Sysdig, a leading provider of real-time cloud security solutions, has unveiled Stratoshark, an open-source tool designed to extend Wireshark’s granular network visibility into cloud environments. Stratoshark empowers users with a standardized approach to cloud observability, addressing a long-standing gap in cloud network analysis. For nearly three decades, Wireshark has been instrumental in network traffic analysis and troubleshooting, with over 5 million daily users and more than 160 million downloads in the past decade. However, as businesses increasingly transition to the cloud, engineers and analysts have lacked a comparable open-source solution. Stratoshark bridges this gap by offering deep cloud observability and introspection, enabling users to analyze and troubleshoot cloud system calls and logs with the familiar functionality of Wireshark.
The shift to cloud computing has introduced significant challenges, including a widening skills gap in cloud security. With cloud computing recognized as one of the fastest-growing areas in digital transformation, the industry faces a shortage of nearly 5 million qualified cybersecurity professionals. According to O’Reilly’s “The State of Security in 2024” report, nearly 40% of respondents highlighted the urgent need for more cloud computing skills. Stratoshark integrates Wireshark’s capabilities with insights from open-source Falco—a cloud-native threat detection standard with over 130 million downloads. This combination provides a rich cloud context, allowing network analysts and administrators to seamlessly transition their expertise to cloud environments.
“Wireshark revolutionized network analysis by democratizing packet captures, a concept that Sysdig brought to cloud-native workloads and Falco extended to cloud runtime security,” said Gerald Combs, Stratoshark and Wireshark co-creator, Sysdig Director of Open Source Projects. “Wireshark users live by the phrase ‘pcap or it didn’t happen,’ but until now, cloud packet capture hasn’t been easy or even possible. Stratoshark helps unlock this level of visibility, equipping network professionals with a familiar tool that makes system call and log analysis as accessible and transformative for the cloud as Wireshark did for network packet analysis.”
Also Read: Cloud Security Alliance & Whistic Partner for AI Cloud Security
Advancing the Future of Cloud Security
As enterprises move their operations to the cloud, where workloads are increasingly distributed and dynamic, achieving comprehensive visibility into system-level activities has become more challenging. Stratoshark addresses this challenge by seamlessly connecting network packet analysis with cloud-native security, providing an open-source solution that offers extensive observability, enhanced extensibility, and improved accessibility for developers.
Originally designed for traditional on-premises networks, Wireshark has long been a trusted tool for monitoring and securing network traffic. Stratoshark builds upon this foundation by integrating Falco’s powerful libraries, repositories, and plug-ins, delivering deep cloud visibility alongside the familiar functionality of Wireshark. This evolution represents the next generation in open-source security tools, simplifying complex cloud investigations, accelerating incident response, and enabling network professionals to leverage their expertise in cloud environments.
“With Stratoshark, we’re bringing the proven principles of Wireshark to the complexities of modern environments,” said Loris Degioanni, Sysdig Founder and CTO; Stratoshark and Wireshark co-creator; and Falco creator. “By combining Wireshark’s rich network insights with Falco’s real-time cloud-native security, Stratoshark equips teams to better understand cloud events, logs, and system calls with open-source accessibility.”