridge until more advanced, fully sovereign AI capabilities are fully developed.

For investors and market observers, this shift toward AI-based cybersecurity has clear implications. Enterprises are now facing stricter compliance requirements, as Cert-In holds the authority under the 2022 rules to penalize organizations that fail to report or address critical security gaps. The next phase for the agency will involve scaling these AI tests across a wider range of industries, meaning that public sector entities and banking institutions will likely see increased spending on security infrastructure and software updates to meet these new, more rigorous standards.

Disclaimer:This article is published for informational purposes only. While reasonable efforts are made to ensure accuracy, completeness, and timeliness, readers are encouraged to independently verify information before making any decisions based on the content. The views and information presented are subject to editorial review and may be updated without notice.