Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add builder for vulnerability types and fix insecure auth protocol #7216

Merged
merged 1 commit into from
Jun 20, 2024
Merged

Add builder for vulnerability types and fix insecure auth protocol #7216

merged 1 commit into from
Jun 20, 2024

Conversation

manuel-alvarez-alvarez
Copy link
Contributor

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Jun 19, 2024
edited
Loading

What Does This Do

Refactor VulnerabilityType constructor and fix INSECURE_AUTH_PROTOCOL hash.

Motivation

The hashing of the INSECURE_AUTH_PROTOCOL was using file and line when it should use the evidence to compute the hash.

Additional Notes

Jira ticket: [PROJ-IDENT]

Specification

@manuel-alvarez-alvarez manuel-alvarez-alvarez added the comp: asm iast Application Security Management (IAST) label Jun 19, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review June 19, 2024 10:42
@manuel-alvarez-alvarez manuel-alvarez-alvarez requested a review from a team as a code owner June 19, 2024 10:42
@pr-commenter
Copy link

pr-commenter bot commented Jun 19, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/iast-fix-insecure-auth-protocol
git_commit_date 1718709557 1718793572
git_commit_sha ae0ed76 4ee55ca
release_version 1.36.0-SNAPSHOT~ae0ed76333 1.36.0-SNAPSHOT~4ee55caddd
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1718796573 1718796573
ci_job_id 547851396 547851396
ci_pipeline_id 37099081 37099081
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 50 metrics, 13 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.064 s) : 0, 1063861
Total [baseline] (10.415 s) : 0, 10415283
Agent [candidate] (1.069 s) : 0, 1068521
Total [candidate] (10.425 s) : 0, 10424705
section appsec
Agent [baseline] (1.181 s) : 0, 1180841
Total [baseline] (10.497 s) : 0, 10496939
Agent [candidate] (1.183 s) : 0, 1183333
Total [candidate] (10.487 s) : 0, 10486884
section iast
Agent [baseline] (1.176 s) : 0, 1176242
Total [baseline] (10.706 s) : 0, 10705724
Agent [candidate] (1.17 s) : 0, 1169741
Total [candidate] (10.741 s) : 0, 10740633
section profiling
Agent [baseline] (1.259 s) : 0, 1258962
Total [baseline] (10.591 s) : 0, 10591477
Agent [candidate] (1.261 s) : 0, 1261063
Total [candidate] (10.658 s) : 0, 10658379
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.064 s -
Agent appsec 1.181 s 116.98 ms (11.0%)
Agent iast 1.176 s 112.381 ms (10.6%)
Agent profiling 1.259 s 195.101 ms (18.3%)
Total tracing 10.415 s -
Total appsec 10.497 s 81.656 ms (0.8%)
Total iast 10.706 s 290.441 ms (2.8%)
Total profiling 10.591 s 176.193 ms (1.7%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.069 s -
Agent appsec 1.183 s 114.812 ms (10.7%)
Agent iast 1.17 s 101.22 ms (9.5%)
Agent profiling 1.261 s 192.542 ms (18.0%)
Total tracing 10.425 s -
Total appsec 10.487 s 62.179 ms (0.6%)
Total iast 10.741 s 315.928 ms (3.0%)
Total profiling 10.658 s 233.674 ms (2.2%) 
gantt
    title petclinic - break down per module: candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (666.354 ms) : 0, 666354
BytebuddyAgent [candidate] (669.964 ms) : 0, 669964
GlobalTracer [baseline] (304.512 ms) : 0, 304512
GlobalTracer [candidate] (305.534 ms) : 0, 305534
AppSec [baseline] (50.267 ms) : 0, 50267
AppSec [candidate] (50.174 ms) : 0, 50174
Remote Config [baseline] (685.719 µs) : 0, 686
Remote Config [candidate] (691.736 µs) : 0, 692
Telemetry [baseline] (7.514 ms) : 0, 7514
Telemetry [candidate] (7.523 ms) : 0, 7523
section appsec
BytebuddyAgent [baseline] (675.121 ms) : 0, 675121
BytebuddyAgent [candidate] (677.583 ms) : 0, 677583
