Sysdig Donates Stratoshark to the Wireshark Foundation to Advance Open Source Cloud Security

Open source Falco — used by over 60% of the Fortune 500 — delivers real-time cloud threat detection. Stratoshark complements it with detailed event analysis, adding the full picture of who did what, when, and where.

Sysdig, the leader in real-time cloud security, today announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation. This contribution underscores Sysdig’s commitment to fostering innovation within the community, building in the open, and pushing security forward with advanced tools that better understand cloud-native environments. Sysdig’s contribution includes Stratoshark’s source code, including the code to interface Wireshark with the Falco libraries, in addition to its associated trademarks, logos, and website domains.

Stratoshark – developed by Wireshark founder Gerald Combs and Falco creator Loris Degioanni – extends Wireshark’s deep network visibility to the cloud by leveraging Falco’s ecosystem. It combines Wireshark’s powerful packet analysis with Falco’s robust runtime security for fast troubleshooting, confident incident response, and cloud-native flexibility. Stratoshark equips users to analyze system calls and cloud logs with the same precision and granularity that Wireshark has offered for over 25 years.

“At Sysdig, we fundamentally believe that security should be a collaborative, transparent effort for defenders – not an asymmetrical battle,” said Degioanni, Sysdig Founder and CTO. “That belief was the foundation for Wireshark and Falco, and it’s the guiding principle that led us to create Stratoshark. By donating Stratoshark to the Wireshark Foundation, we’re ensuring that the community can continue to innovate, refine, and strengthen security together.”

Advancing the Future of Open Source in the Wireshark Foundation

The Wireshark Foundation, established in 2023, serves as the custodian for Wireshark and its related open source projects, providing a framework for long-term stewardship, sustainability, and education for a growing community of over 5 million daily users. The nonprofit is also home to SharkFest, Wireshark’s developer and user conference, as well as the Wireshark source code and assets. By integrating Stratoshark into its portfolio, the foundation expands its network-centric offerings to address the quickly evolving needs of modern, cloud-native environments.

Since its formal launch in January 2025, Stratoshark has expanded its cloud system call analysis capabilities to include granular investigation of cloud logs. So while Falco – which is used by more than 60% of the Fortune 500 – can detect and alert on real-time threats, Stratoshark offers a complementary, detailed event analysis, including the “who, what, when, and where” of cloud activities.

“From Wireshark to Sysdig, Loris and I have been dedicated to helping people understand what’s happening at the core of their systems,” said Combs, Sysdig Director of Open Source Projects. “This donation is not only about making deep cloud workload visibility and forensics universally accessible, but also ensuring that Stratoshark has a solid legal foundation, something inaccessible to most open source projects. This ensures that the tool will live on through strong governance while also exposing it to a greater network of contributors.”

What the Community is Saying

“Stratoshark represents a huge leap for the community, bringing the same deep packet-level insights we’ve had for traditional networks into the cloud-native world. With this donation, I’m excited to see more contributors jump in and shape the future of open source cloud forensics.”

– Chris Greer, Network Analyst and Instructor at Packet Pioneer

“I’ve seen the power of open source security and community-driven development firsthand, especially when backed by organizations committed to building in the open. Stratoshark’s donation to the Wireshark Foundation means that it can continue to evolve under the same transparent, collaborative model that has made Wireshark a generational powerhouse.”

– Uli Heilmeier, Cybersecurity Architect at Krones, Stratoshark Core Developer, and Falco Contributor

“Stratoshark represents a significant advancement in cloud observability. Integrating it into the Wireshark Foundation aligns with our goal of fostering open source development and education, ensuring that powerful and unique tools like Stratoshark remain accessible and up to date for the broader community.”

– Sheri Najafi, Executive Director at the Wireshark Foundation

Save the Date to see Stratoshark Live in Conference

• SharkFest’25 US in Richmond, Virginia, June 14-19, 2025
• Open Source Summit North America in Denver, Colorado, June 23-25, 2025
• SharkFest’25 Europe in Warsaw, Poland, Nov. 3-7, 2025

Resources

• Learn more about Stratoshark and join the community.
• Read “Stratoshark: Extending Wireshark’s legacy into the cloud.”
• Learn more about the Wireshark Foundation.

About Sysdig

In the cloud, every second counts. Attacks unfold in minutes and security teams must protect the business without slowing it down. Sysdig, named Customers’ Choice in the Gartner® “Voice of the Customer” report for cloud-native application protection platforms (CNAPPs), stops cloud attacks in seconds and instantly detects changes in risk with real-time insights and open source Falco. Sysdig Sage™, the industry’s first AI cloud security analyst, uplevels human response and enables security, developers, and DevOps to work together, faster. By correlating signals across cloud workloads, identities, and services, Sysdig uncovers hidden attack paths and prioritizes real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.

Sysdig. Secure Every Second.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250514393283/en/

@Sysdig donates Stratoshark to the Wireshark Foundation to advance open source cloud security. Learn more: https://sysdig.com/press-releases/sysdig-donates-stratoshark-to-wireshark-foundation/