Sysdig Donates Stratoshark to the Wireshark Foundation to Advance Open Source Cloud Security
SAN FRANCISCO--(BUSINESS WIRE)--Sysdig, the leader in real-time cloud security, today announced the donation of Stratoshark, the company's open source cloud forensics tool, to the Wireshark Foundation. This contribution underscores Sysdig's commitment to fostering innovation within the community, building in the open, and pushing security forward with advanced tools that better understand cloud-native environments. Sysdig's contribution includes Stratoshark's source code, including the code to interface Wireshark with the Falco libraries, in addition to its associated trademarks, logos, and website domains.
@Sysdig donates Stratoshark to the Wireshark Foundation to advance open source cloud security. Learn more: https://sysdig.com/press-releases/sysdig-donates-stratoshark-to-wireshark-foundation/
Share
Stratoshark – developed by Wireshark founder Gerald Combs and Falco creator Loris Degioanni – extends Wireshark 's deep network visibility to the cloud by leveraging Falco 's ecosystem. It combines Wireshark's powerful packet analysis with Falco's robust runtime security for fast troubleshooting, confident incident response, and cloud-native flexibility. Stratoshark equips users to analyze system calls and cloud logs with the same precision and granularity that Wireshark has offered for over 25 years.
'At Sysdig, we fundamentally believe that security should be a collaborative, transparent effort for defenders – not an asymmetrical battle,' said Degioanni, Sysdig Founder and CTO. 'That belief was the foundation for Wireshark and Falco, and it's the guiding principle that led us to create Stratoshark. By donating Stratoshark to the Wireshark Foundation, we're ensuring that the community can continue to innovate, refine, and strengthen security together.'
Advancing the Future of Open Source in the Wireshark Foundation
The Wireshark Foundation, established in 2023, serves as the custodian for Wireshark and its related open source projects, providing a framework for long-term stewardship, sustainability, and education for a growing community of over 5 million daily users. The nonprofit is also home to SharkFest, Wireshark's developer and user conference, as well as the Wireshark source code and assets. By integrating Stratoshark into its portfolio, the foundation expands its network-centric offerings to address the quickly evolving needs of modern, cloud-native environments.
Since its formal launch in January 2025, Stratoshark has expanded its cloud system call analysis capabilities to include granular investigation of cloud logs. So while Falco – which is used by more than 60% of the Fortune 500 – can detect and alert on real-time threats, Stratoshark offers a complementary, detailed event analysis, including the 'who, what, when, and where' of cloud activities.
'From Wireshark to Sysdig, Loris and I have been dedicated to helping people understand what's happening at the core of their systems,' said Combs, Sysdig Director of Open Source Projects. 'This donation is not only about making deep cloud workload visibility and forensics universally accessible, but also ensuring that Stratoshark has a solid legal foundation, something inaccessible to most open source projects. This ensures that the tool will live on through strong governance while also exposing it to a greater network of contributors.'
What the Community is Saying
'Stratoshark represents a huge leap for the community, bringing the same deep packet-level insights we've had for traditional networks into the cloud-native world. With this donation, I'm excited to see more contributors jump in and shape the future of open source cloud forensics.'
– Chris Greer, Network Analyst and Instructor at Packet Pioneer
'I've seen the power of open source security and community-driven development firsthand, especially when backed by organizations committed to building in the open. Stratoshark's donation to the Wireshark Foundation means that it can continue to evolve under the same transparent, collaborative model that has made Wireshark a generational powerhouse.'
– Uli Heilmeier, Cybersecurity Architect at Krones, Stratoshark Core Developer, and Falco Contributor
'Stratoshark represents a significant advancement in cloud observability. Integrating it into the Wireshark Foundation aligns with our goal of fostering open source development and education, ensuring that powerful and unique tools like Stratoshark remain accessible and up to date for the broader community.'