GlobalTracer [baseline] (297.163 ms) : 0, 297163
GlobalTracer [candidate] (297.746 ms) : 0, 297746
AppSec [baseline] (153.666 ms) : 0, 153666
AppSec [candidate] (154.026 ms) : 0, 154026
Remote Config [baseline] (637.229 µs) : 0, 637
Remote Config [candidate] (634.397 µs) : 0, 634
Telemetry [baseline] (9.075 ms) : 0, 9075
Telemetry [candidate] (7.195 ms) : 0, 7195
IAST [baseline] (21.585 ms) : 0, 21585
IAST [candidate] (23.134 ms) : 0, 23134
section iast
BytebuddyAgent [baseline] (783.774 ms) : 0, 783774
BytebuddyAgent [candidate] (779.393 ms) : 0, 779393
GlobalTracer [baseline] (295.101 ms) : 0, 295101
GlobalTracer [candidate] (293.084 ms) : 0, 293084
AppSec [baseline] (47.257 ms) : 0, 47257
AppSec [candidate] (47.138 ms) : 0, 47138
Remote Config [baseline] (626.093 µs) : 0, 626
Remote Config [candidate] (720.699 µs) : 0, 721
Telemetry [baseline] (6.936 ms) : 0, 6936
Telemetry [candidate] (7.817 ms) : 0, 7817
IAST [baseline] (29.207 ms) : 0, 29207
IAST [candidate] (28.29 ms) : 0, 28290
section profiling
BytebuddyAgent [baseline] (661.497 ms) : 0, 661497
BytebuddyAgent [candidate] (661.347 ms) : 0, 661347
GlobalTracer [baseline] (384.902 ms) : 0, 384902
GlobalTracer [candidate] (385.256 ms) : 0, 385256
AppSec [baseline] (51.184 ms) : 0, 51184
AppSec [candidate] (51.854 ms) : 0, 51854
Remote Config [baseline] (744.032 µs) : 0, 744
Remote Config [candidate] (733.412 µs) : 0, 733
Telemetry [baseline] (7.352 ms) : 0, 7352
Telemetry [candidate] (7.381 ms) : 0, 7381
ProfilingAgent [baseline] (96.451 ms) : 0, 96451
ProfilingAgent [candidate] (97.76 ms) : 0, 97760
Profiling [baseline] (96.475 ms) : 0, 96475
Profiling [candidate] (97.785 ms) : 0, 97785
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.061 s) : 0, 1061343
Total [baseline] (8.531 s) : 0, 8530951
Agent [candidate] (1.062 s) : 0, 1062346
Total [candidate] (8.55 s) : 0, 8550407
section iast
Agent [baseline] (1.169 s) : 0, 1168849
Total [baseline] (9.061 s) : 0, 9061370
Agent [candidate] (1.179 s) : 0, 1178917
Total [candidate] (9.015 s) : 0, 9014606
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.167 s) : 0, 1167010
Total [baseline] (9.012 s) : 0, 9011685
Agent [candidate] (1.18 s) : 0, 1180135
Total [candidate] (9.034 s) : 0, 9033594
section iast_TELEMETRY_OFF
Agent [baseline] (1.165 s) : 0, 1164857
Total [baseline] (8.981 s) : 0, 8980832
Agent [candidate] (1.167 s) : 0, 1166951
Total [candidate] (9.004 s) : 0, 9003747
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.061 s -
Agent iast 1.169 s 107.506 ms (10.1%)
Agent iast_HARDCODED_SECRET_DISABLED 1.167 s 105.667 ms (10.0%)
Agent iast_TELEMETRY_OFF 1.165 s 103.515 ms (9.8%)
Total tracing 8.531 s -
Total iast 9.061 s 530.419 ms (6.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.012 s 480.734 ms (5.6%)
Total iast_TELEMETRY_OFF 8.981 s 449.881 ms (5.3%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.062 s -
Agent iast 1.179 s 116.571 ms (11.0%)
Agent iast_HARDCODED_SECRET_DISABLED 1.18 s 117.789 ms (11.1%)
Agent iast_TELEMETRY_OFF 1.167 s 104.605 ms (9.8%)
Total tracing 8.55 s -
Total iast 9.015 s 464.199 ms (5.4%)
Total iast_HARDCODED_SECRET_DISABLED 9.034 s 483.187 ms (5.7%)
Total iast_TELEMETRY_OFF 9.004 s 453.339 ms (5.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (665.417 ms) : 0, 665417
BytebuddyAgent [candidate] (665.874 ms) : 0, 665874
GlobalTracer [baseline] (303.081 ms) : 0, 303081
GlobalTracer [candidate] (303.601 ms) : 0, 303601
AppSec [baseline] (50.267 ms) : 0, 50267
AppSec [candidate] (50.146 ms) : 0, 50146
Remote Config [baseline] (693.81 µs) : 0, 694
