Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Propagate AppSec blocking exceptions from bytebuddy suppressions #7516

Merged
merged 3 commits into from
Oct 29, 2024

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Aug 27, 2024

What Does This Do

Updates our exception handler so datadog.appsec.api.blocking.BlockingException can be propagated in our advices in order to effectively block attacks.

Motivation

AppSec protection relies on the usage of exceptions in order to block possible attacks, this PR ensures that the exceptions are not swallowed by our error handling mechanism.

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-55498

@pr-commenter
Copy link

pr-commenter bot commented Aug 27, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/blocking-exception-handler
git_commit_date 1730135943 1730194490
git_commit_sha b233240 521e392
release_version 1.42.0-SNAPSHOT~b2332408b0 1.42.0-SNAPSHOT~521e392227
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1730196971 1730196971
ci_job_id 687742394 687742394
ci_pipeline_id 47693465 47693465
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 54 metrics, 9 unstable metrics.

Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.084 s) : 0, 1083811
Total [baseline] (10.397 s) : 0, 10396646
Agent [candidate] (1.079 s) : 0, 1078780
Total [candidate] (10.365 s) : 0, 10365384
section appsec
Agent [baseline] (1.211 s) : 0, 1210863
Total [baseline] (10.618 s) : 0, 10618074
Agent [candidate] (1.21 s) : 0, 1210344
Total [candidate] (10.593 s) : 0, 10593120
section iast
Agent [baseline] (1.209 s) : 0, 1208549
Total [baseline] (10.928 s) : 0, 10927752
Agent [candidate] (1.219 s) : 0, 1219137
Total [candidate] (10.923 s) : 0, 10923323
section profiling
Agent [baseline] (1.283 s) : 0, 1283418
Total [baseline] (10.689 s) : 0, 10688658
Agent [candidate] (1.272 s) : 0, 1272291
Total [candidate] (10.685 s) : 0, 10685230
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.084 s -
Agent appsec 1.211 s 127.052 ms (11.7%)
Agent iast 1.209 s 124.738 ms (11.5%)
Agent profiling 1.283 s 199.606 ms (18.4%)
Total tracing 10.397 s -
Total appsec 10.618 s 221.428 ms (2.1%)
Total iast 10.928 s 531.106 ms (5.1%)
Total profiling 10.689 s 292.012 ms (2.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.079 s -
Agent appsec 1.21 s 131.564 ms (12.2%)
Agent iast 1.219 s 140.357 ms (13.0%)
Agent profiling 1.272 s 193.511 ms (17.9%)
Total tracing 10.365 s -
Total appsec 10.593 s 227.736 ms (2.2%)
Total iast 10.923 s 557.94 ms (5.4%)
Total profiling 10.685 s 319.846 ms (3.1%)
gantt
    title petclinic - break down per module: candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (689.176 ms) : 0, 689176
BytebuddyAgent [candidate] (686.537 ms) : 0, 686537
GlobalTracer [baseline] (315.502 ms) : 0, 315502
GlobalTracer [candidate] (314.26 ms) : 0, 314260
AppSec [baseline] (54.974 ms) : 0, 54974
AppSec [candidate] (54.732 ms) : 0, 54732
Remote Config [baseline] (664.017 µs) : 0, 664
Remote Config [candidate] (665.813 µs) : 0, 666
Telemetry [baseline] (9.827 ms) : 0, 9827
Telemetry [candidate] (8.941 ms) : 0, 8941
section appsec
BytebuddyAgent [baseline] (701.573 ms) : 0, 701573
BytebuddyAgent [candidate] (701.594 ms) : 0, 701594
GlobalTracer [baseline] (310.616 ms) : 0, 310616
GlobalTracer [candidate] (310.957 ms) : 0, 310957
AppSec [baseline] (166.611 ms) : 0, 166611
AppSec [candidate] (166.228 ms) : 0, 166228
Remote Config [baseline] (647.473 µs) : 0, 647
Remote Config [candidate] (630.644 µs) : 0, 631
Telemetry [baseline] (8.108 ms) : 0, 8108
Telemetry [candidate] (7.323 ms) : 0, 7323
IAST [baseline] (19.469 ms) : 0, 19469
IAST [candidate] (20.029 ms) : 0, 20029
section iast
BytebuddyAgent [baseline] (805.467 ms) : 0, 805467
BytebuddyAgent [candidate] (812.476 ms) : 0, 812476
GlobalTracer [baseline] (303.701 ms) : 0, 303701
GlobalTracer [candidate] (305.678 ms) : 0, 305678
AppSec [baseline] (57.847 ms) : 0, 57847
AppSec [candidate] (57.79 ms) : 0, 57790
Remote Config [baseline] (594.196 µs) : 0, 594
Remote Config [candidate] (626.011 µs) : 0, 626
Telemetry [baseline] (7.392 ms) : 0, 7392
Telemetry [candidate] (7.537 ms) : 0, 7537
IAST [baseline] (19.868 ms) : 0, 19868
IAST [candidate] (21.241 ms) : 0, 21241
section profiling
BytebuddyAgent [baseline] (684.348 ms) : 0, 684348
BytebuddyAgent [candidate] (678.459 ms) : 0, 678459
GlobalTracer [baseline] (399.122 ms) : 0, 399122
GlobalTracer [candidate] (396.082 ms) : 0, 396082
AppSec [baseline] (55.536 ms) : 0, 55536
AppSec [candidate] (54.932 ms) : 0, 54932
Remote Config [baseline] (669.028 µs) : 0, 669
Remote Config [candidate] (655.275 µs) : 0, 655
Telemetry [baseline] (12.999 ms) : 0, 12999
Telemetry [candidate] (14.12 ms) : 0, 14120
ProfilingAgent [baseline] (91.797 ms) : 0, 91797
ProfilingAgent [candidate] (89.508 ms) : 0, 89508
Profiling [baseline] (91.82 ms) : 0, 91820
Profiling [candidate] (89.531 ms) : 0, 89531
Loading
Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.081 s) : 0, 1081361
Total [baseline] (8.567 s) : 0, 8567149
Agent [candidate] (1.081 s) : 0, 1080597
Total [candidate] (8.561 s) : 0, 8560901
section iast
Agent [baseline] (1.21 s) : 0, 1209845
Total [baseline] (9.158 s) : 0, 9157871
Agent [candidate] (1.201 s) : 0, 1200893
Total [candidate] (9.095 s) : 0, 9094527
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.211 s) : 0, 1211335
Total [baseline] (9.105 s) : 0, 9105126
Agent [candidate] (1.202 s) : 0, 1201941
Total [candidate] (9.075 s) : 0, 9075327
section iast_TELEMETRY_OFF
Agent [baseline] (1.197 s) : 0, 1196815
Total [baseline] (9.064 s) : 0, 9063660
Agent [candidate] (1.198 s) : 0, 1198407
Total [candidate] (9.08 s) : 0, 9080254
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.081 s -
Agent iast 1.21 s 128.484 ms (11.9%)
Agent iast_HARDCODED_SECRET_DISABLED 1.211 s 129.974 ms (12.0%)
Agent iast_TELEMETRY_OFF 1.197 s 115.455 ms (10.7%)
Total tracing 8.567 s -
Total iast 9.158 s 590.722 ms (6.9%)
Total iast_HARDCODED_SECRET_DISABLED 9.105 s 537.977 ms (6.3%)
Total iast_TELEMETRY_OFF 9.064 s 496.511 ms (5.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.081 s -
Agent iast 1.201 s 120.295 ms (11.1%)
Agent iast_HARDCODED_SECRET_DISABLED 1.202 s 121.344 ms (11.2%)
Agent iast_TELEMETRY_OFF 1.198 s 117.809 ms (10.9%)
Total tracing 8.561 s -
Total iast 9.095 s 533.626 ms (6.2%)
Total iast_HARDCODED_SECRET_DISABLED 9.075 s 514.426 ms (6.0%)
Total iast_TELEMETRY_OFF 9.08 s 519.353 ms (6.1%)
gantt
    title insecure-bank - break down per module: candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (686.83 ms) : 0, 686830
BytebuddyAgent [candidate] (687.092 ms) : 0, 687092
GlobalTracer [baseline] (315.109 ms) : 0, 315109
GlobalTracer [candidate] (314.065 ms) : 0, 314065
AppSec [baseline] (55.358 ms) : 0, 55358
AppSec [candidate] (54.654 ms) : 0, 54654
Remote Config [baseline] (657.75 µs) : 0, 658
Remote Config [candidate] (659.607 µs) : 0, 660
Telemetry [baseline] (9.761 ms) : 0, 9761
Telemetry [candidate] (10.5 ms) : 0, 10500
section iast
BytebuddyAgent [baseline] (805.452 ms) : 0, 805452
BytebuddyAgent [candidate] (800.096 ms) : 0, 800096
GlobalTracer [baseline] (304.31 ms) : 0, 304310
GlobalTracer [candidate] (301.823 ms) : 0, 301823
AppSec [baseline] (55.907 ms) : 0, 55907
AppSec [candidate] (57.004 ms) : 0, 57004
Remote Config [baseline] (611.018 µs) : 0, 611
Remote Config [candidate] (635.256 µs) : 0, 635
Telemetry [baseline] (7.436 ms) : 0, 7436
Telemetry [candidate] (7.306 ms) : 0, 7306
IAST [baseline] (22.449 ms) : 0, 22449
IAST [candidate] (20.418 ms) : 0, 20418
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (806.434 ms) : 0, 806434
BytebuddyAgent [candidate] (799.571 ms) : 0, 799571
GlobalTracer [baseline] (304.981 ms) : 0, 304981
GlobalTracer [candidate] (302.655 ms) : 0, 302655
AppSec [baseline] (58.218 ms) : 0, 58218
AppSec [candidate] (56.514 ms) : 0, 56514
Remote Config [baseline] (604.152 µs) : 0, 604
Remote Config [candidate] (608.761 µs) : 0, 609
Telemetry [baseline] (7.463 ms) : 0, 7463
Telemetry [candidate] (7.422 ms) : 0, 7422
IAST [baseline] (19.916 ms) : 0, 19916
IAST [candidate] (21.601 ms) : 0, 21601
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (795.518 ms) : 0, 795518
BytebuddyAgent [candidate] (797.062 ms) : 0, 797062
GlobalTracer [baseline] (302.245 ms) : 0, 302245
GlobalTracer [candidate] (302.595 ms) : 0, 302595
AppSec [baseline] (58.262 ms) : 0, 58262
AppSec [candidate] (57.828 ms) : 0, 57828
Remote Config [baseline] (590.988 µs) : 0, 591
Remote Config [candidate] (591.184 µs) : 0, 591
Telemetry [baseline] (7.315 ms) : 0, 7315
Telemetry [candidate] (7.353 ms) : 0, 7353
IAST [baseline] (19.32 ms) : 0, 19320
IAST [candidate] (19.376 ms) : 0, 19376
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-10-29T09:48:01 2024-10-29T09:57:08
git_branch master malvarez/blocking-exception-handler
git_commit_date 1730135943 1730194490
git_commit_sha b233240 521e392
release_version 1.42.0-SNAPSHOT~b2332408b0 1.42.0-SNAPSHOT~521e392227
start_time 2024-10-29T09:47:45 2024-10-29T09:56:51
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1730196293 1730196293
ci_job_id 687742395 687742395
ci_pipeline_id 47693465 47693465
cpu_model Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8175M CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 6 metrics, 21 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:profiling worse
[+38.969µs; +130.954µs] or [+2.042%; +6.863%]
unstable
[-397.810op/s; +397.810op/s] or [-16.410%; +16.410%]
1.993ms 2424.242op/s 1.908ms 2424.242op/s
Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (456.142 µs) : 427, 485
.   : milestone, 456,
iast (586.817 µs) : 555, 619
.   : milestone, 587,
iast_FULL (830.038 µs) : 798, 862
.   : milestone, 830,
iast_GLOBAL (624.523 µs) : 592, 657
.   : milestone, 625,
iast_HARDCODED_SECRET_DISABLED (598.809 µs) : 566, 631
.   : milestone, 599,
iast_INACTIVE (539.369 µs) : 508, 570
.   : milestone, 539,
iast_TELEMETRY_OFF (584.544 µs) : 552, 617
.   : milestone, 585,
tracing (540.118 µs) : 510, 570
.   : milestone, 540,
section candidate
no_agent (455.487 µs) : 427, 484
.   : milestone, 455,
iast (585.863 µs) : 554, 617
.   : milestone, 586,
iast_FULL (830.577 µs) : 799, 862
.   : milestone, 831,
iast_GLOBAL (625.463 µs) : 593, 658
.   : milestone, 625,
iast_HARDCODED_SECRET_DISABLED (591.876 µs) : 561, 623
.   : milestone, 592,
iast_INACTIVE (546.052 µs) : 516, 576
.   : milestone, 546,
iast_TELEMETRY_OFF (579.142 µs) : 547, 612
.   : milestone, 579,
tracing (535.199 µs) : 505, 565
.   : milestone, 535,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 456.142 µs [427.374 µs, 484.909 µs] -
iast 586.817 µs [555.051 µs, 618.583 µs] 130.675 µs (28.6%)
iast_FULL 830.038 µs [798.232 µs, 861.843 µs] 373.896 µs (82.0%)
iast_GLOBAL 624.523 µs [591.831 µs, 657.214 µs] 168.381 µs (36.9%)
iast_HARDCODED_SECRET_DISABLED 598.809 µs [566.426 µs, 631.191 µs] 142.667 µs (31.3%)
iast_INACTIVE 539.369 µs [508.364 µs, 570.373 µs] 83.227 µs (18.2%)
iast_TELEMETRY_OFF 584.544 µs [552.002 µs, 617.086 µs] 128.402 µs (28.1%)
tracing 540.118 µs [510.199 µs, 570.037 µs] 83.977 µs (18.4%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 455.487 µs [426.847 µs, 484.127 µs] -
iast 585.863 µs [554.331 µs, 617.395 µs] 130.376 µs (28.6%)
iast_FULL 830.577 µs [798.677 µs, 862.476 µs] 375.09 µs (82.3%)
iast_GLOBAL 625.463 µs [592.968 µs, 657.957 µs] 169.976 µs (37.3%)
iast_HARDCODED_SECRET_DISABLED 591.876 µs [560.749 µs, 623.004 µs] 136.389 µs (29.9%)
iast_INACTIVE 546.052 µs [515.722 µs, 576.382 µs] 90.565 µs (19.9%)
iast_TELEMETRY_OFF 579.142 µs [546.646 µs, 611.639 µs] 123.656 µs (27.1%)
tracing 535.199 µs [505.193 µs, 565.205 µs] 79.712 µs (17.5%)
Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.692 ms) : 1666, 1719
.   : milestone, 1692,
appsec (2.186 ms) : 2155, 2217
.   : milestone, 2186,
appsec_no_iast (2.196 ms) : 2165, 2227
.   : milestone, 2196,
iast (1.896 ms) : 1866, 1926
.   : milestone, 1896,
profiling (1.908 ms) : 1878, 1938
.   : milestone, 1908,
tracing (1.846 ms) : 1815, 1877
.   : milestone, 1846,
section candidate
no_agent (1.714 ms) : 1690, 1737
.   : milestone, 1714,
appsec (2.221 ms) : 2191, 2251
.   : milestone, 2221,
appsec_no_iast (2.184 ms) : 2153, 2216
.   : milestone, 2184,
iast (1.891 ms) : 1861, 1920
.   : milestone, 1891,
profiling (1.993 ms) : 1941, 2045
.   : milestone, 1993,
tracing (1.835 ms) : 1803, 1866
.   : milestone, 1835,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.692 ms [1.666 ms, 1.719 ms] -
appsec 2.186 ms [2.155 ms, 2.217 ms] 493.446 µs (29.2%)
appsec_no_iast 2.196 ms [2.165 ms, 2.227 ms] 503.396 µs (29.7%)
iast 1.896 ms [1.866 ms, 1.926 ms] 203.768 µs (12.0%)
profiling 1.908 ms [1.878 ms, 1.938 ms] 215.635 µs (12.7%)
tracing 1.846 ms [1.815 ms, 1.877 ms] 153.573 µs (9.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.714 ms [1.69 ms, 1.737 ms] -
appsec 2.221 ms [2.191 ms, 2.251 ms] 507.582 µs (29.6%)
appsec_no_iast 2.184 ms [2.153 ms, 2.216 ms] 470.58 µs (27.5%)
iast 1.891 ms [1.861 ms, 1.92 ms] 176.855 µs (10.3%)
profiling 1.993 ms [1.941 ms, 2.045 ms] 279.374 µs (16.3%)
tracing 1.835 ms [1.803 ms, 1.866 ms] 121.25 µs (7.1%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/blocking-exception-handler
git_commit_date 1730135943 1730194490
git_commit_sha b233240 521e392
release_version 1.42.0-SNAPSHOT~b2332408b0 1.42.0-SNAPSHOT~521e392227
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1730196499 1730196499
ci_job_id 687742396 687742396
ci_pipeline_id 47693465 47693465
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.316 s) : 15316000, 15316000
.   : milestone, 15316000,
appsec (15.412 s) : 15412000, 15412000
.   : milestone, 15412000,
iast (19.136 s) : 19136000, 19136000
.   : milestone, 19136000,
iast_GLOBAL (17.879 s) : 17879000, 17879000
.   : milestone, 17879000,
profiling (14.972 s) : 14972000, 14972000
.   : milestone, 14972000,
tracing (15.257 s) : 15257000, 15257000
.   : milestone, 15257000,
section candidate
no_agent (14.843 s) : 14843000, 14843000
.   : milestone, 14843000,
appsec (15.018 s) : 15018000, 15018000
.   : milestone, 15018000,
iast (18.948 s) : 18948000, 18948000
.   : milestone, 18948000,
iast_GLOBAL (17.754 s) : 17754000, 17754000
.   : milestone, 17754000,
profiling (15.045 s) : 15045000, 15045000
.   : milestone, 15045000,
tracing (15.452 s) : 15452000, 15452000
.   : milestone, 15452000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.316 s [15.316 s, 15.316 s] -
appsec 15.412 s [15.412 s, 15.412 s] 96.0 ms (0.6%)
iast 19.136 s [19.136 s, 19.136 s] 3.82 s (24.9%)
iast_GLOBAL 17.879 s [17.879 s, 17.879 s] 2.563 s (16.7%)
profiling 14.972 s [14.972 s, 14.972 s] -344.0 ms (-2.2%)
tracing 15.257 s [15.257 s, 15.257 s] -59.0 ms (-0.4%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.843 s [14.843 s, 14.843 s] -
appsec 15.018 s [15.018 s, 15.018 s] 175.0 ms (1.2%)
iast 18.948 s [18.948 s, 18.948 s] 4.105 s (27.7%)
iast_GLOBAL 17.754 s [17.754 s, 17.754 s] 2.911 s (19.6%)
profiling 15.045 s [15.045 s, 15.045 s] 202.0 ms (1.4%)
tracing 15.452 s [15.452 s, 15.452 s] 609.0 ms (4.1%)
Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.42.0-SNAPSHOT~521e392227, baseline=1.42.0-SNAPSHOT~b2332408b0
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.473 ms) : 1462, 1485
.   : milestone, 1473,
appsec (2.342 ms) : 2300, 2384
.   : milestone, 2342,
iast (2.073 ms) : 2021, 2125
.   : milestone, 2073,
iast_GLOBAL (2.128 ms) : 2076, 2180
.   : milestone, 2128,
profiling (1.95 ms) : 1908, 1991
.   : milestone, 1950,
tracing (1.914 ms) : 1875, 1954
.   : milestone, 1914,
section candidate
no_agent (1.468 ms) : 1456, 1479
.   : milestone, 1468,
appsec (2.329 ms) : 2289, 2370
.   : milestone, 2329,
iast (2.078 ms) : 2026, 2131
.   : milestone, 2078,
iast_GLOBAL (2.122 ms) : 2070, 2174
.   : milestone, 2122,
profiling (1.949 ms) : 1908, 1991
.   : milestone, 1949,
tracing (1.921 ms) : 1882, 1960
.   : milestone, 1921,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.473 ms [1.462 ms, 1.485 ms] -
appsec 2.342 ms [2.3 ms, 2.384 ms] 868.725 µs (59.0%)
iast 2.073 ms [2.021 ms, 2.125 ms] 599.789 µs (40.7%)
iast_GLOBAL 2.128 ms [2.076 ms, 2.18 ms] 654.468 µs (44.4%)
profiling 1.95 ms [1.908 ms, 1.991 ms] 476.238 µs (32.3%)
tracing 1.914 ms [1.875 ms, 1.954 ms] 441.08 µs (29.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.468 ms [1.456 ms, 1.479 ms] -
appsec 2.329 ms [2.289 ms, 2.37 ms] 861.839 µs (58.7%)
iast 2.078 ms [2.026 ms, 2.131 ms] 610.867 µs (41.6%)
iast_GLOBAL 2.122 ms [2.07 ms, 2.174 ms] 654.616 µs (44.6%)
profiling 1.949 ms [1.908 ms, 1.991 ms] 481.581 µs (32.8%)
tracing 1.921 ms [1.882 ms, 1.96 ms] 453.493 µs (30.9%)

@smola smola added the comp: asm waf Application Security Management (WAF) label Oct 28, 2024
@smola smola changed the title Propagate blocking exceptions from bytebuddy supressions Propagate AppSec blocking exceptions from bytebuddy supressions Oct 28, 2024
@mcculls mcculls force-pushed the malvarez/blocking-exception-handler branch from 0dc4743 to 9e3da3d Compare October 29, 2024 09:06
Copy link
Contributor

@mcculls mcculls left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice work!

@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit 9d6a07b into master Oct 29, 2024
104 checks passed
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/blocking-exception-handler branch October 29, 2024 12:37
@github-actions github-actions bot added this to the 1.42.0 milestone Oct 29, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez changed the title Propagate AppSec blocking exceptions from bytebuddy supressions Propagate AppSec blocking exceptions from bytebuddy suppressions Nov 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm waf Application Security Management (WAF) comp: core Tracer core
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants