Sysdig, a leader in real-time cloud security, has donated Stratoshark—its open source cloud forensics tool—to the Wireshark Foundation. This milestone underscores Sysdig’s dedication to open innovation and advancing security tools tailored for cloud-native environments.
Stratoshark: Deep Cloud Forensics Meets Wireshark and Falco
Co-developed by Wireshark founder Gerald Combs and Falco creator Loris Degioanni, Stratoshark extends Wireshark’s renowned packet analysis into the cloud by leveraging Falco’s runtime security ecosystem. It enables users to analyze system calls and cloud logs with high precision, facilitating rapid troubleshooting and confident incident response in cloud-native settings.
A Collaborative Vision for Open Source Security
Loris Degioanni, Sysdig Founder and CTO, emphasized the philosophy behind the donation:
“Security should be a collaborative, transparent effort for defenders—not an asymmetrical battle.” Donating Stratoshark ensures the community can continue to innovate, refine, and strengthen cloud security tools together.
Wireshark Foundation’s Role in Long-Term Stewardship
Founded in 2023, the Wireshark Foundation supports Wireshark and related open source projects, providing governance, sustainability, and educational resources for its vast community of over 5 million daily users. Integrating Stratoshark broadens its portfolio to meet the evolving demands of cloud-native security and network visibility.
Stratoshark’s Growing Capabilities
Since its official launch in January 2025, Stratoshark has enhanced its system call analysis and cloud log investigation features. While Falco detects real-time threats across many Fortune 500 companies, Stratoshark complements it by delivering detailed forensic insights into cloud activity, answering the “who, what, when, and where” of security events.
Community Reactions
- Chris Greer, Network Analyst, highlights Stratoshark as a transformative tool that brings deep packet-level insights into the cloud-native space, inviting broad community collaboration.
- Uli Heilmeier, Cybersecurity Architect and Falco contributor, praises the transparent, community-driven development model that Stratoshark’s donation supports.
- Wireshark Foundation leaders view Stratoshark’s integration as vital to fostering open source innovation and education in cloud observability.
Sysdig’s donation of Stratoshark to the Wireshark Foundation marks a significant step in advancing cloud security and forensics through open source collaboration. This move strengthens community innovation, ensures strong governance, and provides powerful tools to help organizations better secure their cloud-native environments.
