Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make RASP addresses ephemeral #7529

Merged
merged 1 commit into from
Aug 29, 2024
Merged

Make RASP addresses ephemeral #7529

merged 1 commit into from
Aug 29, 2024

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Aug 29, 2024
edited by smola
Loading

What Does This Do

Changes the RASP addresses for SQLi and SSRF in order to make them ephemeral.

Motivation

Ephemeral addresses should be used for data that has to be evaluated only once and makes no sense to hold them for future evaluations of the WAF, this is the case for SQLi and SSRF which might happen multiple times during the context of a request.

Additional Notes

Contributor Checklist

@manuel-alvarez-alvarez manuel-alvarez-alvarez added the comp: asm waf Application Security Management (WAF) label Aug 29, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez requested a review from a team as a code owner August 29, 2024 09:39
@pr-commenter
Copy link

pr-commenter bot commented Aug 29, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/rasp-ephemeral
git_commit_date 1724917297 1724924154
git_commit_sha b7907a2 9186870
release_version 1.39.0-SNAPSHOT~b7907a264e 1.39.0-SNAPSHOT~9186870be7
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1724926631 1724926631
ci_job_id 621242014 621242014
ci_pipeline_id 43134257 43134257
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 49 metrics, 14 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.046 s) : 0, 1046366
Total [baseline] (8.486 s) : 0, 8486382
Agent [candidate] (1.048 s) : 0, 1047881
Total [candidate] (8.459 s) : 0, 8459158
section iast
Agent [baseline] (1.177 s) : 0, 1176582
Total [baseline] (9.008 s) : 0, 9008333
Agent [candidate] (1.18 s) : 0, 1180165
Total [candidate] (8.973 s) : 0, 8972996
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.189 s) : 0, 1188984
Total [baseline] (8.981 s) : 0, 8981038
Agent [candidate] (1.174 s) : 0, 1174460
Total [candidate] (8.928 s) : 0, 8927722
section iast_TELEMETRY_OFF
Agent [baseline] (1.17 s) : 0, 1170152
Total [baseline] (8.933 s) : 0, 8933469
Agent [candidate] (1.167 s) : 0, 1167480
Total [candidate] (8.942 s) : 0, 8942489
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.046 s -
Agent iast 1.177 s 130.216 ms (12.4%)
Agent iast_HARDCODED_SECRET_DISABLED 1.189 s 142.617 ms (13.6%)
Agent iast_TELEMETRY_OFF 1.17 s 123.785 ms (11.8%)
Total tracing 8.486 s -
Total iast 9.008 s 521.95 ms (6.2%)
Total iast_HARDCODED_SECRET_DISABLED 8.981 s 494.656 ms (5.8%)
Total iast_TELEMETRY_OFF 8.933 s 447.087 ms (5.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.048 s -
Agent iast 1.18 s 132.284 ms (12.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.174 s 126.579 ms (12.1%)
Agent iast_TELEMETRY_OFF 1.167 s 119.599 ms (11.4%)
Total tracing 8.459 s -
Total iast 8.973 s 513.838 ms (6.1%)
Total iast_HARDCODED_SECRET_DISABLED 8.928 s 468.563 ms (5.5%)
Total iast_TELEMETRY_OFF 8.942 s 483.331 ms (5.7%) 
gantt
    title insecure-bank - break down per module: candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (667.395 ms) : 0, 667395
BytebuddyAgent [candidate] (668.189 ms) : 0, 668189
GlobalTracer [baseline] (306.045 ms) : 0, 306045
GlobalTracer [candidate] (306.837 ms) : 0, 306837
AppSec [baseline] (51.241 ms) : 0, 51241
AppSec [candidate] (51.198 ms) : 0, 51198
Remote Config [baseline] (662.975 µs) : 0, 663
Remote Config [candidate] (653.698 µs) : 0, 654
Telemetry [baseline] (7.458 ms) : 0, 7458
