Observability and introspection in the cloud with Stratoshark

Our vision

For nearly three decades, Wireshark, an open-source network protocol analyzer, has set the standard for network visibility, helping more than 5 million engineers analyze traffic and troubleshoot issues daily.

However, for workloads in the cloud, open source observability and introspection have been missing from the toolkit. Stratoshark fills the gap by combining the deep network insights of Wireshark with the operational power of Falco, the open-source standard for cloud-native threat detection.

Stratoshark builds upon the open source heritage of Wireshark and Falco and makes deep visibility into cloud workloads universally accessible.

About Stratoshark

Built by the co-creators of Wireshark – our founder Loris Degioanni, and our Director of open source Gerald Combs – Stratoshark unlocks unparalleled cloud visibility, allowing users to analyze system calls and logs with precision and simplicity.

By blending Wireshark’s rich packet analysis with Falco’s runtime security, Stratoshark empowers teams to troubleshoot faster, respond to incidents with confidence, and adapt to the rapidly evolving demands of cloud-native systems — all with the open source transparency that fosters innovation.

Our open source roots

The origin for our open source projects — Sysdig, Falco, and Wireshark — traces back to one fundamental need: making sense of complex, real-time network traffic for better security and operational insights.

Stratoshark comes from the same core philosophy: visibility into cloud workloads must be universal. Deep introspection into cloud workloads must be available to everyone and seamlessly integrated across hosts, containers, and cloud-native environments.

As an open source project, Stratoshark empowers organizations to dissect, troubleshoot, and secure cloud environments with precision and confidence.

The road ahead

Just as Wireshark became the industry standard for network packet analysis, Stratoshark strives to set the benchmark for system-level introspection and analysis in the cloud.

Proven in production on Linux and Kubernetes, Stratoshark leads the way in cloud security by extending introspection to platforms, like AWS CloudTrail, Okta, and GitHub, through Falco Plugins.

As security challenges grow in complexity, open source collaboration enables the industry to collectively address evolving threats. Stratoshark represents the next step in this journey — continuing the legacy from Wireshark to Sysdig and Falco, and now advancing deeper into cloud observability and introspection