Registration Coming Soon: If you are interested in registering for SharkFest'21 Virtual US, please complete the Interest Form and we will email you once registration is live

Note: All Pre-Conference Class Registrants receive free SharkFest conference registration.

Pre-recorded sessions will only be available to conference registrants.

Registration Fees Early Bird (Valid through July 11th) Standard (Valid July 12th)
SharkFest Conference Only (Sep 16-17) $145 $195
Pre-Conference Class I: Network Analysis and TCP Deep Dive with Wireshark (Sep 12-13) $745 $795
Pre-Conference Class II: Next Generation Protocols & Advanced Network Analysis (Sep 14) $445 $495
Pre-Conference Class III: Analyzing Pcaps Faster with Filters (Sep 15) $445 $495
Pre-Conference Class I + Pre-Conference Class II $1,190 $1,290
Pre-Conference Class I + Pre-Conference Class III $1,290 $1,290
Pre-Conference Class II + Pre-Conference Class III $890 $990
All Pre-Conference Classes $1,685 $1,785
What's the Schedule? September 16-17: Keynotes, Sessions, Developer Den, CTF challenge
Location Online
Dates September 12-17, 2021
Price $195 for the conference ($145 before July 12)
Payment Methods Payment for SharkFest is by credit card.
SHARKFEST CONFERENCE CANCELLATION POLICY
14 days or more before the SharkFest’21 Virtual US Conference start date Full Refund minus $100 Administration Fee
Less than 14 days before the SharkFest’21 Virtual US Conference start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected]

Course Description Whether you are a network engineer, developer, or have a focus in cybersecurity, Wireshark should be one of the most important tools in your arsenal. In today’s complex network landscape, everyone from Ethical Hackers to help desk should learn how to comfortably dig through trace files and isolate problems at the packet level.

In this course we will use a TON of hands-on exercises to learn tips, tricks and best practices with Wireshark. You will gain comfort with digging through packet traces, whether your goal is analyzing a network problem, speeding up a slow application, or investigating a security breach.

TThe concepts in this course will prepare beginners to get the most out of the Sharkfest sessions that will follow during the conference, as well as refresh and sharpen the shredding skills of seasoned analysts.
Course Outline
Day 1
Troubleshooting with the Wireshark Analyzer
  • • How and where to capture packets
  • • Developing a Troubleshooting workflow
  • • Setting up Wireshark
  • • Filtering for the traffic that matters
  • • Configuring Profiles and Coloring Rules
  • • Visualizing traffic with Wireshark graphs
  • • Analyzing core network protocols such as ARP, IP, ICMP, UDP, DNS, and DHCP
Day 2 TCP Deep Dive, TLS Decryption
  • • The Handshake
  • • TCP Options
  • • How TCP Windows work and Window Scaling
  • • SACK
  • • TCP Congestion Algorithms
  • • TCP Stream Graphs
  • • Building Filters for Common TCP Issues
  • • Troubleshooting Retransmissions
Who Should Attend: Network technicians, network engineers, security specialists and application developers who are at the beginning stages of packet analysis, or who have some comfort in the field but would like to pick up new tips and learn TCP to a deeper level.
Dates & Time Sep 12-13, 2021, 9am - 5pm
Location Online
Instructor Chris Greer
Price $795 for the Pre-Conference Class I ($745 before July 12)
Payment Methods Payment is by credit card.
CANCELLATION POLICY
14 days or more before the class start date Full Refund minus $100 administrative fee
Less than 14 days before the class start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected]

Instructor Betty BuBois
Date Sep 14th, 2021
Location Online
Price $495 for the Pre-Conference Class ($445 before July 12)
Payment Methods Payment is by credit card.
Class Title Filtering and analyzing packets with Wireshark: A scenario based approach
Description You've just been brought into the bridge call. They want you to "do a capture" and see if you can analyze the issue. You grabbed a million packets. Now you have two goals:

1.) Find the 6 packets that actually matter given the situation.
2.) Interpret what those 6 mean.

Knowing the right filters will achieve goal one. Laser focusing on the remaining packets helps with goal 2. We'll use the most common troubleshooting and security scenarios to teach core Wireshark techniques. Be ready with the latest version of Wireshark installed so you can hone your filtering and analyzing skills.
Outline Scenarios:

Latency (It's not the network)
Latency (Darn! It is the network)
Broken App
Sudden|Unexpected disconnects
Ransomware
Threat Hunting

Wireshark Skills:

Examine Capture and Display filter syntax
Save both Capture and Display filters
Determine the most efficient filter methods, especially when working with large data sets
Classify which protocols and fields would be applicable to each scenario
Investigate how a host responds to a negative answer
Review application flows for deviations from expected steps
Validate versions and settings negotiations for common protocols
Translate Suricata Rules and Zeek Signatures into Wireshark filters
Who Should Attend This course is at an intermediate level. It will move quickly between scenarios, so attendees should be comfortable with the following tasks: setting up Wireshark, capturing, adding columns, changing color rules and the basics of TCP/IP. After this course, you will become more efficient and confident analyzing pcaps with Wireshark. Network engineers, network analysts, application developers, cybersecurity analysts and security engineers would get the most benefit from this course.
CANCELLATION POLICY
14 days or more before the Pre-Conference Class start date Full Refund minus €100 administrative fee
Less than 14 days before the Pre-Conference Class start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected]

Course Description The applications of today depend more and more on secure communication channels. For most internet applications the TLS protocol (still mostly referred to as SSL) is providing the secure channel to communicate over. To be able to troubleshoot problems with Applications that use (mutual) TLS, one must understand how TLS sessions are set up, how certificates and certificate authorities come into play and how you can look inside the encrypted traffic to analyse the (cleartext) application data. In this session you will gain a better understanding of the operation of the TLS protocol and more importantly, you will learn how to troubleshoot TLS based communications when things don't work as expected.
Course Outline
  • TLS fundamentals
  • • Why TLS (and what happened to SSL)?
  • • Cryptology 101
  • • Understanding The TLS protocol
  • • The TLSv1.2 handshake
  • • The TLSv1.3 handshake
  • • Troubleshooting TLS handshakes
  • • LAB exercises
  • TLS continued
  • • Understanding mutual TLS (Authentication based on TLS client certificates)
  • • Understanding TLS session resumption
  • • Analysing encrypted application data (without decrypting it)
  • • Setting up a configuration profile for TLS analysis
  • • LAB exercises
  • Decrypting TLS traffic
  • • Decryption based on the private key of the server
  • • When will this work and when won't it work
  • • Decryption based on the TLS session keys
  • • When will this work and when won't it work
  • • how to get TLS session keys
  • • LAB exercises
Who Should Attend: Network technicians, network engineers, cybersecurity analysts, security engineers and application developers who are at the beginning to intermediate stages of packet analysis. The course will be focused on core concepts around Wireshark, helping attendees become more efficient and confident analyzing trace files.
Dates & Time Sep 15, 2021, 9am - 5pm
Location Online
Instructor Sake Blok
Price $495 for the TLS Troubleshooting Class ($445 before July 12)
Payment Methods Payment is by credit card.
CANCELLATION POLICY
14 days or more before the class start date Full Refund minus $100 Administration Fee
Less than 14 days before the class start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected] On-site substitutions may be allowed if the substituting attendee provides a written request from the original attendee.

×