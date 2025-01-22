Stratoshark, described as "Wireshark for the Cloud," builds on the open source legacy of Wireshark and Falco to deliver unmatched visibility for cloud-native environments in a familiar platform

FOSDEM 2025 - Sysdig, the leader in real-time cloud security, today announced the release of Stratoshark, an open source tool that extends Wireshark's granular network visibility into the cloud and empowers users with a standardized approach to cloud observability. For 27 years, Wireshark with over 5 million daily users and more than 160 million downloads in the last decade alone has helped users analyze network traffic and troubleshoot issues. As companies have transitioned to the cloud, however, engineers and analysts have lacked the same visibility from a comparable open source tool. Stratoshark unlocks deep cloud observability and introspection, helping analyze and troubleshoot cloud system calls and logs with a level of granularity and workflow familiar to long-time Wireshark users.

With the growing transition, cloud security is facing a major skills gap. Considered one of the fastest-growing areas for digital transformation, there is a shortage of nearly 5 million qualified cybersecurity professionals [1], and nearly 40% of respondents in O'Reilly's report, "The State of Security in 2024," noted that cloud computing is a domain in which more skills are needed but increasingly difficult to find [2]. By combining Wireshark's functionality with deep operational insight from open source Falco the standard for cloud-native threat detection, with over 130 million downloads Stratoshark unlocks rich cloud context and helps network analysts and administrators port their experience directly into the cloud.

"Wireshark revolutionized network analysis by democratizing packet captures, a concept that Sysdig brought to cloud-native workloads and Falco extended to cloud runtime security," said Gerald Combs, Stratoshark and Wireshark co-creator, Sysdig Director of Open Source Projects. "Wireshark users live by the phrase 'pcap or it didn't happen,' but until now cloud packet capture hasn't been easy or even possible. Stratoshark helps unlock this level of visibility, equipping network professionals with a familiar tool that makes system call and log analysis as accessible and transformative for the cloud as Wireshark did for network packet analysis."

Continuing a Legacy of Innovation

As organizations have shifted to the cloud, where workloads are more distributed, dynamic, and short-lived than their traditional counterparts, visibility into system-level activities has become increasingly fragmented. Stratoshark seamlessly bridges the gap between network packet analysis and modern cloud-native security, delivering an open source solution with broad observability, enhanced extensibility, and greater developer accessibility.

In essence, Wireshark was developed to support monitoring and security for traditional on-premises networks, and many experienced network professionals have long sought a modern application for their expertise. Stratoshark leverages Falco libraries, repositories, and plug-ins, and unites its deep cloud visibility with familiar Wireshark functionality. Stratoshark represents the next generation in a lineage of open source tools that have set the security standard, simplifying complex investigations, accelerating incident response, and enabling network experts to bring their skills to the cloud.

"With Stratoshark, we're bringing the proven principles of Wireshark to the complexities of modern environments," said Loris Degioanni, Sysdig Founder and CTO; Stratoshark and Wireshark co-creator; and Falco creator. "By combining Wireshark's rich network insights with Falco's real-time cloud-native security, Stratoshark equips teams to better understand cloud events, logs, and system calls with open source accessibility."

Combs will present Stratoshark at FOSDEM 2025 in Brussels, Belgium, Saturday, Feb. 1, 2025, with Sysdig Senior Cloud Security Strategist Nigel Douglas. Save the date to see Stratoshark in action at the following events:

ISSA Sacramento (Sacramento, California), Feb. 21, 2025.

KubeCon EU (London, England), April 1-4, 2025.

Stackconf 2025 (Munich, Germany), April 29-30, 2025.

BSidesDublin (Dublin, Ireland), May 24, 2025.

SharkFest'25 US (Richmond, Virginia), June 14-19, 2025.

What People are Saying

"Stratoshark presents an exciting opportunity for longtime Wireshark users to apply their network analysis skills directly to the cloud, and the community couldn't be more thrilled. Wireshark has empowered multiple generations of network professionals to analyze malicious behavior, like lateral movement, ransomware spread, and communications from compromised systems, and Stratoshark equips them to modernize this skill set."

Sheri Najafi, Executive Director at the Wireshark Foundation

"Stratoshark unlocks a new dimension of troubleshooting, allowing users to look deep into servers with the same fidelity that Wireshark has given them on networks. It sets a new standard for system call and log analysis, and opens the door for packet analysts to transfer their expertise to a new domain."

Josh Clark, Performance Engineer for a large U.S. financial institution

"For over two decades, Wireshark has helped countless engineers filter network traffic to efficiently isolate and troubleshoot application issues by analyzing evidence within network protocols. Stratoshark takes the best of Wireshark's tools and equips today's professionals with critical cloud system visibility and troubleshooting."

Ross Bagurdes, Network Engineer and Educator at Pluralsight

Resources

Read the blog "Stratoshark: Extending Wireshark's legacy into the cloud" by creators Gerald Combs and Loris Degioanni to learn more about its journey.

Discover "How Falco and Wireshark paved the way for Stratoshark" and how to get started.

Download Stratoshark from its official website.

