IBM Advances Big Data Analytics with Acquisition of Vivisimo

IBM two weeks ago announced a definitive agreement to acquire Vivisimo, a leading provider of federated discovery and navigation software that helps organizations access and analyze big data across the enterprise. Vivisimo is a privately held company based in Pittsburgh, Pennsylvania. Financial terms were not disclosed.

Vivisimo software excels in capturing and delivering quality information across the broadest range of data sources, no matter what format it is, or where it resides. The software automates the discovery of data and helps employees navigate it with a single view across the enterprise, providing valuable insights that drive better decision-making for solving all operational challenges.

This news accelerates IBM’s big data analytics initiatives with advanced federated capabilities allowing organizations to access, navigate, and analyze the full variety, velocity and volume of structured and unstructured data without having to move it.

The combination of IBM’s big data analytics capabilities with Vivisimo software will further IBM’s efforts to automate the flow of data into business analytics applications, helping clients better understand consumer behavior, manage customer churn and network performance, detect fraud in real-time, and perform data-intensive marketing campaigns.

“Navigating big data to uncover the right information is a key challenge for all industries,” said Arvind Krishna, general manager, Information Management, IBM Software Group. “The winners in the era of big data will be those who unlock their information assets to drive innovation, make real-time decisions, and gain actionable insights to be more competitive.”

“Businesses need a faster and more accurate way to discover and navigate big data for analysis” said John Kealey, Chief Executive Officer, Vivisimo. “As part of IBM, we can bring clients the quickest and most accurate access to information necessary to drive growth initiatives that increase customer satisfaction, streamline processes, and boost sales.”

IBM estimates 2.5 quintillion bytes of data are created every day from a variety of sources including sensors, social media, and billions of mobile devices around the world, making it difficult for businesses to navigate and analyze it to improve competitiveness, efficiency, and profitability. IDC estimates the market for big data technology and services will grow at an annual rate of nearly 40 percent to reach $16.9 billion by 2015.

Vivisimo brings over a decade of experience and innovation in data navigation and visualization technologies for both structured and unstructured data, making it easier for business users to get value from all of their data and content. Vivisimo’s ability to index and search data across multiple repositories is a distinguishing capability, applicable to all industries and clients.

Vivisimo has more than 140 customers in industries such as government, life sciences, manufacturing, electronics, consumer goods and financial services. Clients include Airbus, U.S. Air Force, Social Security Administration, Defense Intelligence Agency, U.S. Navy, Procter & Gamble, Bupa, and LexisNexis among others. Upon the closing of the acquisition, approximately 120 Vivisimo employees will join IBM’s Software Group. IBM will incorporate Vivisimo technology into its big data platform.

IBM Expands Partner Ecosystem for Big Data Platform

IBM is unique in having developed an enterprise big data platform that allows clients to manage, access, and gain intelligence on the full variety, velocity and volume of structured and unstructured data.

IBM’s big data platform is based on open source Apache Hadoop. The platform makes it easier for data-intensive applications to manage and analyze petabytes of big data by providing clients with an integrated approach to analytics, helping them turn information into insights for improved business outcomes.

The platform provides clients with the industry’s broadest array of advanced business analytics, Hadoop-based analytics, stream computing, data warehousing, integration, visualization, systems management, governance, and consulting services.

IBM’s approach to big data challenges is differentiated as it blends traditional data management technologies that are well suited for structured, repeatable tasks, together with complementary new technologies that address speed and flexibility, and are ideal for data exploration, discovery and unstructured analysis.

IBM is expanding its big data platform to run on other distributions of Hadoop, beginning with Cloudera. Cloudera is a top contributor to the Hadoop development community, and an early provider of Hadoop-based systems to clients across a broad range of industries including financial services, government, telecommunications, media, retail, energy and healthcare. As a result, Cloudera Hadoop clients can now take advantage of IBM’s big data platform to perform complex analytics and build a new generation of software applications.

