2026 UEN Tech Summit

macOS ships with a powerful set of built-in security tools — but many admins never go beyond the basics. This session dives into macOS's built-in security utilities often overlooked by admins, giving you the practical knowledge to better protect the Macs in your organization. Learn how to leverage native macOS tools to diagnose security issues, audit system configurations, manage security settings, and automate security-related tasks.

TDIR stands for Threat Detection, Investigation, and Response. It is a comprehensive security approach that helps organizations assess risks, understand security incidents, and remediate threats quickly. TDIR capabilities enable security teams to detect threats, investigate incidents, and respond effectively to minimize impact. This term is an industry term that is being discussed across K12s and higher education. We will discuss the future of threat detection and how education can take advantage of these frameworks.

The SOC of the Future is envisioned as a resilient, AI-augmented security operations center that continuously monitors, detects, investigates, and responds to cybersecurity threats in real time. It leverages advanced technologies such as AI-powered threat detection, extended detection and response (XDR), and enhanced visibility across endpoints, IoT, and networks. Key capabilities include AI-driven threat detection and monitoring, AI-augmented incident triage and investigation, proactive threat hunting with AI hypotheses, AI-enriched threat intelligence, and automated incident response and remediation. The modern SOC integrates federated data management and analytics, enabling comprehensive asset visibility and risk mitigation while simplifying security operations through AI-assisted workflows. It unifies threat detection, investigation, and response (TDIR) workflows within a single platform, improving operational efficiency and reducing alert fatigue by up to 90% with risk-based alerting. The SOC of the Future also emphasizes collaboration across teams and tools, leveraging integrations with Cisco and third-party security products to protect the entire digital footprint. Automation and orchestration accelerate response times, with AI-guided investigations reducing case management time by 83% and enabling near-zero time to recovery from incidents such as ransomware attacks. The SOC continuously evolves through AI feedback loops and detection engineering, supported by comprehensive threat intelligence and compliance monitoring frameworks. Overall, the SOC of the Future combines human expertise with AI and automation to deliver faster, more accurate threat detection and response, ensuring digital resilience and reducing business risk in an increasingly complex threat landscape