In the fields of information technology (IT) and systems management, IT operations analytics (ITOA) is an approach or method to retrieve, analyze, and report data for IT operations. ITOA may apply big data analytics to large datasets to produce business insights. In 2014, Gartner predicted its use might increase revenue or reduce costs. By 2017, it predicted that 15% of enterprises will use IT operations analytics technologies. == Definition == IT operations analytics (ITOA) (also known as advanced operational analytics, or IT data analytics) technologies are primarily used to discover complex patterns in high volumes of often "noisy" IT system availability and performance data. Forrester Research defined IT analytics as "The use of mathematical algorithms and other innovations to extract meaningful information from the sea of raw data collected by management and monitoring technologies." Note, ITOA is different than AIOps, which focuses on applying artificial intelligence and machine learning to the applications of ITOA. == History == Operations research as a discipline emerged from the Second World War to improve military efficiency and decision-making on the battlefield. However, only with the emergence of machine learning tech in the early 2000s could an artificially intelligent operational analytics platform actually begin to engage in the high-level pattern recognition that could adequately serve business needs. A critical catalyst towards ITOA development was the rise of Google, which pioneered a predictive analytics model that represented the first attempt to read into patterns of human behavior on the Internet. IT specialists then applied predictive analytics to the IT Industry, coming forward with platforms that can sift through data to generate insights without the need for human intervention. Due to the mainstream embrace of cloud computing and the increasing desire for businesses to adopt more big data practices, the ITOA industry has grown significantly since 2010. A 2016 ExtraHop survey of large and mid-size corporations indicates that 65 percent of the businesses surveyed will seek to integrate their data silos either this year or the next. The current goals of ITOA platforms are to improve the accuracy of their APM services, facilitate better integration with the data, and to enhance their predictive analytics capabilities. == Applications == ITOA systems tend to be used by IT operations teams, and Gartner describes seven applications of ITOA systems: Root cause analysis: The models, structures and pattern descriptions of IT infrastructure or application stack being monitored can help users pinpoint fine-grained and previously unknown root causes of overall system behavior pathologies. Proactive control of service performance and availability: Predicts future system states and the impact of those states on performance. Problem assignment: Determines how problems may be resolved or, at least, direct the results of inferences to the most appropriate individuals, or communities in the enterprise for problem resolution. Service impact analysis: When multiple root causes are known, the analytics system's output is used to determine and rank the relative impact, so that resources can be devoted to correcting the fault in the most timely and cost-effective way possible. Complement best-of-breed technology: The models, structures and pattern descriptions of IT infrastructure or application stack being monitored are used to correct or extend the outputs of other discovery-oriented tools to improve the fidelity of information used in operational tasks (e.g., service dependency maps, application runtime architecture topologies, network topologies). Real time application behavior learning: Learns & correlates the behavior of Application based on user pattern and underlying Infrastructure on various application patterns, create metrics of such correlated patterns and store it for further analysis. Dynamically baselines threshold: Learns behavior of Infrastructure on various application user patterns and determines the Optimal behavior of the Infra and technological components, bench marks and baselines the low and high water mark for the specific environments and dynamically changes the bench mark baselines with the changing infra and user patterns without any manual intervention. == Types == In their Data Growth Demands a Single, Architected IT Operations Analytics Platform, Gartner Research describes five types of analytics technologies: Log analysis Unstructured text indexing, search and inference (UTISI) Topological analysis (TA) Multidimensional database search and analysis (MDSA) Complex operations event processing (COEP) Statistical pattern discovery and recognition (SPDR) == Tools and ITOA platforms == A number of vendors operate in the ITOA space:
Content Disarm and Reconstruction
