Observability and introspection in the cloud with Stratoshark

Stratoshark brings the familiarity of Wireshark’s deep visibility to cloud-native system calls and audit logs

Join Community
Sysdig unveils Stratoshark, the “Wireshark for the Cloud
Sysdig unveils Stratoshark, the “Wireshark for the Cloud
Sysdig unveils Stratoshark, the “Wireshark for the Cloud
Sysdig unveils Stratoshark, the “Wireshark for the Cloud
Sysdig unveils Stratoshark, the “Wireshark for the Cloud
Sysdig unveils Stratoshark, the “Wireshark for the Cloud

About Stratoshark

Built by the co-creators of Wireshark – our founder Loris Degioanni, and our Director of open source Gerald Combs – Stratoshark unlocks unparalleled cloud visibility, allowing users to analyze system calls and logs with precision and simplicity.

By blending Wireshark’s rich packet analysis with Falco’s runtime security, Stratoshark empowers teams to troubleshoot faster, respond to incidents with confidence, and adapt to the rapidly evolving demands of cloud-native systems — all with the open source transparency that fosters innovation.

our VISION

Stratoshark builds upon the open source heritage of Wireshark and Falco and makes deep visibility into cloud workloads universally accessible.

Cloud Native Runtime Security
falco.org
About
cncf graduated
Created 2016.05.17
140m downloads
releases
0.40.0
Latest
kubernetes
security
containers
cncf
cloud-native
ebpf
hacktoberfest
falco
cloud-native
110+
Monthly Active
Contributors

Our open source roots

The origin for our open source projects — Sysdig, Falco, and Wireshark — traces back to one fundamental need: making sense of complex, real-time network traffic for better security and operational insights.

Stratoshark comes from the same core philosophy: visibility into cloud workloads must be universal. Deep introspection into cloud workloads must be available to everyone and seamlessly integrated across hosts, containers, and cloud-native environments.

As an open source project, Stratoshark empowers organizations to dissect, troubleshoot, and secure cloud environments with precision and confidence.

THE ROAD AHEAD
Tab 1
Tab 2
Tab 3

Just as Wireshark became the industry standard for network packet analysis, Stratoshark strives to set the benchmark for system-level introspection and analysis in the cloud.

Proven in production on Linux and Kubernetes, Stratoshark leads the way in cloud security by extending introspection to platforms, like AWS CloudTrail, Okta, and GitHub, through Falco Plugins.

As security challenges grow in complexity, open source collaboration enables the industry to collectively address evolving threats. Stratoshark represents the next step in this journey — continuing the legacy from Wireshark to Sysdig and Falco, and now advancing deeper into cloud observability and introspection.

Having a technology as complex as Falco packaged together with professional support and a SaaS infrastructure allows us to focus on the integration instead of spending time on setup and maintenance.”

Security Engineer, BlaBlaCar
falco feeds by sysdig

Falco Feeds extends the power of Falco by giving open source-focused companies access to expert-written rules that are continuously updated as new threats are discovered.

learn more

Get started with Stratoshark today

See how Stratoshark works

Download and learn how to use Stratoshark

Join the community

Connect with Wireshark and Stratoshark users on Discord

Get started with Stratoshark

Learn how to detect SCAP files in Stratoshark

Like what you see?

GET A DEMO