Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent spans from having login success and failure events simultaneously #7918

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Nov 8, 2024

What Does This Do

Changes spring-security instrumentation from org.springframework.security.authentication.AuthenticationProvider (multiple providers can coexist causing false triggers of failure) to org.springframework.security.authentication.AuthenticationManager that should be stable and generate only login success or failure but never both.

Motivation

Having both login success and failure can cause problems specially in terms of ATO (account take over), this PR ensures that we don't get false positives in the events.

Additional Notes

Contributor Checklist

Jira ticket: [PROJ-IDENT]

@manuel-alvarez-alvarez manuel-alvarez-alvarez added type: enhancement tag: no release notes Changes to exclude from release notes comp: asm waf Application Security Management (WAF) labels Nov 8, 2024
@pr-commenter
Copy link

pr-commenter bot commented Nov 8, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-improve-security-events-detection
git_commit_date 1731520516 1731523086
git_commit_sha 9246b9f c64178f
release_version 1.43.0-SNAPSHOT~9246b9f97e 1.43.0-SNAPSHOT~c64178f96c
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1731525518 1731525518
ci_job_id 705927740 705927740
ci_pipeline_id 48937274 48937274
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 56 metrics, 7 unstable metrics.

Startup time reports for insecure-bank
gantt
    title insecure-bank - global startup overhead: candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.079 s) : 0, 1078998
Total [baseline] (8.575 s) : 0, 8574870
Agent [candidate] (1.095 s) : 0, 1094539
Total [candidate] (8.595 s) : 0, 8595394
section iast
Agent [baseline] (1.204 s) : 0, 1204442
Total [baseline] (9.142 s) : 0, 9142412
Agent [candidate] (1.213 s) : 0, 1212918
Total [candidate] (9.172 s) : 0, 9172157
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.204 s) : 0, 1204474
Total [baseline] (9.062 s) : 0, 9061954
Agent [candidate] (1.206 s) : 0, 1206339
Total [candidate] (9.075 s) : 0, 9074515
section iast_TELEMETRY_OFF
Agent [baseline] (1.207 s) : 0, 1207410
Total [baseline] (9.132 s) : 0, 9131817
Agent [candidate] (1.201 s) : 0, 1200753
Total [candidate] (9.126 s) : 0, 9125836
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.079 s -
Agent iast 1.204 s 125.444 ms (11.6%)
Agent iast_HARDCODED_SECRET_DISABLED 1.204 s 125.477 ms (11.6%)
Agent iast_TELEMETRY_OFF 1.207 s 128.412 ms (11.9%)
Total tracing 8.575 s -
Total iast 9.142 s 567.542 ms (6.6%)
Total iast_HARDCODED_SECRET_DISABLED 9.062 s 487.084 ms (5.7%)
Total iast_TELEMETRY_OFF 9.132 s 556.947 ms (6.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.095 s -
Agent iast 1.213 s 118.38 ms (10.8%)
Agent iast_HARDCODED_SECRET_DISABLED 1.206 s 111.801 ms (10.2%)
Agent iast_TELEMETRY_OFF 1.201 s 106.215 ms (9.7%)
Total tracing 8.595 s -
Total iast 9.172 s 576.763 ms (6.7%)
Total iast_HARDCODED_SECRET_DISABLED 9.075 s 479.121 ms (5.6%)
