Stratoshark, described as “Wireshark for the Cloud,” builds on the open source legacy of Wireshark and Falco to deliver unmatched visibility for cloud-native environments in a familiar platform

Sysdig Unveils Stratoshark, Enabling Millions of Network Professionals to Bring Their Security Experience to the Cloud

Media Contact
Damon Weinhold
damon.weinhold@sysdig.com
+1 (415) 873-4772

FOSDEM 2025 – Sysdig, the leader in real-time cloud security, today announced the release of Stratoshark, an open source tool that extends Wireshark’s granular network visibility into the cloud and empowers users with a standardized approach to cloud observability. For 27 years, Wireshark – with over 5 million daily users and more than 160 million downloads in the last decade alone – has helped users analyze network traffic and troubleshoot issues. As companies have transitioned to the cloud, however, engineers and analysts have lacked the same visibility from a comparable open source tool. Stratoshark unlocks deep cloud observability and introspection, helping analyze and troubleshoot cloud system calls and logs with a level of granularity and workflow familiar to long-time Wireshark users.

With the growing transition, cloud security is facing a major skills gap. Considered one of the fastest-growing areas for digital transformation, there is a shortage of nearly 5 million qualified cybersecurity professionals [1], and nearly 40% of respondents in O’Reilly’s report, “The State of Security in 2024,” noted that cloud computing is a domain in which more skills are needed but increasingly difficult to find [2]. By combining Wireshark’s functionality with deep operational insight from open source Falco – the standard for cloud-native threat detection, with over 130 million downloads – Stratoshark unlocks rich cloud context and helps network analysts and administrators port their experience directly into the cloud.

“Wireshark revolutionized network analysis by democratizing packet captures, a concept that Sysdig brought to cloud-native workloads and Falco extended to cloud runtime security,” said Gerald Combs, Stratoshark and Wireshark co-creator, Sysdig Director of Open Source Projects. “Wireshark users live by the phrase ‘pcap or it didn’t happen,’ but until now cloud packet capture hasn’t been easy or even possible. Stratoshark helps unlock this level of visibility, equipping network professionals with a familiar tool that makes system call and log analysis as accessible and transformative for the cloud as Wireshark did for network packet analysis.”

Continuing a Legacy of Innovation

As organizations have shifted to the cloud, where workloads are more distributed, dynamic, and short-lived than their traditional counterparts, visibility into system-level activities has become increasingly fragmented. Stratoshark seamlessly bridges the gap between network packet analysis and modern cloud-native security, delivering an open source solution with broad observability, enhanced extensibility, and greater developer accessibility.

In essence, Wireshark was developed to support monitoring and security for traditional on-premises networks, and many experienced network professionals have long sought a modern application for their expertise. Stratoshark leverages Falco libraries, repositories, and plug-ins, and unites its deep cloud visibility with familiar Wireshark functionality. Stratoshark represents the next generation in a lineage of open source tools that have set the security standard, simplifying complex investigations, accelerating incident response, and enabling network experts to bring their skills to the cloud.

“With Stratoshark, we’re bringing the proven principles of Wireshark to the complexities of modern environments,” said Loris Degioanni, Sysdig Founder and CTO; Stratoshark and Wireshark co-creator; and Falco creator. “By combining Wireshark’s rich network insights with Falco’s real-time cloud-native security, Stratoshark equips teams to better understand cloud events, logs, and system calls with open source accessibility.”

Combs will present Stratoshark at FOSDEM 2025 in Brussels, Belgium, Saturday, Feb. 1, 2025, with Sysdig Senior Cloud Security Strategist Nigel Douglas. Save the date to see Stratoshark in action at the following events:

• ISSA Sacramento (Sacramento, California), Feb. 21, 2025.
• KubeCon EU (London, England), April 1-4, 2025.
• Stackconf 2025 (Munich, Germany), April 29-30, 2025.
• BSidesDublin (Dublin, Ireland), May 24, 2025.
• SharkFest’25 US (Richmond, Virginia), June 14-19, 2025.

What People are Saying

“Stratoshark presents an exciting opportunity for longtime Wireshark users to apply their network analysis skills directly to the cloud, and the community couldn’t be more thrilled. Wireshark has empowered multiple generations of network professionals to analyze malicious behavior, like lateral movement, ransomware spread, and communications from compromised systems, and Stratoshark equips them to modernize this skill set.”
Sheri Najafi, Executive Director at the Wireshark Foundation

“Stratoshark unlocks a new dimension of troubleshooting, allowing users to look deep into servers with the same fidelity that Wireshark has given them on networks. It sets a new standard for system call and log analysis, and opens the door for packet analysts to transfer their expertise to a new domain.”
Josh Clark, Performance Engineer for a large U.S. financial institution

“For over two decades, Wireshark has helped countless engineers filter network traffic to efficiently isolate and troubleshoot application issues by analyzing evidence within network protocols. Stratoshark takes the best of Wireshark’s tools and equips today’s professionals with critical cloud system visibility and troubleshooting.”
Ross Bagurdes, Network Engineer and Educator at Pluralsight

Resources

• Read the blog “Stratoshark: Extending Wireshark's legacy into the cloud” by creators Gerald Combs and Loris Degioanni to learn more about its journey.
• Discover “How Falco and Wireshark paved the way for Stratoshark” and how to get started.
• Download Stratoshark from its official website.

[1] ISC2, “2024 ISC2 Cybersecurity Workforce Study,” September 2024.
[2] O’Reilly, “The State of Security in 2024,” October 2024.

About Sysdig

In the cloud, every second counts. Attacks unfold in minutes and security teams must protect the business without slowing it down. Sysdig, named Customers’ Choice in the Gartner® “Voice of the Customer” report for cloud-native application protection platforms (CNAPPs), stops cloud attacks in seconds and instantly detects changes in risk with real-time insights and open source Falco. Sysdig Sage™, the industry’s first AI cloud security analyst, uplevels human response and enables security, developers, and DevOps to work together, faster. By correlating signals across cloud workloads, identities, and services, Sysdig uncovers hidden attack paths and prioritizes real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.

Sysdig. Secure Every Second.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250122277929/en/

@Sysdig unveils Stratoshark, enabling millions of network professionals to bring their security experience to the cloud. Learn more: https://sysdig.com/press-releases/sysdig-unveils-stratoshark-extending-wireshark-to-cloud/