Upgrade to AppSec rules v1.12.0 #7192

ValentinZakharov · 2024-06-14T10:52:07Z

What Does This Do

Upgrade to the latest Application Security rules.

Motivation

The new configuration provides SSRF, LFI and SQLi rules for exploit prevention.

Additional Notes

pr-commenter · 2024-06-14T11:40:20Z

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	vzakharov/appsec-rules-1.12.0
git_commit_date	1718362036	1718362198
git_commit_sha	`fba0450`	`677324a`
release_version	1.36.0-SNAPSHOT~fba045085f	1.36.0-SNAPSHOT~677324a135

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1718365047	1718365047
ci_job_id	543518819	543518819
ci_pipeline_id	36763746	36763746
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module	Agent	Agent
parent	None	None
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 57 metrics, 14 unstable metrics.

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.063 s) : 0, 1062941
Total [baseline] (10.382 s) : 0, 10381713
Agent [candidate] (1.072 s) : 0, 1071533
Total [candidate] (10.384 s) : 0, 10384303
section appsec
Agent [baseline] (1.183 s) : 0, 1182738
Total [baseline] (10.478 s) : 0, 10478057
Agent [candidate] (1.186 s) : 0, 1185965
Total [candidate] (10.497 s) : 0, 10496616
section iast
Agent [baseline] (1.178 s) : 0, 1178203
Total [baseline] (10.717 s) : 0, 10717352
Agent [candidate] (1.168 s) : 0, 1168236
Total [candidate] (10.628 s) : 0, 10628374
section profiling
Agent [baseline] (1.264 s) : 0, 1264118
Total [baseline] (10.658 s) : 0, 10658468
Agent [candidate] (1.269 s) : 0, 1268712
Total [candidate] (10.664 s) : 0, 10664408

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.063 s	-
Agent	appsec	1.183 s	119.797 ms (11.3%)
Agent	iast	1.178 s	115.262 ms (10.8%)
Agent	profiling	1.264 s	201.176 ms (18.9%)
Total	tracing	10.382 s	-
Total	appsec	10.478 s	96.344 ms (0.9%)
Total	iast	10.717 s	335.639 ms (3.2%)
Total	profiling	10.658 s	276.755 ms (2.7%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.072 s	-
Agent	appsec	1.186 s	114.433 ms (10.7%)
Agent	iast	1.168 s	96.704 ms (9.0%)
Agent	profiling	1.269 s	197.18 ms (18.4%)
Total	tracing	10.384 s	-
Total	appsec	10.497 s	112.313 ms (1.1%)
Total	iast	10.628 s	244.072 ms (2.4%)
Total	profiling	10.664 s	280.106 ms (2.7%)