Total iast_TELEMETRY_OFF 9.126 s 530.441 ms (6.2%)
gantt
    title insecure-bank - break down per module: candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (686.248 ms) : 0, 686248
BytebuddyAgent [candidate] (695.465 ms) : 0, 695465
GlobalTracer [baseline] (313.751 ms) : 0, 313751
GlobalTracer [candidate] (318.181 ms) : 0, 318181
AppSec [baseline] (54.094 ms) : 0, 54094
AppSec [candidate] (54.318 ms) : 0, 54318
Remote Config [baseline] (674.043 µs) : 0, 674
Remote Config [candidate] (694.841 µs) : 0, 695
Telemetry [baseline] (10.581 ms) : 0, 10581
Telemetry [candidate] (12.018 ms) : 0, 12018
section iast
BytebuddyAgent [baseline] (801.807 ms) : 0, 801807
BytebuddyAgent [candidate] (807.958 ms) : 0, 807958
GlobalTracer [baseline] (303.121 ms) : 0, 303121
GlobalTracer [candidate] (304.755 ms) : 0, 304755
AppSec [baseline] (57.323 ms) : 0, 57323
AppSec [candidate] (57.616 ms) : 0, 57616
Remote Config [baseline] (611.286 µs) : 0, 611
Remote Config [candidate] (634.453 µs) : 0, 634
Telemetry [baseline] (7.443 ms) : 0, 7443
Telemetry [candidate] (7.437 ms) : 0, 7437
IAST [baseline] (20.467 ms) : 0, 20467
IAST [candidate] (20.736 ms) : 0, 20736
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (801.514 ms) : 0, 801514
BytebuddyAgent [candidate] (802.65 ms) : 0, 802650
GlobalTracer [baseline] (303.413 ms) : 0, 303413
GlobalTracer [candidate] (303.916 ms) : 0, 303916
AppSec [baseline] (57.187 ms) : 0, 57187
AppSec [candidate] (57.528 ms) : 0, 57528
Remote Config [baseline] (620.225 µs) : 0, 620
Remote Config [candidate] (615.312 µs) : 0, 615
Telemetry [baseline] (7.491 ms) : 0, 7491
Telemetry [candidate] (7.481 ms) : 0, 7481
IAST [baseline] (20.616 ms) : 0, 20616
IAST [candidate] (20.493 ms) : 0, 20493
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (804.106 ms) : 0, 804106
BytebuddyAgent [candidate] (797.888 ms) : 0, 797888
GlobalTracer [baseline] (303.514 ms) : 0, 303514
GlobalTracer [candidate] (303.095 ms) : 0, 303095
AppSec [baseline] (57.828 ms) : 0, 57828
AppSec [candidate] (57.031 ms) : 0, 57031
Remote Config [baseline] (612.475 µs) : 0, 612
Remote Config [candidate] (603.588 µs) : 0, 604
Telemetry [baseline] (7.392 ms) : 0, 7392
Telemetry [candidate] (7.406 ms) : 0, 7406
IAST [baseline] (20.228 ms) : 0, 20228
IAST [candidate] (21.083 ms) : 0, 21083
Loading
Startup time reports for petclinic
gantt
    title petclinic - global startup overhead: candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.089 s) : 0, 1088646
Total [baseline] (10.479 s) : 0, 10478670
Agent [candidate] (1.081 s) : 0, 1080951
Total [candidate] (10.382 s) : 0, 10382187
section appsec
Agent [baseline] (1.214 s) : 0, 1213815
Total [baseline] (10.665 s) : 0, 10664633
Agent [candidate] (1.222 s) : 0, 1221506
Total [candidate] (10.667 s) : 0, 10667336
section iast
Agent [baseline] (1.204 s) : 0, 1204488
Total [baseline] (10.881 s) : 0, 10880606
Agent [candidate] (1.206 s) : 0, 1206161
Total [candidate] (10.872 s) : 0, 10872064
section profiling
Agent [baseline] (1.283 s) : 0, 1282721
Total [baseline] (10.732 s) : 0, 10732231
Agent [candidate] (1.287 s) : 0, 1286878