Telemetry [candidate] (7.39 ms) : 0, 7390
section iast
BytebuddyAgent [baseline] (779.976 ms) : 0, 779976
BytebuddyAgent [candidate] (784.855 ms) : 0, 784855
GlobalTracer [baseline] (297.893 ms) : 0, 297893
GlobalTracer [candidate] (298.11 ms) : 0, 298110
AppSec [baseline] (50.192 ms) : 0, 50192
AppSec [candidate] (49.027 ms) : 0, 49027
IAST [baseline] (24.723 ms) : 0, 24723
IAST [candidate] (24.319 ms) : 0, 24319
Remote Config [baseline] (627.827 µs) : 0, 628
Remote Config [candidate] (612.52 µs) : 0, 613
Telemetry [baseline] (9.551 ms) : 0, 9551
Telemetry [candidate] (9.478 ms) : 0, 9478
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (789.562 ms) : 0, 789562
BytebuddyAgent [candidate] (780.494 ms) : 0, 780494
GlobalTracer [baseline] (300.119 ms) : 0, 300119
GlobalTracer [candidate] (295.627 ms) : 0, 295627
AppSec [baseline] (51.136 ms) : 0, 51136
AppSec [candidate] (48.114 ms) : 0, 48114
IAST [baseline] (25.81 ms) : 0, 25810
IAST [candidate] (28.064 ms) : 0, 28064
Remote Config [baseline] (589.535 µs) : 0, 590
Remote Config [candidate] (589.598 µs) : 0, 590
Telemetry [baseline] (7.973 ms) : 0, 7973
Telemetry [candidate] (7.879 ms) : 0, 7879
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (776.527 ms) : 0, 776527
BytebuddyAgent [candidate] (774.648 ms) : 0, 774648
GlobalTracer [baseline] (296.305 ms) : 0, 296305
GlobalTracer [candidate] (295.758 ms) : 0, 295758
AppSec [baseline] (49.71 ms) : 0, 49710
AppSec [candidate] (50.386 ms) : 0, 50386
IAST [baseline] (25.564 ms) : 0, 25564
IAST [candidate] (25.467 ms) : 0, 25467
Remote Config [baseline] (588.746 µs) : 0, 589
Remote Config [candidate] (583.42 µs) : 0, 583
Telemetry [baseline] (7.848 ms) : 0, 7848
Telemetry [candidate] (7.016 ms) : 0, 7016
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.049 s) : 0, 1049022
Total [baseline] (10.415 s) : 0, 10415319
Agent [candidate] (1.054 s) : 0, 1053630
Total [candidate] (10.347 s) : 0, 10347336
section appsec
Agent [baseline] (1.178 s) : 0, 1178356
Total [baseline] (10.488 s) : 0, 10488337
Agent [candidate] (1.175 s) : 0, 1175091
Total [candidate] (10.437 s) : 0, 10437021
section iast
Agent [baseline] (1.172 s) : 0, 1172207
Total [baseline] (10.741 s) : 0, 10741017
Agent [candidate] (1.174 s) : 0, 1173534
Total [candidate] (10.851 s) : 0, 10851419
section profiling
Agent [baseline] (1.246 s) : 0, 1246398
Total [baseline] (10.562 s) : 0, 10561667
Agent [candidate] (1.246 s) : 0, 1246092
Total [candidate] (10.552 s) : 0, 10551613
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.049 s -
Agent appsec 1.178 s 129.334 ms (12.3%)
Agent iast 1.172 s 123.185 ms (11.7%)
Agent profiling 1.246 s 197.377 ms (18.8%)
Total tracing 10.415 s -
Total appsec 10.488 s 73.018 ms (0.7%)
Total iast 10.741 s 325.698 ms (3.1%)
Total profiling 10.562 s 146.347 ms (1.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.054 s -
Agent appsec 1.175 s 121.461 ms (11.5%)
Agent iast 1.174 s 119.904 ms (11.4%)
Agent profiling 1.246 s 192.462 ms (18.3%)
Total tracing 10.347 s -
Total appsec 10.437 s 89.686 ms (0.9%)
Total iast 10.851 s 504.083 ms (4.9%)
Total profiling 10.552 s 204.278 ms (2.0%) 
gantt
    title petclinic - break down per module: candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (669.548 ms) : 0, 669548
BytebuddyAgent [candidate] (672.406 ms) : 0, 672406
GlobalTracer [baseline] (306.436 ms) : 0, 306436
GlobalTracer [candidate] (307.653 ms) : 0, 307653
AppSec [baseline] (51.34 ms) : 0, 51340
