2025 UEN Tech Summit

In this session, we will explore how to effectively utilize the Adlumin platform and SOC. Additionally, we will highlight key features and solutions to enhance security operations.

In this session, we will provide a comprehensive demo of the Adlumin platform, showcasing how to maximize its capabilities. We will also explore additional N-able offerings and leave time for a Q&A session.

Cybersecurity isn't a one-size-fits-all solution; it's a mindset that must be integrated into every aspect of our digital environments. As school IT environments grow more complex, so do the potential threat vectors, which means protecting them requires a multi-faceted approach. Specifically, when it comes to school safety on digital systems, there are key considerations that can be applied to minimize threats.

Recent reports of breaches in the media have accelerated the importance of cybersecurity best practices. One such breach involved a company that provides services to public schools, where hackers gained access through the company’s support portal using valid credentials. These hackers were able to retrieve "all" historical student and teacher data stored in multiple school districts student information systems. The breach was attributed to the company's failure to implement a basic multi-factor authentication security measures on the affected system. Other reported breaches in other state school districts would have required a different protective measure. In one instance, unauthorized actors gained access to specific computer systems and obtained stored data files. A more effective protection method in this case would have been the implementation of an Endpoint Detection and Response (EDR) solution, which proactively monitors laptops and devices around the clock These are just two examples of different approaches to cybersecurity. There are 4 main elements to consider when protecting digital data. 1. Individual users. In this case, students, staff members and parents. That includes the user and their devices. 2. Systems that are built and controlled by our schools. These are generally managed by the school’s IT teams. 3. Supply chain and the systems that are provided by vendors. These can be cloud and SaaS type technology services. 4. Finally, the network connection that provides the pathway accessing either type of system that connects the users to these applications must be protected.

Threat Hunter Heff (& K-12 SOC Analyst Travis) bring their high energy, high velocity K-12 Threat Briefing back for another year. This threat briefing will share the latest K-12 threats, tactics, and bad guy insights from the past year.

By the end of Today's Threat Briefing you will: 1. Develop a better sense of the current K-12 threat landscape. 2. Gain insights on K-12 threats, threat actors, and patterns of attack 3. Receive valuable knowledge where to place your resources, efforts, and energy over the coming year.

In this session, you’ll explore how your network can act as the backbone of your school’s safety solution. We’ll break down the technology that powers a complete end-to-end panic button system, highlighting the critical roles both hardware and software play in creating a seamless and effective safety solution for schools.

During the 60 minutes we'll discuss the important pieces of a school safety solution to help comply with Alyssa's law. This will be done via discussion and powerpoint slides.

Learn how to pull reports remotely and gather information about a security incident or suspect behavior with almost no setup and a single mouse click.

You think your WINDOWS endpoint is infected, or suspect inappropriate behavior! Now what? Is it disconnected from the network? Is it safe to turn it back on? Let's find out with open source tools in this workshop. The first half we will dive into the file system. Go over some ways that attackers can infect end points, and learn how we can find indicators of compromise on a suspect system. In the second half, we will use some free and open source tools to complete a mini CTF using what we learned to find out if, how, and when we have been compromised in this Windows focused workshop.

Finding a budget for CyberSecurity can be hard. Leverage your prior CAPEX expenditures to gather AI training data and uncover your adversary with cheap honeypots.

In this lab we cover some honeypot research conducted at UVU which leveraged old hardware, unused ports, and open source software to create a low-stakes honeypot designed to reveal threat actors. Turn the tables while spending little. Gather AI training data about the latest attempts on your network. In this presentation, I will cover our cybersecurity research deployment in the UVU data center, which can be easily replicated in your environment. We discuss ways to fund such a project for next to nothing. We also talk about the tissue paradigm for this type of project that leverages existing equipment and free software, "If the software breaks or the hardware fails, so what?" I share data on attacks and how that can be converted into valuable intelligence for your production network. I also discuss how you can gather information that is useful to AI. Lastly, we talk about getting your entire site blacklisted by hackers so they don't even bother messing with your network. At the end, we will answer audience questions and explore custom use case scenarios, including scenarios that may benefit you if your firewall is managed by others or if you only have internal resources and need effective trip-wires.

This presentation delves into a seemingly innocuous detail about the small European nation of Andorra that can have significant implications for cybersecurity. We will explore an unexpected overlap between Andorra's unique digital identity and common network configurations, revealing a subtle vulnerability that penetration testers can exploit.