Content Disarm and Reconstruction (CDR) is a computer security technology for removing potentially malicious code from files. Unlike malware analysis, CDR technology does not determine or detect malware's functionality but removes all file components that are not approved within the system's definitions and policies. It is used to prevent cyber security threats from entering a corporate network perimeter. Channels that CDR can be used to protect include email and website traffic. Advanced solutions can also provide similar protection on computer endpoints, or cloud email and file sharing services. There are three levels of CDR; 1) flattening and converting the original file to a PDF, 2) stripping active content while keeping the original file type, and 3) eliminating all file-borne risk while maintaining file type, integrity and active content. Beyond these three levels, there are also more advanced forms of CDR that is able to perform "soft conversion" and "hard conversion", based on the user's preference in balancing usability and security. == Applications == CDR works by processing all incoming files of an enterprise network, deconstructing them, and removing the elements that do not match the file type's standards or set policies. CDR technology then rebuilds the files into clean versions that can be sent on to end users as intended. Because CDR removes all potentially malicious code, it can be effective against zero-day vulnerabilities that rely on being an unknown threat that other security technologies would need to patch against to maintain protection. CDR can be used to prevent cyber threats from variety of sources: Email Data Diodes Web Browsers Endpoints File Servers FTP Cloud email or webmail programs SMB/CIFS Removable media scanning (CDR Kiosk) CDR can be applied to a variety of file formats including: Images Office documents PDF Audio/video file formats Archives HTML == Open source implementations == DocBleach ExeFilter
DaVinci (software)
DaVinci was a development tool produced by Incross, which aimed at creating HTML5 mobile applications and media content. It included a jQuery framework and a JavaScript library that enabled developers and designers to craft web applications designed for mobile devices with a user experience similar to native applications. Business applications, games, rich media content, such as HTML5 multi-media magazines, advertisements, and animation, may be produced with the tool. DaVinci was based on standard web technology – including HTML5, CSS3, and JavaScript. == Features == DaVinci comprised DaVinci Studio and DaVinci Animator, which handled application programming and UI design. The tool had a WYSIWYG authoring environment. Open-source libraries, such as KnockOut, JsRender/JsViews, Impress.js, and turn.js, were included in the tool. Other open-source frameworks could also be integrated. The Model View Controller (MVC) and Data Binding in JavaScript could be handled through DaVinci's Data-Set Editor. In this mode, view components and model data could be visually bound, which allowed users to create web applications with server-integrated UI components without coding. Additionally, DaVinci included an N-Screen editor, which automatically adjusted designs and functionalities to fit the screen sizes of various devices, including smartphones, tablet PCs, and TVs. == DaVinci and jQuery == In collaboration with the jQuery Foundation, DaVinci played a significant role in hosting the first jQuery conference in an Asian district, which took place on November 12, 2012, in Seoul, South Korea. The conference showcased how DaVinci could be utilized in application development demonstrations.
System appreciation
System appreciation is an activity often included in the maintenance phase of software engineering projects. Key deliverables from this phase include documentation that describes what the system does in terms of its functional features, and how it achieves those features in terms of its architecture and design. Software architecture recovery is often the first step within System appreciation.
AlternativeTo
AlternativeTo is a website which lists alternatives to web-based software, desktop computer software, and mobile apps, and sorts the alternatives by various criteria, including the number of registered users who have "Liked" each of them on AlternativeTo. Users can search the site to find better alternatives to an application they are using or previously have used, including free alternatives such as free web applications (cloud computing) which don't require any installation and can be accessed from any browser. == Differences == Unlike a number of other software directory websites, the software is not arranged into categories, but each individual piece of software has its own list of alternatives. However, users can also search by tag to find software, which offers an alternative way of finding related software. Users can also narrow their search by focusing on particular platforms and license types (such as "free for non-commercial use"). AlternativeTo lists basic information such as platform and license type at the top of each entry, but does not have comparison tables listing software features side by side. AlternativeTo does not host software for download but it provides links to official websites to where you can download or buy them. AlternativeTo allows anyone to register and suggest new alternatives, or to update the information held about existing entries. Suggestions and alterations are reviewed before being made publicly visible. Users can register using either email and password or OpenID. Login with Facebook has been discontinued. As AlternativeTo is itself a web application, it even has a page for alternatives to itself. == Features == Tweets from anyone mentioning particular pieces of software are also pulled in dynamically from Twitter. Each application has an RSS feed for notifying users of newly listed alternatives to that application. After a user has clicked the Like button next to an application, they are offered the opportunity to tell their friends on Facebook or their followers on Twitter that they liked it. The site also has a forum. For software developers, a JSON API used to be available, but has been taken down indefinitely.
