Has anyone observed significant changes in the responsiveness or scope of advisories from the Indian Computer Emergency Response Team (CERT-In) over the past year? In particular, I am interested in how recent policy updates or partnerships may have impacted incident reporting, vulnerability disclosure, or collaboration with private sector organizations. Additionally, what has been the community’s experience with the compliance requirements introduced under the new cybersecurity directions issued by CERT-In in April 2022?
Any insights on best practices for integrating CERT-In threat intelligence feeds or handling the new log retention guidelines would also be appreciated.