Protect your enterprise and prevent security vulnerabilities with Ardent Security. This program proactively prevents security vulnerabilities before they occur through system scans and updates.
How Does the Ardent Security Program Work?
4 Simple Steps
1. TAI conducts quarterly software tests for vulnerabilities
2. Ardent Subscribers get notified of new available updates
3. Available updates will be added to the 'Current Ardent Updates' section below.
4. To get the updade click 'SUBMIT A REQUEST' beside current upgrade
Current Ardent Updates
Posting Date: July 15, 2017Update Title: TAI .NET Update to address SQL Injection and Cross-Site Scripting
Release Number: 3.4.6402.19373
Distribution Date: July 12, 2017 11:45:56 AM
CLICK TO REQUEST CURRENT UPDATE
Description: This update addresses several security vulnerabilities in the online screens of the .NET version of the TAI Life Reinsurance System. Notably SQL Injection and Cross-Site Scripting. This was addressed on all of the screens in the system, making this update rather large as it modified every screen in the system.
This is the first TAI Ardent Security Update, so if you have not applied an update in the last year, this update will also address OS Command Injection, Script/Code Injection, Open Redirection, Cross-site Request Forgery (CSRF), and Frameable Response/Clickjacking.
If you have not used your testing environment in a while, always make sure the region is accessible and working before applying the update. That way you are not trying to resolve problems that existed before the update was applied.
Because of the size of this update, TAI will be doing some internal validation of your client specific environment before you can apply this update. When the update is requested, a follow up email will be sent containing the regression testing outline TAI performed against the base system. You will then be added to the queue for the update to be applied to your environment at our office and a validation done of any client specific fields. This may take several weeks depending upon the volume of interest in the update.
Once testing is complete and the environment is approved, an email will be sent with the credentials to access the update and apply it to your Test/Dev/Model environment. TAI recommends you follow your internal acceptance testing protocols before promoting the software to your Production environment. More information can be found in the regression testing document you will receive when you request the update via Ardent.
Ardent FAQ
The security updates are not mandatory, but they are proprietary. We do highly recommend the updates for our clients to prevent security vulnerabilities.
Our base system will be tested quarterly. If any vulnerabilities are found, updates will be made and tested. Once testing is complete, the updates will be added to the page to be made available to our clients.
Simply request a download by clicking the button below the update and filling out the form with information.
Yes, you can sign up for our TAI Ardent Security Update Notifications to be sent future communication of updates. You also have the option to do so when you submit a request for an update.
If you have not used your testing environment in a while, always make sure the region is accessible and working before applying the update. That way you are not trying to resolve problems that existed before the update was applied.
A testing document will be distributed with your request that outlines the regression testing performed by TAI. It is the recommendation of TAI that you follow your typical software regression testing protocol, which should include any on-line client-specific modifications you have (functionality and screen/fields). The security updates do not always affect cycles, but as noted, if your typical validation of software includes batch cycle testing, it’s recommended that you follow your internal procedures.
If you would like this update applied to your client specific environment at TAI, have TAI test your system, and return you a full client specific software update instead of applying generic update, just contact TAI for an SOW to outline what is involved in having us do the testing for you.
The TAI Ardent Security Updates can be applied to any release (2.x or 3.x) of the .NET version of the TAI Life Reinsurance System.