BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//conference.wireshark.org//sf26eu//speaker//7EMVDQ
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-sf26eu-3PDG9V@conference.wireshark.org
DTSTART;TZID=CET:20261103T090000
DTEND;TZID=CET:20261103T170000
DESCRIPTION:In a world of encrypted traffic and sophisticated evasion\, the
  network remains the ultimate source of truth. Security tools may alert yo
 u that something is wrong\, but the packets tell you exactly what happened
  on the wire.\n\nThis intensive one-day training transforms Wireshark from
  a simple troubleshooting tool into a powerful forensic engine. We move be
 yond basic protocol analysis to focus on the indicators of compromise (IoC
 s) and threat actor behavior hidden in plain sight. Participants will lear
 n how to identify the subtle "heartbeats" of malware\, recognize command a
 nd control (C2) patterns\, and dissect behavior at various stages of an at
 tack. \n\nThrough hands-on labs using real-world pcap datasets\, we will c
 over:\n\nExpert Filtering: Crafting security-focused display filters to cu
 t through the noise.\n\nBehavioral Analysis: Identifying anomalies in TCP/
 IP handshakes and DNS queries.\n\nActionable Reporting: Extracting evidenc
 e to build an irrefutable "proof of packet" case.
DTSTAMP:20260624T110338Z
LOCATION:Room 2
SUMMARY:Pre-Conference Class III: The Proof is in the Packets: Network Thre
 at Detection Using Wireshark - Marcelle Lee
URL:https://conference.wireshark.org/sf26eu/talk/3PDG9V/
END:VEVENT
END:VCALENDAR