Skip to content

Upgrade to AppSec rules v1.13.0#7424

Merged
manuel-alvarez-alvarez merged 1 commit intomasterfrom
malvarez/waf-update-rules
Aug 13, 2024
Merged

Upgrade to AppSec rules v1.13.0#7424
manuel-alvarez-alvarez merged 1 commit intomasterfrom
malvarez/waf-update-rules

Conversation

@manuel-alvarez-alvarez
Copy link
Copy Markdown
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Aug 13, 2024
edited
Loading

What Does This Do

Updates the WAF rules file to the latest version from here. New features:

  • New rule: rasp-932-100 for RASP shell injection
  • New processors: *-fingerprint used for fingerprinting of requests

Motivation

Additional Notes

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@manuel-alvarez-alvarez manuel-alvarez-alvarez added the comp: asm waf Application Security Management (WAF) label Aug 13, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez requested a review from a team as a code owner August 13, 2024 13:45
@manuel-alvarez-alvarez manuel-alvarez-alvarez changed the title Update appsec rules file Upgrade to AppSec rules v1.13.0 Aug 13, 2024
@pr-commenter
Copy link
Copy Markdown

pr-commenter Bot commented Aug 13, 2024
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-update-rules
git_commit_date 1723556945 1723557429
git_commit_sha 22e9fef 899dc16
release_version 1.39.0-SNAPSHOT~22e9fef108 1.39.0-SNAPSHOT~899dc16ca8
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1723559961 1723559961
ci_job_id 603362367 603362367
ci_pipeline_id 41602740 41602740
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 49 metrics, 14 unstable metrics.

Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.066 s) : 0, 1066117
Total [baseline] (8.523 s) : 0, 8522998
Agent [candidate] (1.054 s) : 0, 1053659
Total [candidate] (8.479 s) : 0, 8479362
section iast
Agent [baseline] (1.176 s) : 0, 1176436
Total [baseline] (8.986 s) : 0, 8985851
Agent [candidate] (1.185 s) : 0, 1185173
Total [candidate] (8.973 s) : 0, 8972717
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.176 s) : 0, 1175999
Total [baseline] (8.961 s) : 0, 8960774
Agent [candidate] (1.186 s) : 0, 1186231
Total [candidate] (8.97 s) : 0, 8970202
section iast_TELEMETRY_OFF
Agent [baseline] (1.171 s) : 0, 1171426
Total [baseline] (9.004 s) : 0, 9004302
Agent [candidate] (1.171 s) : 0, 1171256
Total [candidate] (8.953 s) : 0, 8953023
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.066 s -
Agent iast 1.176 s 110.32 ms (10.3%)
Agent iast_HARDCODED_SECRET_DISABLED 1.176 s 109.882 ms (10.3%)
Agent iast_TELEMETRY_OFF 1.171 s 105.309 ms (9.9%)
Total tracing 8.523 s -
Total iast 8.986 s 462.853 ms (5.4%)
Total iast_HARDCODED_SECRET_DISABLED 8.961 s 437.776 ms (5.1%)
Total iast_TELEMETRY_OFF 9.004 s 481.305 ms (5.6%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.054 s -
Agent iast 1.185 s 131.514 ms (12.5%)
Agent iast_HARDCODED_SECRET_DISABLED 1.186 s 132.572 ms (12.6%)
Agent iast_TELEMETRY_OFF 1.171 s 117.597 ms (11.2%)
Total tracing 8.479 s -
Total iast 8.973 s 493.355 ms (5.8%)
Total iast_HARDCODED_SECRET_DISABLED 8.97 s 490.84 ms (5.8%)
Total iast_TELEMETRY_OFF 8.953 s 473.661 ms (5.6%) 
gantt
    title insecure-bank - break down per module: candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (681.089 ms) : 0, 681089
BytebuddyAgent [candidate] (672.708 ms) : 0, 672708
GlobalTracer [baseline] (311.369 ms) : 0, 311369
GlobalTracer [candidate] (307.999 ms) : 0, 307999
AppSec [baseline] (51.702 ms) : 0, 51702
AppSec [candidate] (51.153 ms) : 0, 51153
Remote Config [baseline] (698.139 µs) : 0, 698
Remote Config [candidate] (691.966 µs) : 0, 692
Telemetry [baseline] (7.617 ms) : 0, 7617
Telemetry [candidate] (7.614 ms) : 0, 7614
section iast
BytebuddyAgent [baseline] (781.859 ms) : 0, 781859
BytebuddyAgent [candidate] (788.298 ms) : 0, 788298
GlobalTracer [baseline] (295.873 ms) : 0, 295873
GlobalTracer [candidate] (298.362 ms) : 0, 298362
AppSec [baseline] (53.594 ms) : 0, 53594
AppSec [candidate] (53.661 ms) : 0, 53661
IAST [baseline] (23.057 ms) : 0, 23057
IAST [candidate] (22.746 ms) : 0, 22746
Remote Config [baseline] (581.236 µs) : 0, 581
Remote Config [candidate] (592.269 µs) : 0, 592
Telemetry [baseline] (8.001 ms) : 0, 8001
Telemetry [candidate] (7.936 ms) : 0, 7936
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (781.834 ms) : 0, 781834
BytebuddyAgent [candidate] (788.855 ms) : 0, 788855
GlobalTracer [baseline] (296.52 ms) : 0, 296520
GlobalTracer [candidate] (298.498 ms) : 0, 298498
AppSec [baseline] (50.356 ms) : 0, 50356
AppSec [candidate] (49.669 ms) : 0, 49669
IAST [baseline] (23.629 ms) : 0, 23629
IAST [candidate] (25.403 ms) : 0, 25403
Remote Config [baseline] (589.536 µs) : 0, 590
Remote Config [candidate] (589.837 µs) : 0, 590
Telemetry [baseline] (9.597 ms) : 0, 9597
Telemetry [candidate] (9.575 ms) : 0, 9575
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (779.43 ms) : 0, 779430
BytebuddyAgent [candidate] (778.427 ms) : 0, 778427
GlobalTracer [baseline] (296.848 ms) : 0, 296848
GlobalTracer [candidate] (296.236 ms) : 0, 296236
AppSec [baseline] (48.955 ms) : 0, 48955
AppSec [candidate] (52.711 ms) : 0, 52711
IAST [baseline] (25.052 ms) : 0, 25052
IAST [candidate] (22.758 ms) : 0, 22758
Remote Config [baseline] (613.623 µs) : 0, 614
Remote Config [candidate] (608.157 µs) : 0, 608
Telemetry [baseline] (7.04 ms) : 0, 7040
Telemetry [candidate] (7.006 ms) : 0, 7006
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.046 s) : 0, 1045905
Total [baseline] (10.284 s) : 0, 10284122
Agent [candidate] (1.047 s) : 0, 1047256
Total [candidate] (10.285 s) : 0, 10285435
section appsec