– Sheri Najafi, Executive Director at the Wireshark Foundation
Save the Date to see Stratoshark Live in Conference
SharkFest'25 US
Open Source Summit North America in Denver, Colorado, June 23-25, 2025
SharkFest'25 E urope in Warsaw, Poland, Nov. 3-7, 2025
Resources
About Sysdig
In the cloud, every second counts. Attacks unfold in minutes and security teams must protect the business without slowing it down. Sysdig, named Customers' Choice in the Gartner® 'Voice of the Customer' report for cloud-native application protection platforms (CNAPPs), stops cloud attacks in seconds and instantly detects changes in risk with real-time insights and open source Falco. Sysdig Sage™, the industry's first AI cloud security analyst, uplevels human response and enables security, developers, and DevOps to work together, faster. By correlating signals across cloud workloads, identities, and services, Sysdig uncovers hidden attack paths and prioritizes real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.
Sysdig. Secure Every Second.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Wire
14-05-2025
- Business Wire
Sysdig Donates Stratoshark to the Wireshark Foundation to Advance Open Source Cloud Security
SAN FRANCISCO--(BUSINESS WIRE)--Sysdig, the leader in real-time cloud security, today announced the donation of Stratoshark, the company's open source cloud forensics tool, to the Wireshark Foundation. This contribution underscores Sysdig's commitment to fostering innovation within the community, building in the open, and pushing security forward with advanced tools that better understand cloud-native environments. Sysdig's contribution includes Stratoshark's source code, including the code to interface Wireshark with the Falco libraries, in addition to its associated trademarks, logos, and website domains. @Sysdig donates Stratoshark to the Wireshark Foundation to advance open source cloud security. Learn more: Share Stratoshark – developed by Wireshark founder Gerald Combs and Falco creator Loris Degioanni – extends Wireshark 's deep network visibility to the cloud by leveraging Falco 's ecosystem. It combines Wireshark's powerful packet analysis with Falco's robust runtime security for fast troubleshooting, confident incident response, and cloud-native flexibility. Stratoshark equips users to analyze system calls and cloud logs with the same precision and granularity that Wireshark has offered for over 25 years. 'At Sysdig, we fundamentally believe that security should be a collaborative, transparent effort for defenders – not an asymmetrical battle,' said Degioanni, Sysdig Founder and CTO. 'That belief was the foundation for Wireshark and Falco, and it's the guiding principle that led us to create Stratoshark. By donating Stratoshark to the Wireshark Foundation, we're ensuring that the community can continue to innovate, refine, and strengthen security together.' Advancing the Future of Open Source in the Wireshark Foundation The Wireshark Foundation, established in 2023, serves as the custodian for Wireshark and its related open source projects, providing a framework for long-term stewardship, sustainability, and education for a growing community of over 5 million daily users. The nonprofit is also home to SharkFest, Wireshark's developer and user conference, as well as the Wireshark source code and assets. By integrating Stratoshark into its portfolio, the foundation expands its network-centric offerings to address the quickly evolving needs of modern, cloud-native environments. Since its formal launch in January 2025, Stratoshark has expanded its cloud system call analysis capabilities to include granular investigation of cloud logs. So while Falco – which is used by more than 60% of the Fortune 500 – can detect and alert on real-time threats, Stratoshark offers a complementary, detailed event analysis, including the 'who, what, when, and where' of cloud activities. 'From Wireshark to Sysdig, Loris and I have been dedicated to helping people understand what's happening at the core of their systems,' said Combs, Sysdig Director of Open Source Projects. 'This donation is not only about making deep cloud workload visibility and forensics universally accessible, but also ensuring that Stratoshark has a solid legal foundation, something inaccessible to most open source projects. This ensures that the tool will live on through strong governance while also exposing it to a greater network of contributors.' What the Community is Saying 'Stratoshark represents a huge leap for the community, bringing the same deep packet-level insights we've had for traditional networks into the cloud-native world. With this donation, I'm excited to see more contributors jump in and shape the future of open source cloud forensics.' – Chris Greer, Network Analyst and Instructor at Packet Pioneer 'I've seen the power of open source security and community-driven development firsthand, especially when backed by organizations committed to building in the open. Stratoshark's donation to the Wireshark Foundation means that it can continue to evolve under the same transparent, collaborative model that has made Wireshark a generational powerhouse.' – Uli Heilmeier, Cybersecurity Architect at Krones, Stratoshark Core Developer, and Falco Contributor 'Stratoshark represents a significant advancement in cloud observability. Integrating it into the Wireshark Foundation aligns with our goal of fostering open source development and education, ensuring that powerful and unique tools like Stratoshark remain accessible and up to date for the broader community.' – Sheri Najafi, Executive Director at the Wireshark Foundation Save the Date to see Stratoshark Live in Conference SharkFest'25 US Open Source Summit North America in Denver, Colorado, June 23-25, 2025 SharkFest'25 E urope in Warsaw, Poland, Nov. 3-7, 2025 Resources About Sysdig In the cloud, every second counts. Attacks unfold in minutes and security teams must protect the business without slowing it down. Sysdig, named Customers' Choice in the Gartner® 'Voice of the Customer' report for cloud-native application protection platforms (CNAPPs), stops cloud attacks in seconds and instantly detects changes in risk with real-time insights and open source Falco. Sysdig Sage™, the industry's first AI cloud security analyst, uplevels human response and enables security, developers, and DevOps to work together, faster. By correlating signals across cloud workloads, identities, and services, Sysdig uncovers hidden attack paths and prioritizes real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.