gantt
    title petclinic - break down per module: candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (665.672 ms) : 0, 665672
BytebuddyAgent [candidate] (670.722 ms) : 0, 670722
GlobalTracer [baseline] (303.797 ms) : 0, 303797
GlobalTracer [candidate] (307.114 ms) : 0, 307114
AppSec [baseline] (50.582 ms) : 0, 50582
AppSec [candidate] (50.338 ms) : 0, 50338
Logs Intake [baseline] (340.17 µs) : 0, 340
Logs Intake [candidate] (344.541 µs) : 0, 345
Remote Config [baseline] (676.562 µs) : 0, 677
Remote Config [candidate] (685.415 µs) : 0, 685
Telemetry [baseline] (7.582 ms) : 0, 7582
Telemetry [candidate] (7.689 ms) : 0, 7689
section appsec
BytebuddyAgent [baseline] (678.176 ms) : 0, 678176
BytebuddyAgent [candidate] (679.72 ms) : 0, 679720
GlobalTracer [baseline] (297.66 ms) : 0, 297660
GlobalTracer [candidate] (297.995 ms) : 0, 297995
AppSec [baseline] (152.831 ms) : 0, 152831
AppSec [candidate] (153.52 ms) : 0, 153520
Logs Intake [baseline] (337.369 µs) : 0, 337
Logs Intake [candidate] (335.282 µs) : 0, 335
Remote Config [baseline] (646.648 µs) : 0, 647
Remote Config [candidate] (642.241 µs) : 0, 642
Telemetry [baseline] (7.805 ms) : 0, 7805
Telemetry [candidate] (8.196 ms) : 0, 8196
IAST [baseline] (21.606 ms) : 0, 21606
IAST [candidate] (21.891 ms) : 0, 21891
section iast
BytebuddyAgent [baseline] (785.617 ms) : 0, 785617
BytebuddyAgent [candidate] (778.949 ms) : 0, 778949
GlobalTracer [baseline] (295.324 ms) : 0, 295324
GlobalTracer [candidate] (293.489 ms) : 0, 293489
AppSec [baseline] (47.418 ms) : 0, 47418
AppSec [candidate] (46.868 ms) : 0, 46868
Logs Intake [baseline] (298.286 µs) : 0, 298
Logs Intake [candidate] (300.809 µs) : 0, 301
Remote Config [baseline] (568.203 µs) : 0, 568
Remote Config [candidate] (579.643 µs) : 0, 580
Telemetry [baseline] (7.638 ms) : 0, 7638
Telemetry [candidate] (9.245 ms) : 0, 9245
IAST [baseline] (27.955 ms) : 0, 27955
IAST [candidate] (25.539 ms) : 0, 25539
section profiling
ProfilingAgent [baseline] (96.676 ms) : 0, 96676
ProfilingAgent [candidate] (96.268 ms) : 0, 96268
BytebuddyAgent [baseline] (664.251 ms) : 0, 664251
BytebuddyAgent [candidate] (667.066 ms) : 0, 667066
GlobalTracer [baseline] (386.472 ms) : 0, 386472
GlobalTracer [candidate] (388.099 ms) : 0, 388099
AppSec [baseline] (51.255 ms) : 0, 51255
AppSec [candidate] (51.366 ms) : 0, 51366
Logs Intake [baseline] (329.732 µs) : 0, 330
Logs Intake [candidate] (350.925 µs) : 0, 351
Remote Config [baseline] (686.313 µs) : 0, 686
Remote Config [candidate] (708.143 µs) : 0, 708
Telemetry [baseline] (7.328 ms) : 0, 7328
Telemetry [candidate] (7.449 ms) : 0, 7449
Profiling [baseline] (96.701 ms) : 0, 96701
Profiling [candidate] (96.293 ms) : 0, 96293

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.06 s) : 0, 1060170
Total [baseline] (8.541 s) : 0, 8541207
Agent [candidate] (1.076 s) : 0, 1076380
Total [candidate] (8.583 s) : 0, 8583188
section iast
Agent [baseline] (1.17 s) : 0, 1170306
Total [baseline] (9.029 s) : 0, 9029374
Agent [candidate] (1.168 s) : 0, 1168496
Total [candidate] (8.98 s) : 0, 8980393
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.183 s) : 0, 1183342
Total [baseline] (8.968 s) : 0, 8967872
Agent [candidate] (1.172 s) : 0, 1171652
Total [candidate] (8.966 s) : 0, 8965846
section iast_TELEMETRY_OFF
Agent [baseline] (1.166 s) : 0, 1165717
Total [baseline] (8.978 s) : 0, 8978371
Agent [candidate] (1.166 s) : 0, 1165983
Total [candidate] (8.976 s) : 0, 8976251

baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.06 s	-
Agent	iast	1.17 s	110.136 ms (10.4%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.183 s	123.172 ms (11.6%)
Agent	iast_TELEMETRY_OFF	1.166 s	105.547 ms (10.0%)
Total	tracing	8.541 s	-
Total	iast	9.029 s	488.167 ms (5.7%)
Total	iast_HARDCODED_SECRET_DISABLED	8.968 s	426.664 ms (5.0%)
Total	iast_TELEMETRY_OFF	8.978 s	437.163 ms (5.1%)

candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.076 s	-
Agent	iast	1.168 s	92.116 ms (8.6%)
Agent	iast_HARDCODED_SECRET_DISABLED	1.172 s	95.273 ms (8.9%)
Agent	iast_TELEMETRY_OFF	1.166 s	89.603 ms (8.3%)
Total	tracing	8.583 s	-
Total	iast	8.98 s	397.205 ms (4.6%)
Total	iast_HARDCODED_SECRET_DISABLED	8.966 s	382.658 ms (4.5%)
Total	iast_TELEMETRY_OFF	8.976 s	393.064 ms (4.6%)

gantt
    title insecure-bank - break down per module: candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (664.21 ms) : 0, 664210
BytebuddyAgent [candidate] (674.609 ms) : 0, 674609
GlobalTracer [baseline] (302.78 ms) : 0, 302780
GlobalTracer [candidate] (307.807 ms) : 0, 307807
AppSec [baseline] (50.218 ms) : 0, 50218
AppSec [candidate] (50.472 ms) : 0, 50472
Logs Intake [baseline] (332.839 µs) : 0, 333
Logs Intake [candidate] (340.157 µs) : 0, 340
Remote Config [baseline] (668.389 µs) : 0, 668
Remote Config [candidate] (681.834 µs) : 0, 682
Telemetry [baseline] (7.57 ms) : 0, 7570
Telemetry [candidate] (7.603 ms) : 0, 7603
section iast
BytebuddyAgent [baseline] (779.833 ms) : 0, 779833
BytebuddyAgent [candidate] (778.448 ms) : 0, 778448
GlobalTracer [baseline] (293.646 ms) : 0, 293646
GlobalTracer [candidate] (292.808 ms) : 0, 292808
AppSec [baseline] (47.082 ms) : 0, 47082
AppSec [candidate] (46.916 ms) : 0, 46916
IAST [baseline] (27.16 ms) : 0, 27160
IAST [candidate] (26.802 ms) : 0, 26802
Logs Intake [baseline] (313.883 µs) : 0, 314
Logs Intake [candidate] (300.967 µs) : 0, 301
Remote Config [baseline] (580.222 µs) : 0, 580
Remote Config [candidate] (1.316 ms) : 0, 1316
Telemetry [baseline] (8.382 ms) : 0, 8382
Telemetry [candidate] (8.578 ms) : 0, 8578
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (790.306 ms) : 0, 790306
BytebuddyAgent [candidate] (781.313 ms) : 0, 781313
GlobalTracer [baseline] (295.706 ms) : 0, 295706
GlobalTracer [candidate] (293.798 ms) : 0, 293798
AppSec [baseline] (47.237 ms) : 0, 47237
AppSec [candidate] (47.039 ms) : 0, 47039
IAST [baseline] (26.564 ms) : 0, 26564
IAST [candidate] (28.268 ms) : 0, 28268
Logs Intake [baseline] (304.852 µs) : 0, 305
Logs Intake [candidate] (308.294 µs) : 0, 308
Remote Config [baseline] (570.652 µs) : 0, 571
Remote Config [candidate] (581.72 µs) : 0, 582
Telemetry [baseline] (9.118 ms) : 0, 9118
Telemetry [candidate] (6.936 ms) : 0, 6936
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (777.903 ms) : 0, 777903
BytebuddyAgent [candidate] (777.231 ms) : 0, 777231
GlobalTracer [baseline] (293.175 ms) : 0, 293175
GlobalTracer [candidate] (293.398 ms) : 0, 293398
AppSec [baseline] (47.905 ms) : 0, 47905
AppSec [candidate] (48.606 ms) : 0, 48606
IAST [baseline] (24.178 ms) : 0, 24178
IAST [candidate] (24.678 ms) : 0, 24678
Logs Intake [baseline] (294.849 µs) : 0, 295
Logs Intake [candidate] (302.412 µs) : 0, 302
Remote Config [baseline] (566.467 µs) : 0, 566
Remote Config [candidate] (593.62 µs) : 0, 594
Telemetry [baseline] (8.344 ms) : 0, 8344
Telemetry [candidate] (7.794 ms) : 0, 7794

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
end_time	2024-06-14T11:08:22	2024-06-14T11:15:10
git_branch	master	vzakharov/appsec-rules-1.12.0
git_commit_date	1718362036	1718362198
git_commit_sha	`fba0450`	`677324a`
release_version	1.36.0-SNAPSHOT~fba045085f	1.36.0-SNAPSHOT~677324a135
start_time	2024-06-14T11:08:09	2024-06-14T11:14:57

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1718364056	1718364056
ci_job_id	543518820	543518820
ci_pipeline_id	36763746	36763746
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	iast	iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 16 unstable metrics.

