Why 12 Hours? Because AI Doesn’t Sleep
The core problem CERT-In is responding to isn’t new — it’s the same old vulnerability lifecycle. What’s changed is the speed at which threat actors can now run it.
With LLMs handling attack surface discovery, exploit analysis, phishing content generation, and even malware creation, adversaries can compress what used to take days into hours. CERT-In put it plainly: AI-assisted exploitation reduces the time to identify, weaponize, and exploit vulnerabilities across exposed services, weak identities, insecure APIs, and misconfigured systems.
The implication is uncomfortable but clear. If attackers can automate the offensive cycle, defenders can no longer afford to treat patching as a scheduled maintenance task.
The Full Remediation Ladder
The 12-hour rule is the headline, but CERT-In’s blueprint lays out a tiered patching schedule worth bookmarking.
| Vulnerability Type | Remediation Window |
|---|---|
| Known exploited — internet-facing systems | 12 hours (where feasible) |
| Critical externally exposed vulnerabilities | Within 1 day |
| Known exploited — internal systems | Within 1 day (unless mitigations documented) |
| Critical internal — high-value systems | Within 3 days |
| High-severity vulnerabilities | Within 5 days (risk-prioritized) |
When no patch exists yet, CERT-In recommends isolation, access restriction, WAF and API protection, enhanced monitoring, or feature disablement as interim measures. Waiting is not listed as an option.
AI Systems Are Both the Tool and the Target
Here’s the part that often gets buried in the coverage: AI-enabled systems aren’t just being used to attack — they’re also being attacked.
CERT-In explicitly flags prompt injection, data leakage, jailbreaking, model manipulation, training data poisoning, model theft, and orchestration pipeline compromises as live threat vectors. Organizations deploying AI tools internally need to treat those systems with the same scrutiny they apply to any other piece of critical infrastructure.
Building AI into your stack without securing it is essentially adding a new attack surface and handing adversaries a map.
The Defensive Principles Behind the Mandate
The blueprint doesn’t stop at patching timelines. CERT-In outlines a broader posture shift that reads like a checklist for anyone serious about resilience in an AI-accelerated threat environment.
The highlights:
- Assume breach. Prepare for rapid detection, containment, and recovery — not just prevention.
- Zero Trust. Continuous verification and least-privilege access, enforced consistently.
- Defense in depth. Layered controls that eliminate single points of failure.
- Secure by design. Embed security into systems, applications, and AI workflows from the start.
- Supply chain hygiene. Use SBOMs, provenance validation, and third-party assessments to reduce risk from external dependencies and AI models.
- AI governance. Formal mechanisms for overseeing how AI systems are deployed and behave.
- Continuous testing. Red teaming, penetration testing, and independent audits — not one-time exercises.
None of these are new ideas. The difference is that CERT-In is now framing them as non-negotiable responses to an AI-accelerated threat landscape, not aspirational best practices.
Context: This Follows a Frontier AI Warning
This blueprint arrives roughly a month after CERT-In issued a separate advisory flagging the dual-use nature of frontier AI models from Anthropic and OpenAI. The agency warned that these models lower the barrier to entry for malicious actors and can accelerate attack execution, automate exploitation workflows, and scale cyber campaigns.
The pattern is clear. CERT-In isn’t reacting to a single incident — it’s building a regulatory posture that anticipates AI-driven threats becoming the norm, not the exception.
What This Means If You’re Building or Buying AI Tools
For founders and teams shipping software with internet-facing components, the 12-hour window reframes vulnerability management as a product concern, not just an ops concern. Patch pipelines need to be fast enough to meet that bar.
For organizations evaluating AI tools, CERT-In’s framework is a useful lens. Ask vendors how they handle prompt injection risks, model integrity, and supply chain provenance. “We use AI” is no longer a differentiator. “We secure our AI” is.
The window between discovery and exploitation is closing. CERT-In just made that official — and put a number on it.
Comments (0) No comments yet
Want to join this discussion? Login or Register.
No comments yet. Be the first to share your thoughts!