Time Business News
12-05-2025
- Time Business News
Why You Should Take an Ethical Hacking Course in Today's Digital World
As the world becomes ever more reliant upon technology, cyber threats have become more dangerous, more frequent, and far more sophisticated. Data breaches, ransomware catastrophes, and phishing schemes that specifically target everyday users are on the rise – and so is the number of people needed to combat them. This is where ethical hacking comes in. If you want to make the switch to cybersecurity or learn new skills, enrolling in an ethical hacking course might be one of the best decisions you ever make. Let's look at why this training is not just relevant, but essential in the current age of technology. Ethical hacking, also known as white-hat hacking, is the legal practice of breaking into a system to identify and fix vulnerabilities. Ethical hackers use the same methods and types of exploits as bad hackers—but when they do it, they have permission and are working to improve security and not to undermine it. Ethical hackers will be able to stay one step ahead of attackers by understanding how the attacker thinks and operates, which allows ethical hackers to assist organizations in protecting their data, systems, and users from a cyber threat. Today's cyberattacks involve advanced tactics that may include zero-day exploits, deepfake scams, social engineering, and AI-based malware. Nothing has proven more effective in offsetting hackers' advantage than employing security professionals skilled enough to think like a hacker. To defeat hackers, cybersecurity teams must outthink, outsmart, or outweigh any advantage hackers have. An ethical hacking course will teach about assessing the risk, testing systems, and identifying vulnerabilities – all critical skills to support the new laws of cyberspace. Reports state that there are almost 3 million unfilled positions in the cybersecurity world. Organizations in every sector are searching for skilled people to identify threats and respond quickly. Ethical hacking skills are among the most wanted because it is using offense to enhance defense, a combination that very few candidates possess. Choosing to enroll in a course allows you to be ahead of the game and a valuable asset to any organization's security team. Ethical hacking positions pay competitively, offer job security, and room for advancement. CyberSeek identifies penetration tester, security analyst, and ethical hacker jobs as among the highest paid jobs in tech. You can improve your chances of getting hired by completing a recognized ethical hacking training course, offshore, or one recognized for preparing you for CEH (Certified Ethical Hacker) certification. Unlike many traditional IT courses, ethical hacking courses are hands-on and scenario-based. You'll learn to: Perform penetration testing Identify system weaknesses Use real-world tools like Metasploit, Burp Suite, and Wireshark Exploit vulnerabilities in simulated environments This practical approach ensures you're job-ready and able to apply your knowledge immediately. Every industry—finance, healthcare, retail, education, and even government—needs ethical hackers. This is because every sector is under cyber attack, and your skills are transferrable. It does not matter if you want to work for a small start up, a Fortune 500 company, or in the public sector, ethical hacking can offer you opportunities in all areas. You don't have to be a programming wizard to begin. These courses are designed for: IT professionals looking to specialize in cybersecurity looking to specialize in cybersecurity System administrators aiming to secure their networks aiming to secure their networks Students or recent graduates pursuing tech careers pursuing tech careers Cybersecurity beginners wanting to build a strong foundation wanting to build a strong foundation Ethical hacking enthusiasts who want to turn passion into profession Even if you're a business owner or decision-maker, taking a foundational course in ethical hacking can help you better understand the risks and security needs of your organization. To get the most out of your training, choose a course that offers: CEH certification preparation or direct CEH exam inclusion or direct CEH exam inclusion Lab-based, hands-on learning Updated content that reflects the latest threats and tools Guidance from experienced cybersecurity professionals Flexible learning formats—online, self-paced, or instructor-led Examples include EC-Council's official CEH certification course, as well as programs from platforms like Udemy, Coursera, Cybrary, and Offensive Security (OSCP for advanced learners). As cybercrime continues to evolve and become more damaging, the world needs professionals to fight back. An ethical hacking course does not only teach you how to defend networks, it also gives you the offensive knowledge to predict attacks and defend organizations from harm. If you're pursuing a career in cybersecurity, looking for a promotion or simply want to understand the digital world better, ethical hacking training is a proactive investment. Instead of waiting for the next big data breach to claim lives, be the person that protects and prevents it. TIME BUSINESS NEWS
