MTA-CSVisibility: public
When to Use
Mandatory before any testing or security operations begin on client systems.
Primary Use
VAPT, security audits, managed security monitoring, and incident response engagements.
Key Clauses
- →Explicit written authorization requirement for lawful testing
- →No exfiltration/no modification/no unauthorized retention controls
- →CVSS v3.1 aligned severity and reporting methodology
- →Critical vulnerability immediate disclosure and retest cycle
Governing Laws
Information Technology Act, 2000 (Sections 43 & 66)IT Rules, 2011DPDPA, 2023Indian Contract Act, 1872
Companion Agreements
MTA-NDA