Remote Config [candidate] (730.436 µs) : 0, 730
Telemetry [baseline] (7.558 ms) : 0, 7558
Telemetry [candidate] (7.583 ms) : 0, 7583
section iast
BytebuddyAgent [baseline] (778.899 ms) : 0, 778899
BytebuddyAgent [candidate] (787.559 ms) : 0, 787559
GlobalTracer [baseline] (293.162 ms) : 0, 293162
GlobalTracer [candidate] (296.124 ms) : 0, 296124
AppSec [baseline] (46.921 ms) : 0, 46921
AppSec [candidate] (47.434 ms) : 0, 47434
Remote Config [baseline] (625.316 µs) : 0, 625
Remote Config [candidate] (617.611 µs) : 0, 618
Telemetry [baseline] (8.44 ms) : 0, 8440
Telemetry [candidate] (7.839 ms) : 0, 7839
IAST [baseline] (27.527 ms) : 0, 27527
IAST [candidate] (25.971 ms) : 0, 25971
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (777.973 ms) : 0, 777973
BytebuddyAgent [candidate] (787.074 ms) : 0, 787074
GlobalTracer [baseline] (292.837 ms) : 0, 292837
GlobalTracer [candidate] (295.624 ms) : 0, 295624
AppSec [baseline] (47.306 ms) : 0, 47306
AppSec [candidate] (47.738 ms) : 0, 47738
Remote Config [baseline] (632.946 µs) : 0, 633
Remote Config [candidate] (726.798 µs) : 0, 727
Telemetry [baseline] (6.925 ms) : 0, 6925
Telemetry [candidate] (6.995 ms) : 0, 6995
IAST [baseline] (28.028 ms) : 0, 28028
IAST [candidate] (28.49 ms) : 0, 28490
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (775.909 ms) : 0, 775909
BytebuddyAgent [candidate] (777.52 ms) : 0, 777520
GlobalTracer [baseline] (293.198 ms) : 0, 293198
GlobalTracer [candidate] (293.58 ms) : 0, 293580
AppSec [baseline] (47.029 ms) : 0, 47029
AppSec [candidate] (47.137 ms) : 0, 47137
Remote Config [baseline] (607.131 µs) : 0, 607
Remote Config [candidate] (595.956 µs) : 0, 596
Telemetry [baseline] (8.462 ms) : 0, 8462
Telemetry [candidate] (6.809 ms) : 0, 6809
IAST [baseline] (26.355 ms) : 0, 26355
IAST [candidate] (27.984 ms) : 0, 27984
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-06-19T10:59:17 2024-06-19T11:06:08
git_branch master malvarez/iast-fix-insecure-auth-protocol
git_commit_date 1718709557 1718793572
git_commit_sha ae0ed76 4ee55ca
release_version 1.36.0-SNAPSHOT~ae0ed76333 1.36.0-SNAPSHOT~4ee55caddd
start_time 2024-06-19T10:59:04 2024-06-19T11:05:55
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1718795514 1718795514
ci_job_id 547851398 547851398
ci_pipeline_id 37099081 37099081
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 16 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:profiling better
[-91.579µs; -38.298µs] or [-5.885%; -2.461%]		 unstable
[-461.659op/s; +689.579op/s] or [-15.581%; +23.273%]		 1.491ms 3076.923op/s 1.556ms 2962.963op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333
    dateFormat X
    axisFormat %s
section baseline
no_agent (377.046 µs) : 358, 397
.   : milestone, 377,
iast (492.39 µs) : 471, 514
.   : milestone, 492,
iast_FULL (549.797 µs) : 528, 571
.   : milestone, 550,
iast_GLOBAL (517.175 µs) : 494, 540
.   : milestone, 517,
iast_HARDCODED_SECRET_DISABLED (485.366 µs) : 464, 507
.   : milestone, 485,
iast_INACTIVE (453.971 µs) : 433, 475
.   : milestone, 454,
iast_TELEMETRY_OFF (475.783 µs) : 454, 497
.   : milestone, 476,
tracing (447.952 µs) : 427, 469
.   : milestone, 448,
section candidate
no_agent (365.866 µs) : 346, 386
.   : milestone, 366,
iast (487.148 µs) : 466, 508
.   : milestone, 487,
iast_FULL (560.123 µs) : 539, 582
.   : milestone, 560,
iast_GLOBAL (510.482 µs) : 489, 531
.   : milestone, 510,
iast_HARDCODED_SECRET_DISABLED (483.559 µs) : 462, 505
.   : milestone, 484,
iast_INACTIVE (459.78 µs) : 438, 481
.   : milestone, 460,
iast_TELEMETRY_OFF (478.727 µs) : 457, 500
.   : milestone, 479,
