Good afternoon everybody! Sorry for missing both Friday's and yesterdays bits posts. My Friday was spent working with Habitat for Humanity on a new home for a deserving family. It was a great experience and I heartily recommend it as time well spent. Yesterday was just too busy 
Anyway, here are today's, and a few from this weekend, Interesting Information Security Bits from around the web.
- A new version of OffVis is available along with a training video.
Security Research & Defense : OffVis updated, Office file format training video created
Tags: ( tools microsoft office ) - Here is an interesting adaption of "The Joel Test."
Matasano Security LLC - Chargen - The Joel Test: 12 Steps To Better IT Management
Tags: ( general ) - A great article from Russel. This one contains some tips for building an Information Security Risk Scorecard.
12 Tips for Designing an InfoSec Risk Scorecard (its harder than it looks) << The New School of Information Security
Tags: ( scorecard risk ) - This is a very interesting article about backups and virtualization strategies. A very import part of your strategy needs to be, How are you going to deal with backups?
The Side Effects of Backup on Server Virtualization - Backup & Beyond
Tags: ( virtualization backup ) - The latest version of the SANS Top Cyber Security Risks report is out.
SANS: The Top Cyber Security Risks
Tags: ( risks ) - Here is a nice article with some questions to ask when considering the implementation of an identity management solutions. (Hat Tip: http://securityblog.typepad.com)
12 questions to ask before implementing an identity management system -- Government Computer News
Tags: ( identity-management ) - The Security Twits bus is off on another adventure as it gathers up a bunch to twits and heads to SecTor. Let Jack know if you want to be picked up
Uncommon Sense Security: Security Twits Road Trip III, the SecTorBus
Tags: ( conferences security-twits ) - Rsnake has a whole pile of HTTP headers for you to play with should you want to. I bet some interesting things can be found out.
Half a Million HTTP Headers ha.ckers.org web application security lab
Tags: ( data ) - An entirely virtual security conference is taking place on November 6th-8th. Very cool. What's even better is that all CFPs are being accepted.
SecurityTubeCon - Democratizing Hacker Cons
Tags: ( conference cfp securitytube ) - Want to setup some motion sensors to tweet activity? Ax0n shows us how.
HiR Information Report: Gustav, the hackerspace twitter-bot
Tags: ( hardware-hacking ) - SynJunkie took a short break from his CCNA studies (good posts in that series too) to give a post about using Fgdump, John the Ripper and Powershell together to do some nifty scripted password auditing.
Syn: Password Auditing with Fgdump, John the Ripper & PowerShell
Tags: ( passwords cracking ) - Russel has an interesting challenge for us. I know a few in academia that might enjoy this conversation.
This Friday is "Take an Academic Friend to Work Day" << The New School of Information Security
Tags: ( general )
That's it for today. Have fun!
Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.
Kevin