Total [candidate] (10.638 s) : 0, 10637862
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.089 s -
Agent appsec 1.214 s 125.169 ms (11.5%)
Agent iast 1.204 s 115.842 ms (10.6%)
Agent profiling 1.283 s 194.075 ms (17.8%)
Total tracing 10.479 s -
Total appsec 10.665 s 185.963 ms (1.8%)
Total iast 10.881 s 401.936 ms (3.8%)
Total profiling 10.732 s 253.562 ms (2.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.081 s -
Agent appsec 1.222 s 140.555 ms (13.0%)
Agent iast 1.206 s 125.211 ms (11.6%)
Agent profiling 1.287 s 205.927 ms (19.1%)
Total tracing 10.382 s -
Total appsec 10.667 s 285.149 ms (2.7%)
Total iast 10.872 s 489.877 ms (4.7%)
Total profiling 10.638 s 255.675 ms (2.5%)
gantt
    title petclinic - break down per module: candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (691.495 ms) : 0, 691495
BytebuddyAgent [candidate] (688.233 ms) : 0, 688233
GlobalTracer [baseline] (316.363 ms) : 0, 316363
GlobalTracer [candidate] (315.017 ms) : 0, 315017
AppSec [baseline] (54.35 ms) : 0, 54350
AppSec [candidate] (54.126 ms) : 0, 54126
Remote Config [baseline] (675.287 µs) : 0, 675
Remote Config [candidate] (673.923 µs) : 0, 674
Telemetry [baseline] (12.037 ms) : 0, 12037
Telemetry [candidate] (9.148 ms) : 0, 9148
section appsec
BytebuddyAgent [baseline] (704.446 ms) : 0, 704446
BytebuddyAgent [candidate] (707.96 ms) : 0, 707960
GlobalTracer [baseline] (311.957 ms) : 0, 311957
GlobalTracer [candidate] (314.875 ms) : 0, 314875
AppSec [baseline] (164.858 ms) : 0, 164858
AppSec [candidate] (167.45 ms) : 0, 167450
Remote Config [baseline] (637.319 µs) : 0, 637
Remote Config [candidate] (640.563 µs) : 0, 641
Telemetry [baseline] (7.749 ms) : 0, 7749
Telemetry [candidate] (7.467 ms) : 0, 7467
IAST [baseline] (21.054 ms) : 0, 21054
IAST [candidate] (18.784 ms) : 0, 18784
section iast
BytebuddyAgent [baseline] (801.127 ms) : 0, 801127
BytebuddyAgent [candidate] (802.808 ms) : 0, 802808
GlobalTracer [baseline] (303.454 ms) : 0, 303454
GlobalTracer [candidate] (303.951 ms) : 0, 303951
AppSec [baseline] (56.718 ms) : 0, 56718
AppSec [candidate] (55.558 ms) : 0, 55558
Remote Config [baseline] (613.174 µs) : 0, 613
Remote Config [candidate] (615.227 µs) : 0, 615
Telemetry [baseline] (7.434 ms) : 0, 7434
Telemetry [candidate] (7.338 ms) : 0, 7338
IAST [baseline] (21.528 ms) : 0, 21528
IAST [candidate] (22.219 ms) : 0, 22219
section profiling
BytebuddyAgent [baseline] (684.141 ms) : 0, 684141
BytebuddyAgent [candidate] (685.917 ms) : 0, 685917
GlobalTracer [baseline] (400.125 ms) : 0, 400125
GlobalTracer [candidate] (400.922 ms) : 0, 400922
AppSec [baseline] (54.54 ms) : 0, 54540
AppSec [candidate] (54.861 ms) : 0, 54861
Remote Config [baseline] (676.33 µs) : 0, 676
Remote Config [candidate] (663.397 µs) : 0, 663
Telemetry [baseline] (12.729 ms) : 0, 12729
Telemetry [candidate] (12.69 ms) : 0, 12690
ProfilingAgent [baseline] (91.45 ms) : 0, 91450
ProfilingAgent [candidate] (92.671 ms) : 0, 92671
Profiling [baseline] (91.473 ms) : 0, 91473
Profiling [candidate] (92.694 ms) : 0, 92694