tracing (453.673 µs) : 432, 475
.   : milestone, 454,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 377.046 µs [357.55 µs, 396.542 µs] -
iast 492.39 µs [471.126 µs, 513.653 µs] 115.344 µs (30.6%)
iast_FULL 549.797 µs [528.498 µs, 571.097 µs] 172.751 µs (45.8%)
iast_GLOBAL 517.175 µs [494.175 µs, 540.174 µs] 140.129 µs (37.2%)
iast_HARDCODED_SECRET_DISABLED 485.366 µs [463.86 µs, 506.872 µs] 108.32 µs (28.7%)
iast_INACTIVE 453.971 µs [433.25 µs, 474.693 µs] 76.925 µs (20.4%)
iast_TELEMETRY_OFF 475.783 µs [454.255 µs, 497.311 µs] 98.737 µs (26.2%)
tracing 447.952 µs [426.994 µs, 468.91 µs] 70.906 µs (18.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 365.866 µs [345.674 µs, 386.059 µs] -
iast 487.148 µs [466.144 µs, 508.153 µs] 121.282 µs (33.1%)
iast_FULL 560.123 µs [538.709 µs, 581.537 µs] 194.257 µs (53.1%)
iast_GLOBAL 510.482 µs [489.498 µs, 531.466 µs] 144.616 µs (39.5%)
iast_HARDCODED_SECRET_DISABLED 483.559 µs [462.27 µs, 504.848 µs] 117.693 µs (32.2%)
iast_INACTIVE 459.78 µs [438.48 µs, 481.079 µs] 93.914 µs (25.7%)
iast_TELEMETRY_OFF 478.727 µs [457.482 µs, 499.972 µs] 112.861 µs (30.8%)
tracing 453.673 µs [432.169 µs, 475.176 µs] 87.806 µs (24.0%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.349 ms) : 1329, 1369
.   : milestone, 1349,
appsec (1.735 ms) : 1711, 1759
.   : milestone, 1735,
appsec_no_iast (1.728 ms) : 1703, 1753
.   : milestone, 1728,
iast (1.489 ms) : 1467, 1510
.   : milestone, 1489,
profiling (1.556 ms) : 1531, 1581
.   : milestone, 1556,
tracing (1.46 ms) : 1435, 1485
.   : milestone, 1460,
section candidate
no_agent (1.354 ms) : 1335, 1373
.   : milestone, 1354,
appsec (1.737 ms) : 1713, 1762
.   : milestone, 1737,
appsec_no_iast (1.721 ms) : 1696, 1746
.   : milestone, 1721,
iast (1.476 ms) : 1453, 1499
.   : milestone, 1476,
profiling (1.491 ms) : 1467, 1516
.   : milestone, 1491,
tracing (1.464 ms) : 1439, 1488
.   : milestone, 1464,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.349 ms [1.329 ms, 1.369 ms] -
appsec 1.735 ms [1.711 ms, 1.759 ms] 386.369 µs (28.6%)
appsec_no_iast 1.728 ms [1.703 ms, 1.753 ms] 379.09 µs (28.1%)
iast 1.489 ms [1.467 ms, 1.51 ms] 139.584 µs (10.3%)
profiling 1.556 ms [1.531 ms, 1.581 ms] 207.266 µs (15.4%)
tracing 1.46 ms [1.435 ms, 1.485 ms] 110.812 µs (8.2%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.354 ms [1.335 ms, 1.373 ms] -
appsec 1.737 ms [1.713 ms, 1.762 ms] 383.385 µs (28.3%)
appsec_no_iast 1.721 ms [1.696 ms, 1.746 ms] 366.873 µs (27.1%)
iast 1.476 ms [1.453 ms, 1.499 ms] 122.357 µs (9.0%)
profiling 1.491 ms [1.467 ms, 1.516 ms] 137.281 µs (10.1%)
tracing 1.464 ms [1.439 ms, 1.488 ms] 109.624 µs (8.1%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/iast-fix-insecure-auth-protocol
git_commit_date 1718709557 1718793572
git_commit_sha ae0ed76 4ee55ca
release_version 1.36.0-SNAPSHOT~ae0ed76333 1.36.0-SNAPSHOT~4ee55caddd
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1718796090 1718796090
ci_job_id 547851400 547851400
ci_pipeline_id 37099081 37099081
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.968 s) : 14968000, 14968000
.   : milestone, 14968000,
appsec (15.001 s) : 15001000, 15001000
.   : milestone, 15001000,
iast (18.78 s) : 18780000, 18780000
.   : milestone, 18780000,
iast_GLOBAL (17.826 s) : 17826000, 17826000
.   : milestone, 17826000,
profiling (16.364 s) : 16364000, 16364000
.   : milestone, 16364000,
tracing (14.891 s) : 14891000, 14891000
.   : milestone, 14891000,
section candidate
no_agent (14.775 s) : 14775000, 14775000
.   : milestone, 14775000,
appsec (14.864 s) : 14864000, 14864000
