SharkFest'20 Virtual is sold out and the Waiting List is now closed.
There are a few seats available for the pre-conference classes. Register for one of these classes now!
Everyone registered for the Pre-Conference Classes will automatically receive SharkFest conference registration.


Pre-Conference Registration

Please note that SharkFest'20 Virtual pre-conference class and sessions times are Pacific Daylight Time.

Registration Fees Standard (Valid August 1st)
SharkFest Conference Only (Oct 15-16) FREE
Pre-Conference Class I: Troubleshooting w/ Wireshark - Core Skills (Oct 12-13) $795
Pre-Conference Class II: Wireshark Profiles - How to Analyze Trace Files Faster/Easier (Oct 14) $495
Pre-Conference Class III: SSL/TLS troubleshooting with Wireshark (Oct 14) $495
Pre-Conference Class I + Pre-Conference Class II $1,290
Pre-Conference Class I + Pre-Conference Class III $1,290
What's the Schedule? October 15th: Keynote, Sessions
October 16th: Keynote, Sessions
Location Online
Dates October 12-16, 2020
Price FREE
Course Description New to Wireshark? Feeling a little rusty? Want to pick up some new skills prior to SharkFest?

In this hands-on pre-conference course, we will cover concepts of the Wireshark Analyzer and core network protocols which will enable attendees to improve their skills in capturing and interpreting network traffic. Rather than capturing large amounts of data and being overwhelmed by the details, attendees will learn how to practically use Wireshark to attack network problems and hone in on the packets that matter.

The concepts in this course will prepare beginners to get the most out of the SharkFest sessions that will follow during the conference, as well as refresh the skills of seasoned analysts.
Course Outline
Day 1
Troubleshooting with the Wireshark Analyzer
  • • How and where to capture packets
  • • How to avoid getting overwhelmed
  • • TAP vs SPAN vs Direct Capture
  • • Setting up Wireshark
  • • Configuring Profiles and Coloring Rules
  • • Using Custom Columns
  • • Filtering for the traffic that matters
  • • Visualizing traffic using I/O Graphs
  • • Analyzing core network protocols such as ARP, IP, UDP, DNS, DHCP
  • • Creating Filter Expressions
Day 2 Core Protocol Fundamentals using Wireshark TCP and UDP
  • • The Handshake
  • • TCP Options
  • • How TCP Windows work and Window Scaling
  • • SACK
  • • TCP Congestion Algorithms
  • • TCP Stream Graphs
  • • Building Filters for Common TCP Issues
  • • How Retransmissions work
Who Should Attend: Network technicians, network engineers, and application developers who are at the beginning stages of packet analysis, or who have some comfort in the field but would like to pick up new tips and protocol training.
Dates & Time Oct 12-13, 2020, 9am - 5pm
Location Online
Instructor Chris Greer
Payment Methods Payment is by credit card.
CANCELLATION POLICY
14 days or more before the class start date Full Refund minus $50 ($100 with a bundle) administrative fee
Less than 14 days before the class start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected] On-site substitutions may be allowed if the substituting attendee provides a written request from the original attendee.

Course Description This hands-on pre-conference course will speed up your ability to interpret Wireshark trace files. Profiles should not be a one size fits all solution. Wireshark profiles can be huge timesavers, if you invest the time up front configuring them to be specific to your environment and workflow.

The course will cover best practices for creating profiles, determining what should be in a master profile, and making changes and additions to settings. Trace files will be distributed so changes can be used to analyze actual data. Students will leave class with multiple new profiles to use back at the office.

The concepts in this course will also prepare attendees to get the most out of the SharkFest sessions that will follow during the conference, enabling them to progressively heighten their skills throughout the week.
Course Outline Wireshark Profiles - A methodical approach to creation and use.
  • • Categories; by location or by protocol
  • • Saving profiles to different locations
  • • Copying what you have already created
  • • Creating a master profile
  • • Determining which protocol settings to changes
  • • Configuring Name Resolution
  • • Creating Expert settings
  • • Enabling/disabling protocols
  • • Creating Custom Columns
  • • Enhancing I/O Graphs
  • • Configuring Color Rules
  • • Use different profiles to analyze traces
Who Should Attend: Network technicians, network engineers, cybersecurity analysts, security engineers and application developers who are at the beginning to intermediate stages of packet analysis. The course will be focused on core concepts around Wireshark, helping attendees become more efficient and confident analyzing trace files.
Dates & Time Oct 14, 2020, 9am - 5pm
Location Online
Instructors Betty DuBois
Payment Methods Payment is by credit card.
CANCELLATION POLICY
14 days or more before the class start date Full Refund minus $50 ($100 with a bundle) administrative fee
Less than 14 days before the class start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected] On-site substitutions may be allowed if the substituting attendee provides a written request from the original attendee.

Course Description The applications of today depend more and more on secure communication channels. For most internet applications the TLS protocol (still mostly referred to as SSL) is providing the secure channel to communicate over. To be able to troubleshoot problems with Applications that use (mutual) TLS, one must understand how TLS sessions are set up, how certificates and certificate authorities come into play and how you can look inside the encrypted traffic to analyse the (cleartext) application data. In this session you will gain a better understanding of the operation of the TLS protocol and more importantly, you will learn how to troubleshoot TLS based communications when things don't work as expected.
Course Outline
  • TLS fundamentals
  • • Why TLS (and what happened to SSL)?
  • • Cryptology 101
  • • Understanding The TLS protocol
  • • The TLSv1.2 handshake
  • • The TLSv1.3 handshake
  • • Troubleshooting TLS handshakes
  • • LAB exercises
  • TLS continued
  • • Understanding mutual TLS (Authentication based on TLS client certificates)
  • • Understanding TLS session resumption
  • • Analysing encrypted application data (without decrypting it)
  • • Setting up a configuration profile for TLS analysis
  • • LAB exercises
  • Decrypting TLS traffic
  • • Decryption based on the private key of the server
  • • When will this work and when won't it work
  • • Decryption based on the TLS session keys
  • • When will this work and when won't it work
  • • how to get TLS session keys
  • • LAB exercises
Who Should Attend: Network technicians, network engineers, cybersecurity analysts, security engineers and application developers who are at the beginning to intermediate stages of packet analysis. The course will be focused on core concepts around Wireshark, helping attendees become more efficient and confident analyzing trace files.
Dates & Time Oct 14, 2020, 9am - 5pm
Location Online
Instructor Sake Blok
Payment Methods Payment is by credit card.
CANCELLATION POLICY
14 days or more before the class start date Full Refund minus $50 ($100 with a bundle) administrative fee
Less than 14 days before the class start date No Refund

All cancellation requests must be made in writing to [email protected] If registered but unable to attend, another attendee within your organization may be designated to take your place at no additional charge. All substitution requests must be submitted by the original attendee via e-mail to [email protected] On-site substitutions may be allowed if the substituting attendee provides a written request from the original attendee.