IBM has the industry’s broadest portfolio of big data capabilities with software, hardware, services, and innovations developed by IBM Research such as the Watson system. Over 100 IBM Business Partners have adopted IBM’s big data platform, bringing a new class of solutions to market and extending the reach of IBM analytics offerings for clients.

For more information on IBM’s big data platform, visit ibm.com/bigdata.

For more information on Vivisimo, visit www.vivisimo.com.

About Vivisimo, Inc.

Vivisimo provides enterprises with information optimization solutions that help maximize the business value of information. Unlike traditional information management products, Vivisimo’s innovative solutions help end-users find and take advantage of all appropriate and available information, regardless of source, location or type. Vivisimo’s innovative technology is delivered with a focus on end-user satisfaction and application control through easy-to-use interfaces, flexible security management and a modern architecture that enables quick deployment. Vivisimo products are available as standalone information optimization applications or as OEM versions embedded within partner applications and solutions. Vivisimo serves its clients from headquarters in Pittsburgh, USA, and through partners around the world. Visit Vivisimo.com for more information and the Information Optimized Blog at informationoptimized.com.

Posted in Analytics, Big data, Enterprise Search, Frontpage, IBM, Press Releases | Tagged | Leave a comment

EMC Documentum IRM Server Multiple Denial of Service Vulnerabilities (Secunia Advisory SA48690)

Luigi Auriemma has reported multiple vulnerabilities in EMC Documentum IRM Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) A NULL pointer dereference error exists when processing version compatibility check requests and can be exploited to cause a crash.

2) An unspecified error exists when processing commands with an invalid ID and can be exploited to consume server resources.

3) A NULL pointer dereference error exists when processing commands after an invalid version compatibility check request has been sent and can be exploited to cause a crash.

The vulnerabilities are reported in versions 4.6.1.1995 and prior.

Solution

Restrict access to trusted hosts only.

Original Advisory
http://aluigi.altervista.org/adv/irm_1-adv.txt


Posted in EMC, Frontpage, Rights Management, Security alert | Tagged , , | Leave a comment

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability.

This week EMC published a new security advisory. This time the advisory is related to Documentum xPlore.

Affected products:

  • EMC Documentum xPlore 1.0 (all patch versions)
  • EMC Documentum xPlore 1.1 (all patch versions prior to 1.1 P07)
  • EMC Documentum xPlore 1.2 (all patch versions)

As reported in the advisory:

EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content.

Under specific circumstances, an authenticated user who does not have BROWSE permission on the object may be able to see the existence of or certain metadata on that object in a search result. However, the user will not be able to open the object or to look at property details for the object.

Resolution: The following EMC Documentum xPlore products contain resolutions to this issue:

  • EMC Documentum xPlore xPlore 1.1 P07
  • EMC Documentum xPlore 1.2 Hotfix for SRCH-7949

EMC strongly recommends all customers upgrade or install identified patches at the earliest opportunity. Documentum xPlore 1.1 patches can be found under the Documentum Content Server 6.7 directory.

 

Posted in ECM, EMC, Enterprise Search, Security alert | Tagged | Leave a comment

ESA-2012-009 – Security Alert on EMC Documentum: security patch ready

Today I verified that the security issue reported on this site and on many security related sites like SecurityFocus affects even Content Server 5.3 in addition to many 6.x systems.

I know the exploit and I think you have to upgrade or install patches if:

  1. your system are using one of the servers reported below:
      • Content Server 5.3
      • Content Server 6.0
      • Content Server 6.0 SP1
      • Content Server 6.5
      • Content Server 6.5 SP1
      • Content Server6.5 SP2 P01
      • Content Server6.5 SP3 P01
      •  Content Server6.6 SP2 P01
  2. there are active users with just Sysadmin privilege defined into the repository.

