SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Sysdig’s Wireshark Foundation to foster open source projects
Fri, 3rd Mar 2023

Sysdig, the unified cloud and container security provider, has announced a new foundation to serve as the long-term custodian of the Wireshark open-source project. It will be called the Wireshark Foundation.  

The Wireshark Foundation will have an open governance model encouraging participation and technical contribution. In addition, the foundation will provide a framework for long-term stewardship and sustainability of the projects it governs. 

“We're very excited for the formation of the Wireshark Foundation, a non-profit organisation with the mission to help as many people as possible understand their networks through the ongoing evolution of Wireshark and the SharkFest conferences. The Wireshark Foundation fosters open source development and will continue to explore new ways of educating the public," says Sheri Najafi, Executive Director, Wireshark Foundation.

Wireshark is the world's foremost traffic protocol analyser, with over 2,000 contributors and over 60 million downloads in the last five years. Sysdig, as Wireshark's current corporate sponsor, encouraged the creation of the foundation. The non-profit will be home to SharkFest, Wireshark's developer and user conference, and the Wireshark source code and assets.

The 2023 SharkFest schedule includes SharkFest Asia (Singapore), April 17-19, SharkFest North America (San Diego), June 10-15, and SharkFest Europe, the location and date of which are yet to be confirmed. 

Wireshark will celebrate its 25th anniversary as an open-source project this July. Over the years, Wireshark has been sponsored by several companies. Most recently, in January 2022, Sysdig assumed responsibility for the project. The move into the Wireshark Foundation donates Wireshark to the community and ensures that Wireshark has a long-term home that goes beyond a specific company or sponsor.

Ethereal, the predecessor of Wireshark, was initially created in 1998 by Gerald Combs, Director of Open Source Projects at Sysdig. 

Then, Combs teamed up with Loris Degioanni, Chief Technology Officer and Founder of Sysdig, and launched Wireshark in 2006. 

Wireshark, an open-source GUI network package capturing tool, enables teams to monitor network traffic, learn protocols and packet basics, and troubleshoot network problems. Wireshark is the de facto standard for checking health and security at a packet level. Wireshark takes packet captures and saves them for later viewing. Teams can filter through that traffic to find evidence from an incident.

Proprietary solutions alone are insufficient to counter the ever-expanding list of attack techniques. Open source is the only approach with the agility and broad reach to set up the conditions to meet modern security concerns, well-demonstrated by Wireshark over its 25 years of development.

Sysdig believes that collaboration that brings together expertise, scrutiny, and a broader range of use cases will ultimately drive more secure software.

Sysdig was founded as an open-source company, and the Sysdig platform was built on an open-source foundation to address the security challenges of modern cloud applications. 

Open-source Sysdig and Falco are projects created by Sysdig to leverage deep visibility as a foundation for security. These projects have become container and cloud threat detection and incident response standards. 

Falco, which Sysdig contributed to the Cloud Native Computing Foundation (CNCF) in 2018, is now an incubation-level hosted project with over 50 million downloads. In addition to Sysdig-created tools, Sysdig is powered by open-source tools, such as OPA, Prometheus, and eBPF.

“We want Wireshark to be set up for long-term success, which includes ensuring the health and independence of the project. Moving Wireshark to a foundation guarantees that Gerald and the rest of the core developers own and operate Wireshark. The open source users can count on the fact that Wireshark will remain an important industry standard for a long time, and that its development will continue to be driven by the community,” says Degioanni. 

“It is clear that Sysdig is an open source company through and through. While other companies claim to support the open source community, Sysdig has actually followed through. They not only contributed Falco and the largest set of eBPF libraries to the CNCF, but they have encouraged the creation of a foundation for Wireshark. The Wireshark community and I look forward to investigating ways to extend Wireshark to address new challenges, including securing the cloud,” adds Combs. 

The foundation is launching with Loris Degioanni, Janice Spampinato, Hansang Bae, Sheri Najafi, and Gerald Combs on the board. The foundation will also take over the management of SharkFest.