Color science
Color science is the scientific study of color including lighting and optics; measurement of light and color; the physiology, psychophysics, and modeling of color vision; and color reproduction. It is the modern extension of traditional color theory. == Organizations == International Commission on Illumination (CIE) Illuminating Engineering Society (IES) Inter-Society Color Council (ISCC) Society for Imaging Science and Technology (IS&T) International Colour Association (AIC) Optica, formerly the Optical Society of America (OSA) The Colour Group Society of Dyers and Colourists (SDC) American Association of Textile Chemists and Colorists (AATCC) Association for Research in Vision and Ophthalmology (ARVO) ACM SIGGRAPH Vision Sciences Society (VSS) Council for Optical Radiation Measurements (CORM) == Journals == The preeminent scholarly journal publishing research papers in color science is Color Research and Application, started in 1975 by founding editor-in-chief Fred Billmeyer, along with Gunter Wyszecki, Michael Pointer and Rolf Kuehni, as a successor to the Journal of Colour (1964–1974). Previously most color science work had been split between journals with broader or partially overlapping focus such as the Journal of the Optical Society of America (JOSA), Photographic Science and Engineering (1957–1984), and the Journal of the Society of Dyers and Colourists (renamed Coloration Technology in 2001). Other journals where color science papers are published include the Journal of Imaging Science & Technology, the Journal of Perceptual Imaging, the Journal of the International Colour Association (JAIC), the Journal of the Color Science Association of Japan, Applied Optics, and the Journal of Vision. == Conferences == Congress of the International Color Association IS&T Color and Imaging Conference (CIC) SIGGRAPH International Symposium for Color Science and Art == Selected books == Berns, Roy S. (2019). Billmeyer and Saltzman's Principles of Color Technology (4th ed.). Wiley. doi:10.1002/9781119367314. 3rd ed. (2000). Daw, Nigel (2012). How Vision Works: The Physiological Mechanisms Behind What We See. Oxford. doi:10.1093/acprof:oso/9780199751617.001.0001. Elliot, Andrew J.; Fairchild, Mark D.; Franklin, Anna, eds. (2015). Handbook of Color Psychology. Cambridge. doi:10.1017/CBO9781107337930. Fairchild, Mark D. (2013). Color Appearance Models (3rd ed.). Wiley. doi:10.1002/9781118653128. Author's website. 2nd ed. (2005). Hunt, Robert W. G. (2004). The Reproduction of Colour (6th ed.). Wiley. doi:10.1002/0470024275. Kuehni, Rolf G. (2012). Color: An Introduction to Practice and Principles (3rd ed.). Wiley. doi:10.1002/9781118533567. 1st ed. (1997). Luo, Ming R., ed. (2016). Encyclopedia of Color Science and Technology. Springer. doi:10.1007/978-1-4419-8071-7. MacAdam, David L., ed. (1970). Sources of Color Science. MIT Press. Reinhard, Erik; Khan, Erum Arif; Akyuz, Ahmet Oguz; Johnson, Garrett (2008). Color Imaging: Fundamentals and Applications. CRC Press. doi:10.1201/b10637. Schanda, János, ed. (2007). Colorimetry: Understanding the CIE System. Wiley. doi:10.1002/9780470175637. Shamey, Renzo; Kuehni, Rolf G. (2020). Pioneers of Color Science. Springer. doi:10.1007/978-3-319-30811-1. Wyszecki, Günter; Stiles, Walter S. (1982). Color Science: Concepts and Methods, Quantitative Data and Formulae (2nd ed.). Wiley.