AppSec [candidate] (51.593 ms) : 0, 51593
Remote Config [baseline] (664.765 µs) : 0, 665
Remote Config [candidate] (680.386 µs) : 0, 680
Telemetry [baseline] (7.456 ms) : 0, 7456
Telemetry [candidate] (7.645 ms) : 0, 7645
section appsec
BytebuddyAgent [baseline] (683.432 ms) : 0, 683432
BytebuddyAgent [candidate] (681.263 ms) : 0, 681263
GlobalTracer [baseline] (302.043 ms) : 0, 302043
GlobalTracer [candidate] (301.453 ms) : 0, 301453
AppSec [baseline] (162.09 ms) : 0, 162090
AppSec [candidate] (161.746 ms) : 0, 161746
Remote Config [baseline] (647.395 µs) : 0, 647
Remote Config [candidate] (644.068 µs) : 0, 644
Telemetry [baseline] (7.185 ms) : 0, 7185
Telemetry [candidate] (7.154 ms) : 0, 7154
IAST [baseline] (18.645 ms) : 0, 18645
IAST [candidate] (18.4 ms) : 0, 18400
section iast
BytebuddyAgent [baseline] (778.201 ms) : 0, 778201
BytebuddyAgent [candidate] (778.362 ms) : 0, 778362
GlobalTracer [baseline] (296.315 ms) : 0, 296315
GlobalTracer [candidate] (296.68 ms) : 0, 296680
AppSec [baseline] (49.523 ms) : 0, 49523
AppSec [candidate] (48.987 ms) : 0, 48987
Remote Config [baseline] (610.569 µs) : 0, 611
Remote Config [candidate] (608.152 µs) : 0, 608
Telemetry [baseline] (10.239 ms) : 0, 10239
Telemetry [candidate] (11.614 ms) : 0, 11614
IAST [baseline] (23.754 ms) : 0, 23754
IAST [candidate] (23.661 ms) : 0, 23661
section profiling
BytebuddyAgent [baseline] (663.701 ms) : 0, 663701
BytebuddyAgent [candidate] (663.659 ms) : 0, 663659
GlobalTracer [baseline] (388.83 ms) : 0, 388830
GlobalTracer [candidate] (388.843 ms) : 0, 388843
AppSec [baseline] (52.272 ms) : 0, 52272
AppSec [candidate] (52.041 ms) : 0, 52041
Remote Config [baseline] (688.991 µs) : 0, 689
Remote Config [candidate] (689.487 µs) : 0, 689
Telemetry [baseline] (7.35 ms) : 0, 7350
Telemetry [candidate] (7.286 ms) : 0, 7286
ProfilingAgent [baseline] (96.276 ms) : 0, 96276
ProfilingAgent [candidate] (96.324 ms) : 0, 96324
Profiling [baseline] (96.299 ms) : 0, 96299
Profiling [candidate] (96.348 ms) : 0, 96348
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-08-29T09:48:00 2024-08-29T09:54:46
git_branch master malvarez/rasp-ephemeral
git_commit_date 1724917297 1724924154
git_commit_sha b7907a2 9186870
release_version 1.39.0-SNAPSHOT~b7907a264e 1.39.0-SNAPSHOT~9186870be7
start_time 2024-08-29T09:47:46 2024-08-29T09:54:33
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1724925631 1724925631
ci_job_id 621242016 621242016
ci_pipeline_id 43134257 43134257
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.323 ms) : 1304, 1342
.   : milestone, 1323,
appsec (1.711 ms) : 1688, 1733
.   : milestone, 1711,
appsec_no_iast (1.734 ms) : 1711, 1758
.   : milestone, 1734,
iast (1.477 ms) : 1454, 1500
.   : milestone, 1477,
profiling (1.486 ms) : 1463, 1509
.   : milestone, 1486,
tracing (1.46 ms) : 1435, 1484
.   : milestone, 1460,
section candidate
no_agent (1.339 ms) : 1319, 1358
.   : milestone, 1339,
appsec (1.724 ms) : 1700, 1749
.   : milestone, 1724,
appsec_no_iast (1.71 ms) : 1686, 1735
.   : milestone, 1710,
iast (1.47 ms) : 1447, 1492
.   : milestone, 1470,
profiling (1.485 ms) : 1459, 1511
.   : milestone, 1485,
tracing (1.455 ms) : 1431, 1480
.   : milestone, 1455,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.323 ms [1.304 ms, 1.342 ms] -
appsec 1.711 ms [1.688 ms, 1.733 ms] 388.064 µs (29.3%)
appsec_no_iast 1.734 ms [1.711 ms, 1.758 ms] 411.294 µs (31.1%)
iast 1.477 ms [1.454 ms, 1.5 ms] 154.185 µs (11.7%)