Agent [baseline] (1.168 s) : 0, 1168275
Total [baseline] (10.507 s) : 0, 10506570
Agent [candidate] (1.168 s) : 0, 1168034
Total [candidate] (10.496 s) : 0, 10495905
section iast
Agent [baseline] (1.185 s) : 0, 1185162
Total [baseline] (10.809 s) : 0, 10809018
Agent [candidate] (1.175 s) : 0, 1175395
Total [candidate] (10.776 s) : 0, 10775871
section profiling
Agent [baseline] (1.254 s) : 0, 1254101
Total [baseline] (10.577 s) : 0, 10576621
Agent [candidate] (1.245 s) : 0, 1244579
Total [candidate] (10.562 s) : 0, 10561842
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.046 s -
Agent appsec 1.168 s 122.371 ms (11.7%)
Agent iast 1.185 s 139.257 ms (13.3%)
Agent profiling 1.254 s 208.197 ms (19.9%)
Total tracing 10.284 s -
Total appsec 10.507 s 222.447 ms (2.2%)
Total iast 10.809 s 524.896 ms (5.1%)
Total profiling 10.577 s 292.499 ms (2.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.047 s -
Agent appsec 1.168 s 120.778 ms (11.5%)
Agent iast 1.175 s 128.139 ms (12.2%)
Agent profiling 1.245 s 197.322 ms (18.8%)
Total tracing 10.285 s -
Total appsec 10.496 s 210.47 ms (2.0%)
Total iast 10.776 s 490.436 ms (4.8%)
Total profiling 10.562 s 276.407 ms (2.7%) 
gantt
    title petclinic - break down per module: candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (667.303 ms) : 0, 667303
BytebuddyAgent [candidate] (667.947 ms) : 0, 667947
GlobalTracer [baseline] (305.889 ms) : 0, 305889
GlobalTracer [candidate] (306.63 ms) : 0, 306630
AppSec [baseline] (51.161 ms) : 0, 51161
AppSec [candidate] (51.049 ms) : 0, 51049
Remote Config [baseline] (687.89 µs) : 0, 688
Remote Config [candidate] (686.709 µs) : 0, 687
Telemetry [baseline] (7.46 ms) : 0, 7460
Telemetry [candidate] (7.485 ms) : 0, 7485
section appsec
BytebuddyAgent [baseline] (678.114 ms) : 0, 678114
BytebuddyAgent [candidate] (677.612 ms) : 0, 677612
GlobalTracer [baseline] (300.269 ms) : 0, 300269
GlobalTracer [candidate] (299.62 ms) : 0, 299620
AppSec [baseline] (156.403 ms) : 0, 156403
AppSec [candidate] (157.652 ms) : 0, 157652
IAST [baseline] (20.696 ms) : 0, 20696
IAST [candidate] (20.743 ms) : 0, 20743
Remote Config [baseline] (600.675 µs) : 0, 601
Remote Config [candidate] (601.674 µs) : 0, 602
Telemetry [baseline] (9.073 ms) : 0, 9073
Telemetry [candidate] (8.698 ms) : 0, 8698
section iast
BytebuddyAgent [baseline] (788.576 ms) : 0, 788576
BytebuddyAgent [candidate] (781.775 ms) : 0, 781775
GlobalTracer [baseline] (297.826 ms) : 0, 297826
GlobalTracer [candidate] (295.956 ms) : 0, 295956
AppSec [baseline] (54.733 ms) : 0, 54733
AppSec [candidate] (53.285 ms) : 0, 53285
IAST [baseline] (21.86 ms) : 0, 21860
IAST [candidate] (23.218 ms) : 0, 23218
Remote Config [baseline] (587.747 µs) : 0, 588
Remote Config [candidate] (574.652 µs) : 0, 575
Telemetry [baseline] (8.02 ms) : 0, 8020
Telemetry [candidate] (7.104 ms) : 0, 7104
section profiling
BytebuddyAgent [baseline] (668.181 ms) : 0, 668181
BytebuddyAgent [candidate] (662.36 ms) : 0, 662360
GlobalTracer [baseline] (393.752 ms) : 0, 393752
GlobalTracer [candidate] (390.644 ms) : 0, 390644
AppSec [baseline] (52.261 ms) : 0, 52261
AppSec [candidate] (52.14 ms) : 0, 52140
Remote Config [baseline] (704.139 µs) : 0, 704
Remote Config [candidate] (681.373 µs) : 0, 681
Telemetry [baseline] (7.402 ms) : 0, 7402
Telemetry [candidate] (7.373 ms) : 0, 7373
ProfilingAgent [baseline] (94.352 ms) : 0, 94352
ProfilingAgent [candidate] (94.28 ms) : 0, 94280
Profiling [baseline] (94.376 ms) : 0, 94376
Profiling [candidate] (94.305 ms) : 0, 94305
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-08-13T14:10:04 2024-08-13T14:16:55
git_branch master malvarez/waf-update-rules
git_commit_date 1723556945 1723557429
git_commit_sha 22e9fef 899dc16
release_version 1.39.0-SNAPSHOT~22e9fef108 1.39.0-SNAPSHOT~899dc16ca8
start_time 2024-08-13T14:09:51 2024-08-13T14:16:41
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1723558961 1723558961
ci_job_id 603362368 603362368
ci_pipeline_id 41602740 41602740
