Last week I had a very great experience. We got a task to fix some vulnerability in the project.
The project was in a PHP Framework and the codebase was not compatible with the latest framework.
Our client used an online tool and got some vulnerability pointers which should be fixed. When we research more on a project we realize that this will be a temporary fix. And if we fixed it today (by updating some dependency ) it will surely create a problem after few months. So instead of thinking about the money we clearly told the scenario to our client and ask him to not waste the money on this temporary fix.
We also put some extra effort to create all research documents so that we can give him some proofs. When we discussed that with our client he was looking happy.
I generally heard about all the bad news about Indian IT companies and after all these incidents, I am more confident that we are moving in a right direction.