EMC did not release any patches for this security issue: EMC just strongly recommends content server upgrade to one of these servers:

  • Content Server 6.5 SP2 P02 or later
  • Content Server 6.5 SP3 P02 or later
  • Content Server 6.6 P02 or later
  • Content Server 6.7

If you cannot upgrade or if you do not want to upgrade your systems right now, I can help you: I created a patch that solve this security issue. Send an email to yuri.simione@artika.biz for more info about that.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability.

EMC Identifier: ESA-2012-009

EMC Identifier: CS-16072

EMC Identifier: CS-16073

CVE Identifier: CVE-2011-4144

Severity Rating: CVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)

Affected prodcuts:

EMC Documentum Content Server 6.0

EMC Documentum Content Server 6.5

EMC Documentum Content Server 6.6

Vulnerability Summary:

EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.

Vulnerability Details:

EMC Documentum Content Server contains a security vulnerability that may allow a system administrator to elevate their or other users? privileges to highest super user privileges without appropriate authorization. Refer to EMC Documentum Content Server documentation for information on Documentum Content Server user and group privileges.

Resolution:

The following EMC Documentum Content Serve products contain resolutions to this issue:

EMC Documentum Content Server 6.5 SP2 P02 and later

EMC Documentum Content Server 6.5 SP3 P02 and later

EMC Documentum Content Server 6.6 P02 and later

EMC strongly recommends all customers upgrade or install identified patches at the earliest opportunity.

Notes: EMC Documentum Content Server 6.7 and later is not affected by this issue.

Link to remedies:

Registered EMC Powerlink customers can download software from Powerlink: https://emc.subscribenet.com/control/dctm/product?plneID=3895. Download the appropriate version for your needs. Instructions for application and installation are included in the software download readme files or patch release notes.

Credits:

EMC would like to thank Yuri Simione for reporting this issue.

Because the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045.

Notes: For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.

Notes: EMC Corporation distributes EMC Security Advisories in order to bring to the attention of users of the affected EMC products important security information. EMC recommends all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall EMC or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

EMC Product Security Response Center

Security_Alert (at) EMC (dot) com [email concealed]

http://www.emc.com/contact-us/contact/product-security-response-center.h
tm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)

iEYEARECAAYFAk8pXeEACgkQtjd2rKp+ALw9YQCfSw618BaZVpoKPzDB6suTV7sQ
MmQAoMM53n9+Gd4NLlSiIivnZELGGAq5
=W/8g
-----END PGP SIGNATURE-----

Follow me on Linkedin  or on Twitter

Posted in ECM, EMC, Frontpage, Security alert | Tagged , , , , , , , | Leave a comment

EMC published a Security Alert on EMC Documentum: affected all content server versions from the 5.3 to the 6.6

As reported yesterday, EMC published a security advisory related to a privilege elevation vulnerability that I discovered some months ago.

The security advisory ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability does not explain the vulnerability in great detail. It is reported that

“EMC Documentum Content Server contains a security vulnerability that may allow a system administrator to elevate their or other users? privileges to highest super user privileges without appropriate authorization. Refer to EMC Documentum Content Server documentation for information on Documentum Content Server user and group privileges.”

(…)

EMC strongly recommends all customers upgrade or install identified patches at the earliest opportunity

I know the exploit and I think you have to upgrade or install patches if:

  1. your system are using one of the servers reported below:
      • Content Server 5.3
      • Content Server 6.0
      • Content Server 6.0 SP1
      • Content Server 6.5
      • Content Server 6.5 SP1
      • Content Server6.5 SP2 P01
      • Content Server6.5 SP3 P01
      •  Content Server6.6 SP2 P01
  2. there are active users with just Sysadmin privilege defined into the repository.

