CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

The emergence of large language models and generative AI has transformed the cyber‑threat ecosystem. Threat actors can now leverage these tools to scan networks, generate exploit code, and craft convincing phishing content at unprecedented speed. As a result, the traditional weeks‑long window between vulnerability disclosure and exploitation is collapsing, prompting regulators like CERT‑In to tighten patching timelines. By mandating a 12‑hour window for critical internet‑exposed flaws, the agency aims to outpace AI‑driven attack automation and reduce the attack surface before adversaries can weaponize a weakness.

Beyond rapid patching, CERT‑In’s blueprint stresses a holistic security posture. Zero‑trust architecture, continuous verification, and least‑privilege access are highlighted as foundational controls to limit lateral movement once a breach occurs. Defense‑in‑depth layering—spanning network segmentation, API gateways, and secure‑by‑design development—helps mitigate the risk of AI‑generated exploits that bypass single‑point defenses. The agency also calls for robust governance of AI systems, including visibility into model pipelines, SBOM adoption, and regular red‑team exercises to validate resilience against evolving, autonomous threats.

For enterprises, the practical takeaway is clear: adopt continuous, risk‑based vulnerability management and integrate AI‑specific safeguards into existing security frameworks. Organizations should automate detection and remediation workflows, maintain up‑to‑date software inventories, and apply temporary mitigations—such as isolation or WAF rules—when patches are unavailable. By aligning with CERT‑In’s timelines and embedding AI‑aware controls, businesses can better protect critical assets, preserve operational continuity, and stay ahead of a threat landscape where AI accelerates both the scale and speed of cyber attacks.