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-11-13T18:49:00 2024-11-13T18:55:56
git_branch master malvarez/appsec-improve-security-events-detection
git_commit_date 1731520516 1731523086
git_commit_sha 9246b9f c64178f
release_version 1.43.0-SNAPSHOT~9246b9f97e 1.43.0-SNAPSHOT~c64178f96c
start_time 2024-11-13T18:48:46 2024-11-13T18:55:42
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1731524509 1731524509
ci_job_id 705927741 705927741
ci_pipeline_id 48937274 48937274
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 12 metrics, 15 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:profiling worse
[+31.566µs; +82.476µs] or [+2.135%; +5.579%]
unstable
[-821.118op/s; +347.044op/s] or [-25.660%; +10.845%]
1.535ms 2962.963op/s 1.478ms 3200.000op/s
Request duration reports for petclinic
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.35 ms) : 1330, 1369
.   : milestone, 1350,
appsec (1.729 ms) : 1705, 1754
.   : milestone, 1729,
appsec_no_iast (1.716 ms) : 1691, 1741
.   : milestone, 1716,
iast (1.496 ms) : 1473, 1519
.   : milestone, 1496,
profiling (1.478 ms) : 1455, 1502
.   : milestone, 1478,
tracing (1.485 ms) : 1461, 1508
.   : milestone, 1485,
section candidate
no_agent (1.362 ms) : 1343, 1382
.   : milestone, 1362,
appsec (1.728 ms) : 1704, 1752
.   : milestone, 1728,
appsec_no_iast (1.755 ms) : 1731, 1779
.   : milestone, 1755,
iast (1.492 ms) : 1470, 1514
.   : milestone, 1492,
profiling (1.535 ms) : 1511, 1559
.   : milestone, 1535,
tracing (1.481 ms) : 1457, 1505
.   : milestone, 1481,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.35 ms [1.33 ms, 1.369 ms] -
appsec 1.729 ms [1.705 ms, 1.754 ms] 379.911 µs (28.2%)
appsec_no_iast 1.716 ms [1.691 ms, 1.741 ms] 366.858 µs (27.2%)
iast 1.496 ms [1.473 ms, 1.519 ms] 146.842 µs (10.9%)
profiling 1.478 ms [1.455 ms, 1.502 ms] 128.709 µs (9.5%)
tracing 1.485 ms [1.461 ms, 1.508 ms] 135.113 µs (10.0%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.362 ms [1.343 ms, 1.382 ms] -
appsec 1.728 ms [1.704 ms, 1.752 ms] 365.231 µs (26.8%)
appsec_no_iast 1.755 ms [1.731 ms, 1.779 ms] 392.483 µs (28.8%)
iast 1.492 ms [1.47 ms, 1.514 ms] 129.495 µs (9.5%)
profiling 1.535 ms [1.511 ms, 1.559 ms] 172.827 µs (12.7%)
tracing 1.481 ms [1.457 ms, 1.505 ms] 118.693 µs (8.7%)
Request duration reports for insecure-bank
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e
    dateFormat X
    axisFormat %s
section baseline
no_agent (370.745 µs) : 351, 390
.   : milestone, 371,
iast (494.915 µs) : 474, 516
.   : milestone, 495,
iast_FULL (648.177 µs) : 627, 670
.   : milestone, 648,
iast_GLOBAL (522.932 µs) : 501, 545
.   : milestone, 523,
iast_HARDCODED_SECRET_DISABLED (490.647 µs) : 470, 512
.   : milestone, 491,
iast_INACTIVE (448.845 µs) : 428, 469
.   : milestone, 449,
iast_TELEMETRY_OFF (484.135 µs) : 462, 506
.   : milestone, 484,
tracing (451.082 µs) : 430, 472
.   : milestone, 451,
section candidate
no_agent (369.999 µs) : 350, 390
.   : milestone, 370,
iast (491.239 µs) : 470, 513
.   : milestone, 491,
iast_FULL (653.35 µs) : 632, 675
.   : milestone, 653,
iast_GLOBAL (515.966 µs) : 495, 537
