With the recent launch of Ardent, TAI's new security program, we've been receiving inquiries on how the program works, how to get recent updates and more. This FAQ blog was inspired by these inquiries. If you don't see the answer to your question, don't hesitate to reach out.
What is TAI Ardent?
This program proactively tests our software for vulnerabilities on a quarterly basis. If any vulnerabilities are detected, an update will be released here for clients to easily stay informed. Clients interested in the security update can submit a request.
What if no vulnerabilities are detected?
If no vulnerabilities are detected, no software update will be available, but an entry will be made to show the last time the system was tested.
Is Ardent mandatory for me as a TAI client?
The security updates are not mandatory, but they are proprietary. We do highly recommend the updates for our clients to prevent security vulnerabilities.
How often will updates be posted on the Ardent page?
Our base system will be tested quarterly. If any vulnerabilities are found, updates will be made and tested. Once testing is complete, the updates will be added to the page to be made available to our clients.
How can I get these security updates?
Simply request a download by clicking the button below the update and filling out the form with information.
Is there a way for me to stay informed of future updates so I don’t have to check the page?
Yes, you can sign up for our TAI Ardent Security Update Notifications to be sent future communication of updates. You also have the option to do so when you submit a request for an update.
If there is more than one security update available, will I need to submit a request for all of them?
No, each update will encompass all previous security updates. You will only have to submit a request for the most current update available.
What testing is required for these updates?
If you have not used your testing environment in a while, always make sure the region is accessible and working before applying the update. That way you are not trying to resolve problems that existed before the update was applied.
A testing document will be distributed with your request that outlines the regression testing performed by TAI. It is the recommendation of TAI that you follow your typical software regression testing protocol, which should include any on-line client-specific modifications you have (functionality and screen/fields). The SQL injection changes did not affect cycles, but as noted, if your typical validation of software includes batch cycle testing, it’s recommended that you follow your internal procedures.
Is a tested full software update of my client specific TAI System available?
If you would like this update applied to your client specific environment at TAI, have TAI test your system, and return you a full client specific software update instead of applying generic update, just contact TAI for an SOW to outline what is involved in having us do the testing for you.
Which version of TAI .NET are these updates compatible with?
The TAI Ardent Security Updates can be applied to any release (2.x or 3.x) of the .NET version of the TAI Life Reinsurance System.