In these conditions you have to upgrade soon as possible your systems to one of these servers:

  • Content Server 6.5 SP2 P02 or later
  • Content Server 6.5 SP3 P02 or later
  • Content Server 6.6 P02 or later
  • Content Server 6.7

EMC did not release any patches for this security issue: EMC strongly recommends content server upgrade. There are some customers that cannot upgrade their systems due to upgrade costs (hardware and / or software upgrade, regression tests, etc). In other cases upgrade could not be completed just because customer did not pay yearly maintenance fee.

If you cannot upgrade or if you do not want to upgrade your systems right now, I can help you: I created a patch that solve this security problem. Send me an email to yuri.simione@artika.biz for more info about that.

Security advisory is reported on many sites like  http://www.securityfocus.com/archive/1/521449 or on PowerLink.

Follow me on Linkedin  or on Twitter

 

Posted in ECM, EMC, Frontpage, Security alert | Tagged , , , | Leave a comment

EMC Security Advisory on EMC Documentum 6.0, 6.5, 6.6

Today EMC will be publishing a security advisory related to a privilege elevation vulnerability that I discovered some months ago. I am particularly proud of my research because what discovered is the first security alert on EMC Documentum systems in, at least, 4 years. Me and my company, Next 2U Consulting, are actively involved on complex and secure implementations of Documentum systems.

The affected products are:

  • EMC Documentum Content Server 6.0
  • EMC Documentum Content Server 6.5
  • EMC Documentum Content Server 6.6

More info here.

Posted in ECM, EMC, Events, Frontpage, Security alert | Tagged , , , | Leave a comment

SDL Acquires Alterian

SDL plc (LSE: SDL; “SDL”), a leading provider of Global Information Management (GIM) solutions, today announces that it has completed the acquisition of Alterian plc (“Alterian”). SDL has acquired Alterian, a leader in marketing analytics, social media monitoring and campaign management, for a net cash consideration of £69.7 million.

The SDL Board believes the addition of Alterian’s integrated marketing platform capability will bring strong synergies and enhancements to SDL’s Global Information Management strategy that helps globalbusinesses engage with their customers in the language, the media and at the moment they choose. There is an excellent strategic fit in combining the marketing analytics, campaign management and social media capabilities from the Alterian product suite with that of SDL’s leading global Web Content Management, eCommerce and Structured Content capabilities.Mark Lancaster, Executive Chairman of SDL commented:

“Understanding what your customers are interested in by analysing what they are looking at, and for how long, is key in developing your web and customer engagement strategy. We already have best-of-breed web content management technology, user guidance content management technology and leading language technology. Adding Alterian’s marketing analytics, social media and campaign management technology will provide customers with a superb integrated solution for managing customer engagement and improving customer experience. We are very pleased to have completed this acquisition and look forward to working with Alterian employees, partners and customers.”   

SDL will be hosting a short conference call for sell-side analysts to give a high level overview of the acquisition of Alterian at 8.30am UK time on Monday 30 January 2012.

Posted in Press Releases, WCM | Tagged , | Leave a comment

Things and numbers from the EMC IIG Q4 2011 earnings release

Last week, EMC announced and published his Q4 2011 earning. I am interested on IIG (Information Intelligence Group) numbers: let’s see the year over year earning (data in thousands US$) :

From the earnings call transcript the board reported that:

(…) This quarter, our Information Intelligence Group made their core Documentum, Captiva and Document Sciences products available as a private cloud offering, using internally-developed VCUBE technology. They also demonstrated new Big Data use cases using their Documentum xCP technology. Revenue was roughly flat from Q4 a year ago as IIG caps a year of transition and stabilization of its product portfolio and operations.

(….) On top of this, we hold the leading position in the vast majority of these. As a result, we continue to expect our high-end storage and IIG business to grow in the range of 1% to 10%. We see our unified storage line, RSA and consulting, growing in the 10% to 19% range. And we expect our higher growth businesses, including VMware, Isilon, BRS and VCE, to remain on track for 20% or higher compound annual growth over the 4-year period.

