Wireshark offers powerful exploration, drill-down, and analysis capabilities for network packets, but what if those features could be applied to other types of data? Enter Stratoshark, a brand-new sibling application to Wireshark.

Stratoshark leverages the rich data sources provided by Falco’s libraries to enable deep analysis and troubleshooting across Linux servers, Kubernetes clusters, and any system that generates Linux system calls or real-time log events.

In this talk, we’ll showcase a live demo of Stratoshark, including how it extends the familiar Wireshark user experience to AWS audit events via the Falco plugin for CloudTrail. Learn how Stratoshark builds on open-source innovation to bring Wireshark’s intuitive interface to a broader range of use cases in cloud-native computing.