.   : milestone, 14864000,
iast (18.801 s) : 18801000, 18801000
.   : milestone, 18801000,
iast_GLOBAL (17.918 s) : 17918000, 17918000
.   : milestone, 17918000,
profiling (15.148 s) : 15148000, 15148000
.   : milestone, 15148000,
tracing (14.92 s) : 14920000, 14920000
.   : milestone, 14920000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.968 s [14.968 s, 14.968 s] -
appsec 15.001 s [15.001 s, 15.001 s] 33.0 ms (0.2%)
iast 18.78 s [18.78 s, 18.78 s] 3.812 s (25.5%)
iast_GLOBAL 17.826 s [17.826 s, 17.826 s] 2.858 s (19.1%)
profiling 16.364 s [16.364 s, 16.364 s] 1.396 s (9.3%)
tracing 14.891 s [14.891 s, 14.891 s] -77.0 ms (-0.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.775 s [14.775 s, 14.775 s] -
appsec 14.864 s [14.864 s, 14.864 s] 89.0 ms (0.6%)
iast 18.801 s [18.801 s, 18.801 s] 4.026 s (27.2%)
iast_GLOBAL 17.918 s [17.918 s, 17.918 s] 3.143 s (21.3%)
profiling 15.148 s [15.148 s, 15.148 s] 373.0 ms (2.5%)
tracing 14.92 s [14.92 s, 14.92 s] 145.0 ms (1.0%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~4ee55caddd, baseline=1.36.0-SNAPSHOT~ae0ed76333
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.46 ms) : 1449, 1472
.   : milestone, 1460,
appsec (2.211 ms) : 2177, 2245
.   : milestone, 2211,
iast (1.965 ms) : 1923, 2006
.   : milestone, 1965,
iast_GLOBAL (2.005 ms) : 1965, 2046
.   : milestone, 2005,
profiling (1.857 ms) : 1821, 1892
.   : milestone, 1857,
tracing (1.827 ms) : 1795, 1858
.   : milestone, 1827,
section candidate
no_agent (1.461 ms) : 1450, 1473
.   : milestone, 1461,
appsec (2.209 ms) : 2175, 2244
.   : milestone, 2209,
iast (1.958 ms) : 1918, 1998
.   : milestone, 1958,
iast_GLOBAL (2.009 ms) : 1968, 2050
.   : milestone, 2009,
profiling (1.844 ms) : 1811, 1877
.   : milestone, 1844,
tracing (1.827 ms) : 1795, 1860
.   : milestone, 1827,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.46 ms [1.449 ms, 1.472 ms] -
appsec 2.211 ms [2.177 ms, 2.245 ms] 750.377 µs (51.4%)
iast 1.965 ms [1.923 ms, 2.006 ms] 504.404 µs (34.5%)
iast_GLOBAL 2.005 ms [1.965 ms, 2.046 ms] 544.962 µs (37.3%)
profiling 1.857 ms [1.821 ms, 1.892 ms] 396.204 µs (27.1%)
tracing 1.827 ms [1.795 ms, 1.858 ms] 366.214 µs (25.1%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.461 ms [1.45 ms, 1.473 ms] -
appsec 2.209 ms [2.175 ms, 2.244 ms] 748.119 µs (51.2%)
iast 1.958 ms [1.918 ms, 1.998 ms] 496.89 µs (34.0%)
iast_GLOBAL 2.009 ms [1.968 ms, 2.05 ms] 547.683 µs (37.5%)
profiling 1.844 ms [1.811 ms, 1.877 ms] 383.27 µs (26.2%)
tracing 1.827 ms [1.795 ms, 1.86 ms] 366.316 µs (25.1%)

jandro996
jandro996 approved these changes Jun 20, 2024
View reviewed changes
Copy link
Member

@jandro996 jandro996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Much better with the Builder!

@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit 1ceb7d1 into master Jun 20, 2024
83 checks passed
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/iast-fix-insecure-auth-protocol branch June 20, 2024 08:21
@github-actions github-actions bot added this to the 1.36.0 milestone Jun 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smola smola smola approved these changes

@jandro996 jandro996 jandro996 approved these changes

@ValentinZakharov ValentinZakharov Awaiting requested review from ValentinZakharov ValentinZakharov is a code owner automatically assigned from DataDog/asm-java

Assignees
No one assigned
Labels
comp: asm iast Application Security Management (IAST)
Projects
None yet
Milestone
1.36.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@manuel-alvarez-alvarez @smola @jandro996