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f
    dateFormat X
    axisFormat %s
section baseline
no_agent (379.116 µs) : 359, 400
.   : milestone, 379,
iast (477.799 µs) : 457, 499
.   : milestone, 478,
iast_FULL (562.606 µs) : 541, 584
.   : milestone, 563,
iast_GLOBAL (509.439 µs) : 487, 532
.   : milestone, 509,
iast_HARDCODED_SECRET_DISABLED (483.898 µs) : 463, 505
.   : milestone, 484,
iast_INACTIVE (453.837 µs) : 433, 475
.   : milestone, 454,
iast_TELEMETRY_OFF (477.995 µs) : 457, 499
.   : milestone, 478,
tracing (438.55 µs) : 418, 459
.   : milestone, 439,
section candidate
no_agent (370.409 µs) : 351, 390
.   : milestone, 370,
iast (479.432 µs) : 458, 501
.   : milestone, 479,
iast_FULL (552.94 µs) : 532, 574
.   : milestone, 553,
iast_GLOBAL (516.342 µs) : 494, 538
.   : milestone, 516,
iast_HARDCODED_SECRET_DISABLED (488.794 µs) : 467, 511
.   : milestone, 489,
iast_INACTIVE (451.447 µs) : 431, 472
.   : milestone, 451,
iast_TELEMETRY_OFF (473.436 µs) : 452, 495
.   : milestone, 473,
tracing (443.254 µs) : 422, 465
.   : milestone, 443,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	379.116 µs [358.651 µs, 399.581 µs]	-
iast	477.799 µs [457.007 µs, 498.591 µs]	98.683 µs (26.0%)
iast_FULL	562.606 µs [541.311 µs, 583.901 µs]	183.49 µs (48.4%)
iast_GLOBAL	509.439 µs [487.075 µs, 531.803 µs]	130.323 µs (34.4%)
iast_HARDCODED_SECRET_DISABLED	483.898 µs [462.664 µs, 505.132 µs]	104.783 µs (27.6%)
iast_INACTIVE	453.837 µs [432.68 µs, 474.993 µs]	74.721 µs (19.7%)
iast_TELEMETRY_OFF	477.995 µs [456.516 µs, 499.474 µs]	98.879 µs (26.1%)
tracing	438.55 µs [418.162 µs, 458.939 µs]	59.435 µs (15.7%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	370.409 µs [350.996 µs, 389.823 µs]	-
iast	479.432 µs [458.2 µs, 500.664 µs]	109.023 µs (29.4%)
iast_FULL	552.94 µs [531.911 µs, 573.97 µs]	182.531 µs (49.3%)
iast_GLOBAL	516.342 µs [494.235 µs, 538.449 µs]	145.933 µs (39.4%)
iast_HARDCODED_SECRET_DISABLED	488.794 µs [466.881 µs, 510.707 µs]	118.385 µs (32.0%)
iast_INACTIVE	451.447 µs [430.597 µs, 472.296 µs]	81.037 µs (21.9%)
iast_TELEMETRY_OFF	473.436 µs [452.361 µs, 494.511 µs]	103.027 µs (27.8%)
tracing	443.254 µs [421.732 µs, 464.777 µs]	72.845 µs (19.7%)