Forbes
14-04-2025
- Forbes
Sysdig Founder: Cloud Developers Can Fix Runtime Security
ATHENS - AUGUST 27: Liu Xiang of China crosses the finish line as he finished first in the men's ... More 110 metre hurdle final on August 27, 2004 during the Athens 2004 Summer Olympic Games at the Olympic Stadium in the Sports Complex in Athens, Greece. Liu equalled the world record of 12.91 seconds. (Photo by) Developers develop. Software application developers program applications by coding in their language of choice, on and to their platform of choice, inside their preferred integrated development environment and through their chosen application engineering methodology. While some or all of those factors may be governed by the team that they find themselves in and so become less of a personal decision, there is a general notion of freedom to be, especially perhaps when it comes to the use of open source toolsets. As laissez-faire as all that sounds, developers are also directed towards a number of system management responsibilities that need to happen to ensure 'uptime' is maintained and users get functionality out of the applications and data services that they need to work, or indeed play. While all software engineering teams of any reasonable size will have a dedicated security team (and smaller ones obviously won't always have that luxury), the rise of cloud computing and the Kubernetes container orchestration platform has put more of the control responsibility back in the hands of the cloud development engineer themself. Because cloud and containers move so fast (some are 'spun up' into existence for mere minutes), the security consideration must move to the point of application runtime i.e. the point at which an application actively executes and makes calls to the resources that surround it in the environment it is built in. But how do developers know what to work on around security fixes today? Traditionally, this has seen them take a list of issues from the IT security team (all pretty much without context or application environment information) and then attempt to work through a process of reverse engineering logic as they try to understand what's happening in any given cloud. This could mean working through thousands of items spanning different software libraries, different cloud container images, different data feeds and different third-party plugins and more. What developers would like in these scenarios is a way to find the root cause of security issues and be able to prioritize actions to remediate system health. But cloud computing has changed some key fundamentals, so what route do we take to get to the root now? Real-time cloud-native security tools company Sysdig has plenty of opinions to share here. 'Sysdig was founded to solve a problem. That problem was the question of how we do observability when we can't look at a packet [a chunk of data moving over a network with routing information to tell it where to go] in the virtualized and abstracted world of cloud,' said Alex Lawrence, director of cloud security strategy at Sysdig. 'We knew that was our mission, because packets don't lie. But this is not the old days of networking where we could look at network switches to see packets; now, those packets run on someone else's infrastructure, the cloud services provider. So we know that the system call becomes the lowest common denominator and we have access to that information. If I'm on a server in a virtual machine in the cloud, the system call is the thing that creates the packet. It's the thing that gives the instruction to write the file.' To define this term, a system call is an interface mechanism between an application and its governing infrastructure (often the operating system kernel) that enables the application to access the memory, processing power, data storage or other services that it needs to breathe. Sysdig Lawrence along with founder and chief technology officer Loris Degioanni say that a system call is arguably a richer telemetry source than a packet ever was. This is due to the fact that in any software system, there's 'stuff that happens' without ever becoming a packet. For example, let's say an application wants to perform a call on a host server in a container. It doesn't have to leave the cloud container or the host to make this action happen, it all occurs internally. 'But if we can 'instrument' the system call, we can now know everything happening on that individual host, right? So Sysdig originally was an observability company that was doing all the observability metrics to analyze everything happening on a host cloud server and see what was going on,' said Lawrence. 