profiling 1.486 ms [1.463 ms, 1.509 ms] 162.74 µs (12.3%)
tracing 1.46 ms [1.435 ms, 1.484 ms] 136.864 µs (10.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.339 ms [1.319 ms, 1.358 ms] -
appsec 1.724 ms [1.7 ms, 1.749 ms] 385.606 µs (28.8%)
appsec_no_iast 1.71 ms [1.686 ms, 1.735 ms] 371.502 µs (27.8%)
iast 1.47 ms [1.447 ms, 1.492 ms] 131.022 µs (9.8%)
profiling 1.485 ms [1.459 ms, 1.511 ms] 146.723 µs (11.0%)
tracing 1.455 ms [1.431 ms, 1.48 ms] 116.793 µs (8.7%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e
    dateFormat X
    axisFormat %s
section baseline
no_agent (369.368 µs) : 349, 390
.   : milestone, 369,
iast (483.066 µs) : 460, 506
.   : milestone, 483,
iast_FULL (551.063 µs) : 530, 572
.   : milestone, 551,
iast_GLOBAL (505.099 µs) : 484, 526
.   : milestone, 505,
iast_HARDCODED_SECRET_DISABLED (481.143 µs) : 459, 503
.   : milestone, 481,
iast_INACTIVE (449.665 µs) : 429, 471
.   : milestone, 450,
iast_TELEMETRY_OFF (469.816 µs) : 447, 492
.   : milestone, 470,
tracing (431.707 µs) : 412, 452
.   : milestone, 432,
section candidate
no_agent (366.215 µs) : 346, 386
.   : milestone, 366,
iast (477.676 µs) : 455, 500
.   : milestone, 478,
iast_FULL (554.78 µs) : 534, 576
.   : milestone, 555,
iast_GLOBAL (502.315 µs) : 481, 523
.   : milestone, 502,
iast_HARDCODED_SECRET_DISABLED (480.295 µs) : 458, 502
.   : milestone, 480,
iast_INACTIVE (439.464 µs) : 419, 460
.   : milestone, 439,
iast_TELEMETRY_OFF (469.056 µs) : 447, 491
.   : milestone, 469,
tracing (433.203 µs) : 413, 453
.   : milestone, 433,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 369.368 µs [349.101 µs, 389.635 µs] -
iast 483.066 µs [460.023 µs, 506.109 µs] 113.698 µs (30.8%)
iast_FULL 551.063 µs [529.919 µs, 572.207 µs] 181.695 µs (49.2%)
iast_GLOBAL 505.099 µs [483.772 µs, 526.426 µs] 135.731 µs (36.7%)
iast_HARDCODED_SECRET_DISABLED 481.143 µs [458.794 µs, 503.493 µs] 111.775 µs (30.3%)
iast_INACTIVE 449.665 µs [428.579 µs, 470.752 µs] 80.297 µs (21.7%)
iast_TELEMETRY_OFF 469.816 µs [447.416 µs, 492.216 µs] 100.448 µs (27.2%)
tracing 431.707 µs [411.636 µs, 451.779 µs] 62.339 µs (16.9%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 366.215 µs [346.426 µs, 386.004 µs] -
iast 477.676 µs [455.314 µs, 500.037 µs] 111.461 µs (30.4%)
iast_FULL 554.78 µs [533.513 µs, 576.047 µs] 188.565 µs (51.5%)
iast_GLOBAL 502.315 µs [481.134 µs, 523.496 µs] 136.1 µs (37.2%)
iast_HARDCODED_SECRET_DISABLED 480.295 µs [458.197 µs, 502.393 µs] 114.08 µs (31.2%)
iast_INACTIVE 439.464 µs [418.801 µs, 460.127 µs] 73.249 µs (20.0%)
iast_TELEMETRY_OFF 469.056 µs [447.427 µs, 490.686 µs] 102.841 µs (28.1%)
tracing 433.203 µs [413.312 µs, 453.094 µs] 66.988 µs (18.3%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/rasp-ephemeral
git_commit_date 1724917297 1724924154
git_commit_sha b7907a2 9186870
release_version 1.39.0-SNAPSHOT~b7907a264e 1.39.0-SNAPSHOT~9186870be7
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1724926136 1724926136
ci_job_id 621242018 621242018
ci_pipeline_id 43134257 43134257
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.038 s) : 15038000, 15038000
.   : milestone, 15038000,
appsec (15.139 s) : 15139000, 15139000
.   : milestone, 15139000,
iast (18.856 s) : 18856000, 18856000
.   : milestone, 18856000,
iast_GLOBAL (17.851 s) : 17851000, 17851000
.   : milestone, 17851000,
profiling (15.977 s) : 15977000, 15977000
.   : milestone, 15977000,
tracing (15.299 s) : 15299000, 15299000
.   : milestone, 15299000,