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.339 ms) : 1320, 1359
.   : milestone, 1339,
appsec (1.715 ms) : 1691, 1738
.   : milestone, 1715,
appsec_no_iast (1.695 ms) : 1670, 1721
.   : milestone, 1695,
iast (1.482 ms) : 1459, 1504
.   : milestone, 1482,
profiling (1.48 ms) : 1455, 1505
.   : milestone, 1480,
tracing (1.476 ms) : 1452, 1500
.   : milestone, 1476,
section candidate
no_agent (1.349 ms) : 1330, 1368
.   : milestone, 1349,
appsec (1.723 ms) : 1699, 1747
.   : milestone, 1723,
appsec_no_iast (1.708 ms) : 1684, 1733
.   : milestone, 1708,
iast (1.488 ms) : 1466, 1510
.   : milestone, 1488,
profiling (1.502 ms) : 1477, 1528
.   : milestone, 1502,
tracing (1.462 ms) : 1437, 1486
.   : milestone, 1462,

baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.339 ms [1.32 ms, 1.359 ms]	-
appsec	1.715 ms [1.691 ms, 1.738 ms]	375.426 µs (28.0%)
appsec_no_iast	1.695 ms [1.67 ms, 1.721 ms]	355.757 µs (26.6%)
iast	1.482 ms [1.459 ms, 1.504 ms]	142.294 µs (10.6%)
profiling	1.48 ms [1.455 ms, 1.505 ms]	140.75 µs (10.5%)
tracing	1.476 ms [1.452 ms, 1.5 ms]	136.867 µs (10.2%)

candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	1.349 ms [1.33 ms, 1.368 ms]	-
appsec	1.723 ms [1.699 ms, 1.747 ms]	374.257 µs (27.7%)
appsec_no_iast	1.708 ms [1.684 ms, 1.733 ms]	359.78 µs (26.7%)
iast	1.488 ms [1.466 ms, 1.51 ms]	139.456 µs (10.3%)
profiling	1.502 ms [1.477 ms, 1.528 ms]	153.671 µs (11.4%)
tracing	1.462 ms [1.437 ms, 1.486 ms]	112.842 µs (8.4%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	vzakharov/appsec-rules-1.12.0
git_commit_date	1718362036	1718362198
git_commit_sha	`fba0450`	`677324a`
release_version	1.36.0-SNAPSHOT~fba045085f	1.36.0-SNAPSHOT~677324a135

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1718364576	1718364576
ci_job_id	543518821	543518821
ci_pipeline_id	36763746	36763746
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant	appsec	appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.976 s) : 14976000, 14976000
.   : milestone, 14976000,
appsec (15.282 s) : 15282000, 15282000
.   : milestone, 15282000,
iast (18.929 s) : 18929000, 18929000
.   : milestone, 18929000,
iast_GLOBAL (17.821 s) : 17821000, 17821000
.   : milestone, 17821000,
profiling (15.12 s) : 15120000, 15120000
.   : milestone, 15120000,
tracing (14.922 s) : 14922000, 14922000
.   : milestone, 14922000,
section candidate
no_agent (14.91 s) : 14910000, 14910000
.   : milestone, 14910000,
appsec (15.148 s) : 15148000, 15148000
.   : milestone, 15148000,
iast (18.86 s) : 18860000, 18860000
.   : milestone, 18860000,
iast_GLOBAL (17.984 s) : 17984000, 17984000
.   : milestone, 17984000,
profiling (15.393 s) : 15393000, 15393000
.   : milestone, 15393000,
tracing (15.014 s) : 15014000, 15014000
.   : milestone, 15014000,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.976 s [14.976 s, 14.976 s]	-
appsec	15.282 s [15.282 s, 15.282 s]	306.0 ms (2.0%)
iast	18.929 s [18.929 s, 18.929 s]	3.953 s (26.4%)
iast_GLOBAL	17.821 s [17.821 s, 17.821 s]	2.845 s (19.0%)
profiling	15.12 s [15.12 s, 15.12 s]	144.0 ms (1.0%)
tracing	14.922 s [14.922 s, 14.922 s]	-54.0 ms (-0.4%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.91 s [14.91 s, 14.91 s]	-
appsec	15.148 s [15.148 s, 15.148 s]	238.0 ms (1.6%)
iast	18.86 s [18.86 s, 18.86 s]	3.95 s (26.5%)
iast_GLOBAL	17.984 s [17.984 s, 17.984 s]	3.074 s (20.6%)
profiling	15.393 s [15.393 s, 15.393 s]	483.0 ms (3.2%)
tracing	15.014 s [15.014 s, 15.014 s]	104.0 ms (0.7%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~677324a135, baseline=1.36.0-SNAPSHOT~fba045085f
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.455 ms) : 1443, 1466
.   : milestone, 1455,
appsec (2.192 ms) : 2158, 2226
.   : milestone, 2192,
iast (1.96 ms) : 1919, 2001
.   : milestone, 1960,
iast_GLOBAL (1.984 ms) : 1944, 2025
.   : milestone, 1984,
profiling (1.845 ms) : 1811, 1879
.   : milestone, 1845,
tracing (1.829 ms) : 1797, 1861
.   : milestone, 1829,
section candidate
no_agent (1.464 ms) : 1452, 1475
.   : milestone, 1464,
appsec (2.195 ms) : 2161, 2229
.   : milestone, 2195,
iast (1.956 ms) : 1915, 1996
.   : milestone, 1956,
iast_GLOBAL (2.004 ms) : 1962, 2045
.   : milestone, 2004,
profiling (1.84 ms) : 1807, 1872
.   : milestone, 1840,
tracing (1.817 ms) : 1786, 1849
.   : milestone, 1817,

baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.455 ms [1.443 ms, 1.466 ms]	-
appsec	2.192 ms [2.158 ms, 2.226 ms]	737.021 µs (50.7%)
iast	1.96 ms [1.919 ms, 2.001 ms]	505.418 µs (34.7%)
iast_GLOBAL	1.984 ms [1.944 ms, 2.025 ms]	529.916 µs (36.4%)
profiling	1.845 ms [1.811 ms, 1.879 ms]	390.57 µs (26.9%)
tracing	1.829 ms [1.797 ms, 1.861 ms]	374.033 µs (25.7%)

candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.464 ms [1.452 ms, 1.475 ms]	-
appsec	2.195 ms [2.161 ms, 2.229 ms]	731.278 µs (50.0%)
iast	1.956 ms [1.915 ms, 1.996 ms]	492.0 µs (33.6%)
iast_GLOBAL	2.004 ms [1.962 ms, 2.045 ms]	539.948 µs (36.9%)
profiling	1.84 ms [1.807 ms, 1.872 ms]	376.266 µs (25.7%)
tracing	1.817 ms [1.786 ms, 1.849 ms]	353.83 µs (24.2%)

Upgrade to AppSec rules v1.12.0

677324a

ValentinZakharov marked this pull request as ready for review June 14, 2024 10:52

ValentinZakharov requested a review from a team as a code owner June 14, 2024 10:52

ValentinZakharov requested review from smola and jandro996 June 14, 2024 10:52

ValentinZakharov self-assigned this Jun 14, 2024

ValentinZakharov added the comp: asm waf Application Security Management (WAF) label Jun 14, 2024

smola approved these changes Jun 14, 2024

View reviewed changes

ValentinZakharov merged commit 24d82a5 into master Jun 14, 2024
83 checks passed

ValentinZakharov deleted the vzakharov/appsec-rules-1.12.0 branch June 14, 2024 11:42

github-actions bot added this to the 1.35.1 milestone Jun 14, 2024

mcculls modified the milestones: 1.35.1, 1.36.0 Jun 17, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade to AppSec rules v1.12.0 #7192

Upgrade to AppSec rules v1.12.0 #7192

ValentinZakharov commented Jun 14, 2024

pr-commenter bot commented Jun 14, 2024

Upgrade to AppSec rules v1.12.0 #7192

Upgrade to AppSec rules v1.12.0 #7192

Conversation

ValentinZakharov commented Jun 14, 2024

What Does This Do

Motivation

Additional Notes

pr-commenter bot commented Jun 14, 2024

Benchmarks

Startup

Parameters

Summary

Load

Parameters

Summary

Dacapo

Parameters

Summary