SEBI Issues Advisory On AI-Based Vulnerability Detection Risks, Sets Up cyber-suraksha.ai Task Force

On 5 May 2026, the Securities and Exchange Board of India (SEBI) issued an advisory on emerging advanced Artificial Intelligence (AI) tools for vulnerability detection.

SEBI stated that AI-driven vulnerability detection tools heighten risks for regulated entities by enabling rapid identification and possible exploitation of vulnerabilities, while also raising concerns around data confidentiality, application integrity, and reliability of outputs.

It observed that the interconnected nature of participants in the securities market ecosystem requires a coordinated approach to vulnerability management, information sharing, and monitoring to prevent cascading effects.

In this context, SEBI has constituted a task force, cyber-suraksha.ai, to examine AI-related cybersecurity risks, devise mitigation strategies, facilitate sharing of threat intelligence, and review the cybersecurity posture of third-party application service providers.

Based on the task force's consultations, SEBI has prescribed measures including timely patching of operating systems, regular vulnerability assessments, implementation of security safeguards, robust change management practices, strengthened API security, continuous monitoring through Security Operations Centre (SOC) mechanisms, and comprehensive risk assessment and system hardening.

SEBI clarified that the advisory must be read in conjunction with applicable circulars, including the Cyber Security and Cyber Resilience framework.