FedRAMP
The Federal Risk and Authorization Management Program (FedRAMP) is a United States federal government-wide compliance program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The US government describes FedRAMP as FISMA for the cloud. == Overview == The FedRAMP PMO mission is to promote the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment. Per the OMB memorandum, any cloud services that hold federal data must be FedRAMP authorized. FedRAMP prescribes the security requirements and processes that cloud service providers must follow in order for the government to use their service. There are two ways to authorize a cloud service through FedRAMP: a Joint Authorization Board (JAB) provisional authorization (P-ATO), and through individual agencies. FedRAMP provides accreditation for cloud services for the various cloud offering models which are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service, (SaaS). == History == In 2011, the Office of Management and Budget (OMB) released a memorandum establishing FedRAMP "to provide a cost-effective, risk-based approach for the adoption and use of cloud services to Executive departments and agencies." The General Services Administration (GSA) established the FedRAMP Program Management Office (PMO) in June 2012. Before the introduction of FedRAMP, individual federal agencies managed their own assessment methodologies following guidance set by the Federal Information Security Management Act of 2002. == Governance and applicable laws == FedRAMP is governed by different Executive Branch entities that collaborate to develop, manage, and operate the program. These entities include: The Office of Management and Budget (OMB): The governing body that issued the FedRAMP policy memo, which defines the key requirements and capabilities of the program The Joint Authorization Board (JAB): The primary governance and decision-making body for FedRAMP comprises the chief information officers (CIOs) from the Department of Homeland Security (DHS), General Services Administration (GSA), and Department of Defense (DOD) The National Institute of Standards and Technology (NIST): Advises FedRAMP on FISMA compliance requirements and assists in developing the standards for the accreditation of independent 3PAOs The Department of Homeland Security (DHS): Manages the FedRAMP continuous monitoring strategy including data feed criteria, reporting structure, threat notification coordination, and incident response The Federal Chief Information Officers (CIO) Council: Disseminates FedRAMP information to Federal CIOs and other representatives through cross-agency communications and events The FedRAMP PMO: Established within GSA and responsible for the development of the FedRAMP program, including the management of day-to-day operations There are several laws, mandates, and policies that are foundational to FedRAMP. FISMA–the Federal Information Security Modernization Act–requires that agencies authorize the information systems that they use. The US government describes FedRAMP as FISMA for the cloud. The FedRAMP Policy Memo requires federal agencies to use FedRAMP when assessing, authorizing, and continuously monitoring cloud services in order to aid agencies in the authorization process as well as save government resources and eliminate duplicative efforts. FedRAMP's security baselines are derived from NIST SP 800-53 (as revised) with a set of control enhancements that pertain to the unique security requirements of cloud computing. == Third-party assessment organizations == Third-party assessment organizations (3PAOs) play a critical role in the FedRAMP security assessment process, as they are the independent assessment organizations that verify cloud providers' security implementations and provide the overall risk posture of a cloud environment for a security authorization decision. Accredited by the American Association for Laboratory Accreditation (A2LA), these assessment organizations must demonstrate independence and the technical competence required to test security implementations and collect representative evidence. == FedRAMP Marketplace == The FedRAMP Marketplace provides a searchable, sortable database of Cloud Service Offerings (CSOs) that have achieved a FedRAMP designation. 3PAOs, accredited auditors that can perform the FedRAMP assessment, are listed within the Marketplace. The FedRAMP Marketplace is maintained by the FedRAMP Program Management Office (PMO). == Security and authorization concerns == A 2026 ProPublica investigation found that FedRAMP entered into a partnership with Microsoft despite considerable concerns about the security of its cloud technology.