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108
    dateFormat X
    axisFormat %s
section baseline
no_agent (371.94 µs) : 349, 395
.   : milestone, 372,
iast (480.387 µs) : 459, 501
.   : milestone, 480,
iast_FULL (550.367 µs) : 528, 572
.   : milestone, 550,
iast_GLOBAL (514.587 µs) : 491, 538
.   : milestone, 515,
iast_HARDCODED_SECRET_DISABLED (490.374 µs) : 469, 512
.   : milestone, 490,
iast_INACTIVE (456.601 µs) : 434, 479
.   : milestone, 457,
iast_TELEMETRY_OFF (471.032 µs) : 450, 492
.   : milestone, 471,
tracing (440.745 µs) : 420, 461
.   : milestone, 441,
section candidate
no_agent (367.347 µs) : 347, 388
.   : milestone, 367,
iast (490.847 µs) : 469, 513
.   : milestone, 491,
iast_FULL (558.218 µs) : 536, 581
.   : milestone, 558,
iast_GLOBAL (513.142 µs) : 490, 536
.   : milestone, 513,
iast_HARDCODED_SECRET_DISABLED (482.183 µs) : 461, 503
.   : milestone, 482,
iast_INACTIVE (452.979 µs) : 431, 475
.   : milestone, 453,
iast_TELEMETRY_OFF (474.209 µs) : 452, 496
.   : milestone, 474,
tracing (439.955 µs) : 420, 460
.   : milestone, 440,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 371.94 µs [348.948 µs, 394.931 µs] -
iast 480.387 µs [459.486 µs, 501.288 µs] 108.447 µs (29.2%)
iast_FULL 550.367 µs [528.342 µs, 572.391 µs] 178.427 µs (48.0%)
iast_GLOBAL 514.587 µs [491.292 µs, 537.881 µs] 142.647 µs (38.4%)
iast_HARDCODED_SECRET_DISABLED 490.374 µs [469.07 µs, 511.678 µs] 118.434 µs (31.8%)
iast_INACTIVE 456.601 µs [434.475 µs, 478.728 µs] 84.662 µs (22.8%)
iast_TELEMETRY_OFF 471.032 µs [449.944 µs, 492.119 µs] 99.092 µs (26.6%)
tracing 440.745 µs [420.414 µs, 461.077 µs] 68.806 µs (18.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 367.347 µs [347.151 µs, 387.543 µs] -
iast 490.847 µs [468.714 µs, 512.979 µs] 123.499 µs (33.6%)
iast_FULL 558.218 µs [535.735 µs, 580.7 µs] 190.87 µs (52.0%)
iast_GLOBAL 513.142 µs [490.314 µs, 535.969 µs] 145.794 µs (39.7%)
iast_HARDCODED_SECRET_DISABLED 482.183 µs [460.888 µs, 503.478 µs] 114.836 µs (31.3%)
iast_INACTIVE 452.979 µs [430.88 µs, 475.078 µs] 85.632 µs (23.3%)
iast_TELEMETRY_OFF 474.209 µs [452.281 µs, 496.138 µs] 106.862 µs (29.1%)
tracing 439.955 µs [419.908 µs, 460.002 µs] 72.608 µs (19.8%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.347 ms) : 1328, 1367
.   : milestone, 1347,
appsec (1.72 ms) : 1697, 1743
.   : milestone, 1720,
appsec_no_iast (1.72 ms) : 1695, 1744
.   : milestone, 1720,
iast (1.464 ms) : 1441, 1486
.   : milestone, 1464,
profiling (1.546 ms) : 1520, 1572
.   : milestone, 1546,
tracing (1.463 ms) : 1438, 1487
.   : milestone, 1463,
section candidate
no_agent (1.345 ms) : 1325, 1365
.   : milestone, 1345,
appsec (1.732 ms) : 1708, 1756
.   : milestone, 1732,
appsec_no_iast (1.734 ms) : 1709, 1759
.   : milestone, 1734,
iast (1.479 ms) : 1456, 1502
.   : milestone, 1479,
profiling (1.544 ms) : 1518, 1570
.   : milestone, 1544,
tracing (1.463 ms) : 1438, 1488
.   : milestone, 1463,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.347 ms [1.328 ms, 1.367 ms] -
appsec 1.72 ms [1.697 ms, 1.743 ms] 373.114 µs (27.7%)
appsec_no_iast 1.72 ms [1.695 ms, 1.744 ms] 372.523 µs (27.6%)
iast 1.464 ms [1.441 ms, 1.486 ms] 116.585 µs (8.7%)
profiling 1.546 ms [1.52 ms, 1.572 ms] 198.351 µs (14.7%)
tracing 1.463 ms [1.438 ms, 1.487 ms] 115.381 µs (8.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.345 ms [1.325 ms, 1.365 ms] -
appsec 1.732 ms [1.708 ms, 1.756 ms] 387.32 µs (28.8%)
appsec_no_iast 1.734 ms [1.709 ms, 1.759 ms] 389.032 µs (28.9%)
iast 1.479 ms [1.456 ms, 1.502 ms] 134.139 µs (10.0%)
profiling 1.544 ms [1.518 ms, 1.57 ms] 199.326 µs (14.8%)
tracing 1.463 ms [1.438 ms, 1.488 ms] 118.415 µs (8.8%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/waf-update-rules
git_commit_date 1723556945 1723557429
git_commit_sha 22e9fef 899dc16
release_version 1.39.0-SNAPSHOT~22e9fef108 1.39.0-SNAPSHOT~899dc16ca8
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1723559488 1723559488
ci_job_id 603362369 603362369
ci_pipeline_id 41602740 41602740
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.473 ms) : 1462, 1485
.   : milestone, 1473,
appsec (2.214 ms) : 2180, 2249
.   : milestone, 2214,
iast (1.965 ms) : 1923, 2006
.   : milestone, 1965,
iast_GLOBAL (2.034 ms) : 1990, 2078
.   : milestone, 2034,
profiling (1.858 ms) : 1824, 1892
.   : milestone, 1858,
tracing (1.839 ms) : 1807, 1872
.   : milestone, 1839,
section candidate
no_agent (1.457 ms) : 1446, 1468
.   : milestone, 1457,
appsec (2.215 ms) : 2180, 2249
.   : milestone, 2215,
iast (1.961 ms) : 1920, 2003
.   : milestone, 1961,
iast_GLOBAL (2.019 ms) : 1976, 2062
.   : milestone, 2019,
profiling (1.863 ms) : 1828, 1898
.   : milestone, 1863,
tracing (1.84 ms) : 1807, 1872
.   : milestone, 1840,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.473 ms [1.462 ms, 1.485 ms] -
appsec 2.214 ms [2.18 ms, 2.249 ms] 741.237 µs (50.3%)
iast 1.965 ms [1.923 ms, 2.006 ms] 491.359 µs (33.4%)
iast_GLOBAL 2.034 ms [1.99 ms, 2.078 ms] 560.652 µs (38.1%)
profiling 1.858 ms [1.824 ms, 1.892 ms] 384.845 µs (26.1%)
tracing 1.839 ms [1.807 ms, 1.872 ms] 365.896 µs (24.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.457 ms [1.446 ms, 1.468 ms] -
appsec 2.215 ms [2.18 ms, 2.249 ms] 757.601 µs (52.0%)
iast 1.961 ms [1.92 ms, 2.003 ms] 504.362 µs (34.6%)
iast_GLOBAL 2.019 ms [1.976 ms, 2.062 ms] 562.051 µs (38.6%)
profiling 1.863 ms [1.828 ms, 1.898 ms] 405.796 µs (27.9%)
tracing 1.84 ms [1.807 ms, 1.872 ms] 382.655 µs (26.3%)
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.39.0-SNAPSHOT~899dc16ca8, baseline=1.39.0-SNAPSHOT~22e9fef108
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.951 s) : 14951000, 14951000
.   : milestone, 14951000,
appsec (15.224 s) : 15224000, 15224000
.   : milestone, 15224000,
iast (19.091 s) : 19091000, 19091000
.   : milestone, 19091000,
iast_GLOBAL (17.8 s) : 17800000, 17800000
.   : milestone, 17800000,
profiling (15.074 s) : 15074000, 15074000
.   : milestone, 15074000,
tracing (15.354 s) : 15354000, 15354000
.   : milestone, 15354000,
section candidate
no_agent (15.389 s) : 15389000, 15389000
.   : milestone, 15389000,
appsec (15.107 s) : 15107000, 15107000
.   : milestone, 15107000,
iast (18.633 s) : 18633000, 18633000
.   : milestone, 18633000,
iast_GLOBAL (17.888 s) : 17888000, 17888000
.   : milestone, 17888000,
profiling (15.284 s) : 15284000, 15284000
.   : milestone, 15284000,
tracing (15.263 s) : 15263000, 15263000
.   : milestone, 15263000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.951 s [14.951 s, 14.951 s] -
appsec 15.224 s [15.224 s, 15.224 s] 273.0 ms (1.8%)
iast 19.091 s [19.091 s, 19.091 s] 4.14 s (27.7%)
iast_GLOBAL 17.8 s [17.8 s, 17.8 s] 2.849 s (19.1%)
profiling 15.074 s [15.074 s, 15.074 s] 123.0 ms (0.8%)
tracing 15.354 s [15.354 s, 15.354 s] 403.0 ms (2.7%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.389 s [15.389 s, 15.389 s] -
appsec 15.107 s [15.107 s, 15.107 s] -282.0 ms (-1.8%)
iast 18.633 s [18.633 s, 18.633 s] 3.244 s (21.1%)
iast_GLOBAL 17.888 s [17.888 s, 17.888 s] 2.499 s (16.2%)
profiling 15.284 s [15.284 s, 15.284 s] -105.0 ms (-0.7%)
tracing 15.263 s [15.263 s, 15.263 s] -126.0 ms (-0.8%)

@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit 4c58087 into master Aug 13, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/waf-update-rules branch August 13, 2024 21:13
@github-actions github-actions Bot added this to the 1.39.0 milestone Aug 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smola smola smola approved these changes

@ValentinZakharov ValentinZakharov ValentinZakharov approved these changes

@jandro996 jandro996 Awaiting requested review from jandro996 jandro996 is a code owner automatically assigned from DataDog/asm-java

Assignees

No one assigned

Labels

comp: asm waf Application Security Management (WAF)

Projects

None yet

Milestone

1.39.0

Development

Successfully merging this pull request may close these issues.

3 participants

@manuel-alvarez-alvarez @smola @ValentinZakharov