'But then we had customers early on saying, hey, you realize that this has really big security implications too and it's not just observability. That's what inspired the company to create project Falco, which is basically like a camcorder that tracks all the things happening inside a cloud. It is system analysis that looks for an abnormal system call that shouldn't be there, or find the structure of the executables within an application or database query or whatever that shouldn't be happening in the 'normal' course of operations.' One analogy here is likened to being at home and turning the tap on and getting beer or wine out of the faucet instead of water i.e. the thing that is instructed to do something which we would normally expect to happen, is doing something we don't expect to happen. But this isn't beer taps, this is what we can now call a cloud-native application protection platform, or CNAPP for short. The Falco project is powered by rules and all those rules are written in the the YAML software language. Now a graduated project housed under the auspices of the Cloud Native Computing Foundation, Falco can be described as an open source runtime security platform that enables software developers to find and react to suspicious behaviour within Linux containers and applications. Falco was conceptualized, designed and built to work with Kubernetes, but its realm and purview is not limited to Kubernetes. This means it is also capable of delivering runtime security monitoring for other container orchestration platforms and standalone container deployments. 'Falco's journey is far from over. As cloud-native security threats grow in complexity, Falco is evolving to meet them head-on. The focus for the coming year is clear: deeper Kubernetes integration, a more sophisticated plugin system… and a shift toward automation in runtime security. Perhaps the most exciting development, though, is the growing synergy between Falco and Stratoshark [a software tool built by the same team that created Wireshark, which analyzes system calls and log messages]. Together, they are setting the foundation for a new security paradigm – one where detection, investigation, and response are seamlessly unified,' wrote Degioanni on his company blog. 'Runtime security has always been about visibility, but as Kubernetes environments scale, visibility alone isn't enough. Falco is tackling this by modernizing its stack, making security more automated and easier to deploy.' He asserts one final note to suggest that Falco and Stratoshark will pioneer a Kubernetes Detection and Response (KDR) approach. Next we will see tighter integration between the tools, automated forensic workflows and collaboration between the Falco and Wireshark communities to redefine open source runtime security. Where companies like Sysdig are taking us is towards a future where software developers get more immediate control of system and application health from first principles. While the perceived notion is that programmers care most about 'cool functionality' on the road to creating the next killer app, they do in fact care a lot about vulnerability management in the virtual cloud arena. 'Taking stock of where we are today, there are vendors that specialize in software system detection & response (think of this like a security camera on your house) and there are vendors who offer security posture management technology (a wider angle view on an IT stack to make sure there are locks on the doors of the house) today. To continue our home security analogy, if your door locks are broken, but no intruders are near your house, then you know how to act accordingly vs a scenario where you're actually about to lose your possessions. Sysdig was engineered from the start to provide both sides of this weigh-scale so that we can offer a total security platform offering,' said Degioanni. 'Our platform now sits at that broader point where we can offer users the most accurate visibility into their cloud IT stack as fast as possible… a combination which is now empowered and accelerated with agentic AI services. To offer a platform technology proposition in this way, Sysdig has collected and correlated vast amounts of data from system calls and posture status (using our backbone and employing a graph database) so that all data and information relationships can be tracked and mapped accurately, quickly and in the most efficient way possible.' We live in a world where software system security is trying to be more automated (through artificial intelligence yes, but also through system-level automation that we probably wouldn't classify as AI), more hands-off and more self-service. It's a large part of why we've been able to talk so volubly about so-called DevOps as the marriage of shared responsibility between developers and operations staff. The notion of platform engineering and agentless technologies have subsequently followed suit for the same reason. Will we still need IT security teams in the future then? Yes, obviously, they may be able to spend more time refining and finessing the tools inside platforms like Sysdig than chasing vulnerabilities and attacks. It's all getting a whole lot more granular in computing… and, from a user security perspective, fine-grained is just fine.
