The National Stock Exchange of India Limited (NSE) on December 02, 2022, issued following directions regarding Submission of Vulnerability Assessment and Penetration Testing (VAPT) report.
- The detailed VAPT report along with summary of report needs to be uploaded as single document. The VAPT report shall be digitally signed by CERT-In empaneled entity as appointed by the Member for conducting the VAPT.
- All VAPT reports for FY2022-23 and onwards shall henceforth be submitted electronically on the interface
- Any gaps/vulnerabilities detected shall be remedied on immediate basis and compliance of closure of findings identified during VAPT shall be submitted to the Stock Exchanges within 3 months post the submission of final VAPT report.
- For any open vulnerabilities as reported & submitted in VAPT report, members are required to submit Compliance Report in the prescribed format, digitally signed by the CERT-In empaneled entity as appointed by the Member (on the letterhead of the CERT-In empaneled entity).