section candidate
no_agent (15.162 s) : 15162000, 15162000
.   : milestone, 15162000,
appsec (14.819 s) : 14819000, 14819000
.   : milestone, 14819000,
iast (18.563 s) : 18563000, 18563000
.   : milestone, 18563000,
iast_GLOBAL (17.802 s) : 17802000, 17802000
.   : milestone, 17802000,
profiling (15.33 s) : 15330000, 15330000
.   : milestone, 15330000,
tracing (15.047 s) : 15047000, 15047000
.   : milestone, 15047000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.038 s [15.038 s, 15.038 s] -
appsec 15.139 s [15.139 s, 15.139 s] 101.0 ms (0.7%)
iast 18.856 s [18.856 s, 18.856 s] 3.818 s (25.4%)
iast_GLOBAL 17.851 s [17.851 s, 17.851 s] 2.813 s (18.7%)
profiling 15.977 s [15.977 s, 15.977 s] 939.0 ms (6.2%)
tracing 15.299 s [15.299 s, 15.299 s] 261.0 ms (1.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.162 s [15.162 s, 15.162 s] -
appsec 14.819 s [14.819 s, 14.819 s] -343.0 ms (-2.3%)
iast 18.563 s [18.563 s, 18.563 s] 3.401 s (22.4%)
iast_GLOBAL 17.802 s [17.802 s, 17.802 s] 2.64 s (17.4%)
profiling 15.33 s [15.33 s, 15.33 s] 168.0 ms (1.1%)
tracing 15.047 s [15.047 s, 15.047 s] -115.0 ms (-0.8%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.39.0-SNAPSHOT~9186870be7, baseline=1.39.0-SNAPSHOT~b7907a264e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.455 ms) : 1443, 1466
.   : milestone, 1455,
appsec (2.214 ms) : 2179, 2249
.   : milestone, 2214,
iast (1.975 ms) : 1931, 2019
.   : milestone, 1975,
iast_GLOBAL (2.015 ms) : 1971, 2059
.   : milestone, 2015,
profiling (1.861 ms) : 1824, 1897
.   : milestone, 1861,
tracing (1.832 ms) : 1799, 1865
.   : milestone, 1832,
section candidate
no_agent (1.451 ms) : 1440, 1462
.   : milestone, 1451,
appsec (2.208 ms) : 2173, 2242
.   : milestone, 2208,
iast (1.958 ms) : 1915, 2000
.   : milestone, 1958,
iast_GLOBAL (2.013 ms) : 1969, 2057
.   : milestone, 2013,
profiling (1.865 ms) : 1830, 1900
.   : milestone, 1865,
tracing (1.837 ms) : 1805, 1870
.   : milestone, 1837,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.455 ms [1.443 ms, 1.466 ms] -
appsec 2.214 ms [2.179 ms, 2.249 ms] 759.429 µs (52.2%)
iast 1.975 ms [1.931 ms, 2.019 ms] 520.244 µs (35.8%)
iast_GLOBAL 2.015 ms [1.971 ms, 2.059 ms] 560.777 µs (38.6%)
profiling 1.861 ms [1.824 ms, 1.897 ms] 405.886 µs (27.9%)
tracing 1.832 ms [1.799 ms, 1.865 ms] 377.722 µs (26.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.451 ms [1.44 ms, 1.462 ms] -
appsec 2.208 ms [2.173 ms, 2.242 ms] 756.745 µs (52.2%)
iast 1.958 ms [1.915 ms, 2.0 ms] 506.801 µs (34.9%)
iast_GLOBAL 2.013 ms [1.969 ms, 2.057 ms] 562.171 µs (38.7%)
profiling 1.865 ms [1.83 ms, 1.9 ms] 414.152 µs (28.5%)
tracing 1.837 ms [1.805 ms, 1.87 ms] 386.567 µs (26.6%)

@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit 26db206 into master Aug 29, 2024
92 checks passed
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/rasp-ephemeral branch August 29, 2024 14:24
@github-actions github-actions bot added this to the 1.39.0 milestone Aug 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ValentinZakharov ValentinZakharov ValentinZakharov approved these changes

@smola smola smola approved these changes

@jandro996 jandro996 Awaiting requested review from jandro996 jandro996 is a code owner automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) type: bug
Projects
None yet
Milestone
1.39.0
Development

Successfully merging this pull request may close these issues.
3 participants
@manuel-alvarez-alvarez @smola @ValentinZakharov