SAS Purchases Teragram

Monday, SAS announced that it had purchased Teragram, a privately held natural language processing (NLP) company, for an undisclosed sum.  Teragram is now a SAS company meaning that the Teragram brand will be maintained.  Its solutions and OEM business will be retained. 

A good move for SAS

This acquisition is a good move for SAS for a number of reasons.  First, SAS had partnered with Inxight to supply text analytics software components for its text mining solution and, of course, Inxight has been acquired by Business Objects (and subsequently SAP).  It was just a matter of time before SAS would have to replace these capabilities and Teragram is a logical choice because of its NLP technology.   More importantly, in my discussion with SAS and Teragram about the acquisition, it was clear that the purchase is more than just a move to replace technology components.  The purchase is actually quite strategic in nature.  Teragram technology can be used to enhance rather than simply replace existing capabilities.  

Structured and Unstructured Data are Not Separate Domains

 SAS’s strategy is to use both structured and unstructured data in analysis and to integrate it for descriptive and predictive modeling.  The company’s aim is to provide users with a seamless deployment of predictive model results and improve the consistency and accuracy of enterprise intelligence. 

The folks at SAS believe that structured and unstructured data have typically been viewed as two separate silos that can be joined together and then analyzed. Traditionally, unstructured data is the realm content management systems; structured data is the realm of BI.  SAS believes that both of these data sources should be brought together earlier in the analysis process and utilized as a joint asset.  Unstructured information can be categorized and indexed and even extracted and integrated more intelligently.  This approach makes a lot of sense to me and Teragram has technology to help make this happen.  

While a primary focus of the acquisition is to more seamlessly integrate structured and unstructured data into BI, SAS also mentioned a few other exciting concepts during our discussion.

  • SAS hopes to use Teragram’s NLP capabilities to make BI more pervasive.  For example, by combining “SAS business intelligence, data integration and advanced analytics with Teragram’s NLP technologies to deliver answers to search queries in seconds”.  This appears to be an extension of the Teragram Direct Answers solution.
  • Mobile BI
  • Real time alerting

 And we shouldn’t forget that Teragram will also provide SAS with a much needed search capability.  I’m definitely looking forward to hearing more about integration and roll-out plans in the near future.

  

Database Activity Monitoring

Data makes the world go ‘round and a lot of this critical data resides in databases.  This is why it is important to monitor database activity in order to prevent attacks and invasions. 

I recently had an interesting discussion with Rani Osnat, VP of Marketing at Sentrigo Software about its database monitoring product called Hedgehog and its recently announced 2.0 release.  For those of you who aren’t familiar with Sentrigo, it is an Israeli/US based company, founded in 2006, that focuses on real time database activity monitoring and intrusion prevention.  The company released its first product, Hedgehog 1.0 in 2007. 

Here’s how it works

 Hedgehog samples and monitors transactions using data that in the database cache. It uses the cache to minimize performance issues.  The software utilizes rules that act on certain parameters such as time of day, day of week, IP addresses, etc.  All of the parameters can be combined in Boolean conditions and operators such as “includes”, “does not include”, “between” (for a range of values), as well as AND, OR, NOT and nested expressions using parentheses.  For example, a simple rule might be something like this: 

If  <certain user type> accesses <Credit Card Table> at <non-working hours> then terminate. 

Rules can be developed by administrators using a wizard-based interface.  Hedgehog also comes with a series of built in rules called Virtual Patches, that provide rules to detect and prevent vulnerabilities in databases as they become known.  Sentrigo maintains a team of security professionals that research and track these issues and provide the patches that act as a band-aid until the database vendor issues their own patches.  These updates are distributed continually.  

In release 2.0, the company provides:

  • Support for Microsoft SQL Server in addition to already supported Oracle (with Sybase and DB2 to follow). 
  • Hedgehog IDentifier – a patent-pending technology that allows positive user identification in n-tier environments by attaching tags with IDs for every transaction.  This means, if 1000 people are using SAP finance in a pooled manner, but connect through a super-user in database, Hedgehog can identify the individual user.
  • Compliance templates- which guide users through the process of translating requirements into rules for monitoring compliance in support of PCI DSS, Sarbannes Oxley, and SAS 70. 

Get Proactive

 I have had a number of conversations with database administrators in the past and I was frankly surprised that some of these administrators seemed to be more reactive than proactive in regard to monitoring their database(s).    Many seem to be driven by compliance mandates, rather than taking a proactive approach to intrusion detection and prevention.  Companies need to think through their entire data security strategy which includes attacks on data from inside and outside the organization.  Perhaps attacks such as those that we’ve all read about in the past year and the addition of new mandates have opened their eyes.      

Follow

Get every new post delivered to your Inbox.

Join 1,190 other followers