What we can see is that product revenue is going down but professional services revenue is growing. Imho, I am supposing that EMC is selling his IIG software portfolio to big customers, the only ones that can pay for expensive services. I don’t have information about the average IIG Q4 / FY deal so I can only suppose that; I am supposing that OSS (Alfresco and others) are growing in market share, especially for little or medium deals (20.000 / 100.000 US$). For high end ecm applications, I think that EMC is still in a strong position.

If you look the graph, you can see that the product revenue trend is well defined. I think this (not good) trend will continue until EMC will release Documentum 7. I think that customers are really interested on a completely new platform from EMC, a platform that can manage big data and that can provide endless scalability like the announced NGIS, the Next Generation Information Server. I think that Documentum 7 will define just the short-term trend, maybe improving IIG product revenue: the long-term trend will be defined by the NGIS but EMC should define a clear roadmap about this software.

What is your point of view about EMC Documentum and Information Intelligence Group portfolio? Share your thoughts, posting a comments or linking this post to your blog.

Posted in ECM, EMC, Frontpage, Uncategorized | Tagged , , , , | Leave a comment

White Paper: EMC Documentum Content Server Load Balance and Failover

There is no documentation available for performing a complete load-balanced setup.
Use the information in this white paper (just for Powerlink registered users) to understand the complete procedure for
achieving load balance. The instructions in this white paper are intended to make the
Content Server load balance setup easy and quick to achieve, eliminating a lot of
confusion

This White Paper explains how load balancing is performed on Documentum Content Server and how users can set up two Content Servers for load balancing on two clean host machines. It is organized as a set of procedures that must be followed in the specified sequence.

EMC Powerlink

Posted in ECM, EMC, Frontpage | Tagged , , , , | Leave a comment

Ephesoft completes sale to leading financial services firm

Leading insurance firm selects Ephesoft to automate mailroom for insurance documents.

Ephesoft Inc., the leader in providing advanced cloud-ready capture solutions, today announced the sale of an enterprise class system to one of the top life insurance, annuity, and retirement savings firms in the US. The sale followed an exhaustive proof-of-concept exercise in which Ephesoft bested several competitors.

The insurer has $50B in assets, over 3000 employees, and 50 offices throughout the country. The company deals with many incoming documents and needed specific processing for certain forms. Specifically, the primary objective was to isolate client application forms from millions of different pages and then automatically redact confidential information on the applications. The seamless process speeds the delivery of documents for further processing while lowering labor costs. The solution accommodates emails with attachments through the same process as scanned documents. A custom redaction feature was developed by Ephesoft to shield confidential data. The customer selected Ephesoft for its architecture, scalability, and cost effectiveness. The solution is 100% browser-based and provides for load balancing, high availability, and disaster recovery.

The sale was orchestrated by Twinstar Inc. in Westminster, Colorado. Twinstar is a Platinum Ephesoft partner and very active throughout the Rockies. Gail Gaumond, VP of Sales and Marketing, saw the value of Ephesoft for her customers and commented “Our customers are more discriminating than in the past. They want true value for their money while still insisting on high quality software. We saw that Ephesoft was a perfect fit here and this successful project reinforced our sales efforts with Ephesoft.”

Don Field, CEO of Ephesoft, commented “This sale further solidifies Ephesoft’s position in the insurance sector of the financial services vertical. As this industry tightens its belt and examines its ongoing costs, we feel our business model and state-of-the-art software are well positioned to win new business.”

About Ephesoft: Ephesoft, Inc., based in Irvine, CA, has developed an intelligent document capture system designed to improve the automation of ‘electronic mailroom’ processes through classifying, sorting and separating incoming documents, and extracting pertinent information from these business documents for distribution and processing. Our mission is to have this technology available to enterprises of all sizes and enable them to process business documents efficiently and effectively in an integrated fashion. To learn more about Ephesoft, visit: http://www.ephesoft.com.

Posted in Data Capture, Frontpage, Open Source, Others, Press Releases | Tagged | Leave a comment