The team from the Indian Institutes of Technology (IITs) has given the green signal to the Central Board of Secondary Education’s (CBSE) evaluation portal following security concerns and attempted cyberattacks, news agency ANI reported.

This comes after concerns were raised over vulnerabilities discovered in the Board’s digital systems. Earlier reports indicated that the launch of CBSE’s Post-Result Activities (PRA) portal had been delayed after experts from two IITs identified several high-risk security flaws.

An IIT panel member told ANI that CBSE chose not to use the Coempt EduTeck platform, which was previously used for the On-Screen Marking (OSM) system. Instead, student and examination data were transferred to infrastructure managed directly by the Board.

“While the new system retains functionalities similar to the earlier platform, several security enhancements have been incorporated to strengthen data protection and address vulnerabilities identified during the review process,” an IIT panel member added.

A member of the IIT review panel said the Coempt EduTeck portal contained several security vulnerabilities that could have exposed sensitive data and records. According to the expert, there were multiple potential pathways through which information could have been accessed.

The updated re-evaluation platform has been equipped with additional security measures aimed at reducing such risks and improving the protection of examination-related data.

The changes were introduced after concerns emerged regarding the platform’s cybersecurity, and reports surfaced of attempted attacks targeting the system.

IIT Kanpur and IIT Madras step in

In response to the security concerns, CBSE enlisted experts from IIT Kanpur and IIT Madras to assess the platform and recommend improvements.

An official told ANI that IIT Kanpur’s cybersecurity team spent more than 10 days examining and strengthening two critical systems — the CBSE registration portal and the OSM re-evaluation platform.

Data shared by the Board showed that by 4 June, it had received 70,433 requests through its post-result grievance redressal process.

Of these, 7,314 applications were related to verification of marks, while 63,119 were submitted for re-evaluation.

The news agency, citing sources, said all answer-sheet records and related examination data have now been migrated to servers directly managed by CBSE.

The move is intended to provide the Board with greater control over both security and operational management.

Earlier on Friday, CBSE revealed that its re-evaluation system had come under significant cyberattacks.

Among the incidents was a Denial-of-Service (DoS) attack on June 3 involving nearly 3.8 million packets. Despite the scale of the attack, the Board said its security measures successfully countered the threat.

CBSE added that services related to verification of marks, access to answer books and re-evaluation continued to function without disruption.