.   : milestone, 516,
iast_HARDCODED_SECRET_DISABLED (490.518 µs) : 469, 512
.   : milestone, 491,
iast_INACTIVE (455.094 µs) : 434, 476
.   : milestone, 455,
iast_TELEMETRY_OFF (482.411 µs) : 461, 504
.   : milestone, 482,
tracing (446.31 µs) : 426, 467
.   : milestone, 446,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 370.745 µs [351.261 µs, 390.228 µs] -
iast 494.915 µs [473.521 µs, 516.309 µs] 124.17 µs (33.5%)
iast_FULL 648.177 µs [626.739 µs, 669.614 µs] 277.432 µs (74.8%)
iast_GLOBAL 522.932 µs [501.184 µs, 544.679 µs] 152.187 µs (41.0%)
iast_HARDCODED_SECRET_DISABLED 490.647 µs [469.637 µs, 511.657 µs] 119.903 µs (32.3%)
iast_INACTIVE 448.845 µs [428.395 µs, 469.295 µs] 78.101 µs (21.1%)
iast_TELEMETRY_OFF 484.135 µs [462.34 µs, 505.93 µs] 113.391 µs (30.6%)
tracing 451.082 µs [430.123 µs, 472.04 µs] 80.337 µs (21.7%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 369.999 µs [350.318 µs, 389.68 µs] -
iast 491.239 µs [469.685 µs, 512.792 µs] 121.24 µs (32.8%)
iast_FULL 653.35 µs [631.964 µs, 674.735 µs] 283.35 µs (76.6%)
iast_GLOBAL 515.966 µs [494.988 µs, 536.945 µs] 145.967 µs (39.5%)
iast_HARDCODED_SECRET_DISABLED 490.518 µs [468.872 µs, 512.164 µs] 120.519 µs (32.6%)
iast_INACTIVE 455.094 µs [434.063 µs, 476.124 µs] 85.095 µs (23.0%)
iast_TELEMETRY_OFF 482.411 µs [460.72 µs, 504.102 µs] 112.412 µs (30.4%)
tracing 446.31 µs [425.557 µs, 467.063 µs] 76.31 µs (20.6%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-improve-security-events-detection
git_commit_date 1731520516 1731523086
git_commit_sha 9246b9f c64178f
release_version 1.43.0-SNAPSHOT~9246b9f97e 1.43.0-SNAPSHOT~c64178f96c
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1731525026 1731525026
ci_job_id 705927742 705927742
ci_pipeline_id 48937274 48937274
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava
gantt
    title biojava - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.017 s) : 15017000, 15017000
.   : milestone, 15017000,
appsec (15.074 s) : 15074000, 15074000
.   : milestone, 15074000,
iast (18.931 s) : 18931000, 18931000
.   : milestone, 18931000,
iast_GLOBAL (18.171 s) : 18171000, 18171000
.   : milestone, 18171000,
profiling (14.967 s) : 14967000, 14967000
.   : milestone, 14967000,
tracing (14.899 s) : 14899000, 14899000
.   : milestone, 14899000,
section candidate
no_agent (15.084 s) : 15084000, 15084000
.   : milestone, 15084000,
appsec (15.395 s) : 15395000, 15395000
.   : milestone, 15395000,
iast (18.869 s) : 18869000, 18869000
.   : milestone, 18869000,
iast_GLOBAL (18.345 s) : 18345000, 18345000
.   : milestone, 18345000,
profiling (15.545 s) : 15545000, 15545000
.   : milestone, 15545000,
tracing (15.146 s) : 15146000, 15146000
.   : milestone, 15146000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.017 s [15.017 s, 15.017 s] -
appsec 15.074 s [15.074 s, 15.074 s] 57.0 ms (0.4%)
iast 18.931 s [18.931 s, 18.931 s] 3.914 s (26.1%)
iast_GLOBAL 18.171 s [18.171 s, 18.171 s] 3.154 s (21.0%)
profiling 14.967 s [14.967 s, 14.967 s] -50.0 ms (-0.3%)
tracing 14.899 s [14.899 s, 14.899 s] -118.0 ms (-0.8%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.084 s [15.084 s, 15.084 s] -
appsec 15.395 s [15.395 s, 15.395 s] 311.0 ms (2.1%)
iast 18.869 s [18.869 s, 18.869 s] 3.785 s (25.1%)
iast_GLOBAL 18.345 s [18.345 s, 18.345 s] 3.261 s (21.6%)
profiling 15.545 s [15.545 s, 15.545 s] 461.0 ms (3.1%)
tracing 15.146 s [15.146 s, 15.146 s] 62.0 ms (0.4%)
Execution time for tomcat
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.43.0-SNAPSHOT~c64178f96c, baseline=1.43.0-SNAPSHOT~9246b9f97e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.463 ms) : 1452, 1475
.   : milestone, 1463,
appsec (2.32 ms) : 2279, 2361
.   : milestone, 2320,
iast (2.075 ms) : 2022, 2127
.   : milestone, 2075,
iast_GLOBAL (2.111 ms) : 2058, 2164
.   : milestone, 2111,
profiling (1.935 ms) : 1892, 1978
.   : milestone, 1935,
tracing (1.905 ms) : 1866, 1944
.   : milestone, 1905,
section candidate
no_agent (1.465 ms) : 1453, 1476
.   : milestone, 1465,
appsec (2.334 ms) : 2292, 2375
.   : milestone, 2334,
iast (2.072 ms) : 2020, 2125
.   : milestone, 2072,
iast_GLOBAL (2.107 ms) : 2055, 2159
.   : milestone, 2107,
profiling (1.922 ms) : 1881, 1963
.   : milestone, 1922,
tracing (1.913 ms) : 1873, 1953
.   : milestone, 1913,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.463 ms [1.452 ms, 1.475 ms] -
appsec 2.32 ms [2.279 ms, 2.361 ms] 857.11 µs (58.6%)
iast 2.075 ms [2.022 ms, 2.127 ms] 611.679 µs (41.8%)
iast_GLOBAL 2.111 ms [2.058 ms, 2.164 ms] 647.947 µs (44.3%)
profiling 1.935 ms [1.892 ms, 1.978 ms] 471.953 µs (32.3%)
tracing 1.905 ms [1.866 ms, 1.944 ms] 441.825 µs (30.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.465 ms [1.453 ms, 1.476 ms] -
appsec 2.334 ms [2.292 ms, 2.375 ms] 868.946 µs (59.3%)
iast 2.072 ms [2.02 ms, 2.125 ms] 607.528 µs (41.5%)
iast_GLOBAL 2.107 ms [2.055 ms, 2.159 ms] 642.381 µs (43.9%)
profiling 1.922 ms [1.881 ms, 1.963 ms] 457.531 µs (31.2%)
tracing 1.913 ms [1.873 ms, 1.953 ms] 448.116 µs (30.6%)

@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-improve-security-events-detection branch from a219d38 to bdaf40a Compare November 11, 2024 08:34
@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review November 11, 2024 08:34
@smola smola removed the tag: no release notes Changes to exclude from release notes label Nov 11, 2024
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-improve-security-events-detection branch from bdaf40a to 216e2c9 Compare November 13, 2024 08:58
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-improve-security-events-detection branch from 216e2c9 to c64178f Compare November 13, 2024 18:38
@manuel-alvarez-alvarez manuel-alvarez-alvarez merged commit ed13718 into master Nov 14, 2024
101 checks passed
@manuel-alvarez-alvarez manuel-alvarez-alvarez deleted the malvarez/appsec-improve-security-events-detection branch November 14, 2024 08:28
@github-actions github-actions bot added this to the 1.43.0 milestone Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp: asm waf Application Security Management (WAF) type: enhancement
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants