Skip to content

Add downstream HTTP request/response analysis for OkHttp2 client #9572

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add downstream HTTP request/response analysis for OkHttp2 client #9572

wants to merge 1 commit into from

Conversation

manuel-alvarez-alvarez
Copy link
Member

@manuel-alvarez-alvarez manuel-alvarez-alvarez commented Sep 19, 2025
edited
Loading

What Does This Do

Adds support for downstream HTTP request and response analysis in the OkHttp2 client instrumentation.

Motivation

Enable AppSec to analyze outbound requests made through OkHttp2. This expands coverage for API security and SSRF protections, while supporting downstream traffic inspection with configurable sampling.

Additional Notes

RFC

Contributor Checklist

Jira ticket: APPSEC-58613

@manuel-alvarez-alvarez manuel-alvarez-alvarez added inst: others All other instrumentations comp: asm waf Application Security Management (WAF) labels Sep 19, 2025
@manuel-alvarez-alvarez manuel-alvarez-alvarez changed the title Add http downstream request analysis for OkHttp2 Add downstream HTTP request/response analysis for OkHttp2 client Sep 19, 2025
@pr-commenter
Copy link

pr-commenter bot commented Sep 19, 2025
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-downstream-http
git_commit_date 1758552415 1758553121
git_commit_sha fc0582d 4ce366c
release_version 1.54.0-SNAPSHOT~fc0582d498 1.54.0-SNAPSHOT~4ce366c83a
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1758554988 1758554988
ci_job_id 1141159554 1141159554
ci_pipeline_id 77173162 77173162
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-74x3a40x 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-74x3a40x 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 3 performance regressions! Performance is the same for 46 metrics, 10 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:startup:insecure-bank:tracing:AppSec worse
[+0.726ms; +1.774ms] or [+2.271%; +5.552%]		 33.209ms 31.959ms
scenario:startup:petclinic:profiling:AppSec worse
[+1.442ms; +2.149ms] or [+4.616%; +6.881%]		 33.024ms 31.229ms
scenario:startup:petclinic:tracing:AppSec worse
[+1.354ms; +1.807ms] or [+4.261%; +5.687%]		 33.351ms 31.771ms
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.028 s) : 0, 1028308
Total [baseline] (8.729 s) : 0, 8729008
Agent [candidate] (1.024 s) : 0, 1024180
Total [candidate] (8.711 s) : 0, 8710723
section iast
Agent [baseline] (1.155 s) : 0, 1154892
Total [baseline] (9.392 s) : 0, 9391669
Agent [candidate] (1.156 s) : 0, 1155520
Total [candidate] (9.346 s) : 0, 9345853
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.028 s -
Agent iast 1.155 s 126.585 ms (12.3%)
Total tracing 8.729 s -
Total iast 9.392 s 662.661 ms (7.6%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.024 s -
Agent iast 1.156 s 131.34 ms (12.8%)
Total tracing 8.711 s -
Total iast 9.346 s 635.13 ms (7.3%) 
gantt
    title insecure-bank - break down per module: candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.468 ms) : 0, 1468
crashtracking [candidate] (1.448 ms) : 0, 1448
BytebuddyAgent [baseline] (693.011 ms) : 0, 693011
BytebuddyAgent [candidate] (688.746 ms) : 0, 688746
GlobalTracer [baseline] (259.995 ms) : 0, 259995
GlobalTracer [candidate] (259.366 ms) : 0, 259366
AppSec [baseline] (31.959 ms) : 0, 31959
AppSec [candidate] (33.209 ms) : 0, 33209
Debugger [baseline] (6.39 ms) : 0, 6390
Debugger [candidate] (6.307 ms) : 0, 6307
Remote Config [baseline] (685.563 µs) : 0, 686
Remote Config [candidate] (716.903 µs) : 0, 717
Telemetry [baseline] (13.669 ms) : 0, 13669
Telemetry [candidate] (13.358 ms) : 0, 13358
section iast
crashtracking [baseline] (1.455 ms) : 0, 1455
crashtracking [candidate] (1.475 ms) : 0, 1475
BytebuddyAgent [baseline] (809.081 ms) : 0, 809081
BytebuddyAgent [candidate] (808.089 ms) : 0, 808089
GlobalTracer [baseline] (249.163 ms) : 0, 249163
GlobalTracer [candidate] (249.707 ms) : 0, 249707
AppSec [baseline] (27.245 ms) : 0, 27245
AppSec [candidate] (28.743 ms) : 0, 28743
Debugger [baseline] (6.109 ms) : 0, 6109
Debugger [candidate] (7.008 ms) : 0, 7008
Remote Config [baseline] (610.075 µs) : 0, 610
Remote Config [candidate] (600.26 µs) : 0, 600
Telemetry [baseline] (8.148 ms) : 0, 8148
Telemetry [candidate] (8.162 ms) : 0, 8162
IAST [baseline] (32.096 ms) : 0, 32096
IAST [candidate] (30.77 ms) : 0, 30770
Loading
Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.019 s) : 0, 1018890
Total [baseline] (10.716 s) : 0, 10716395
Agent [candidate] (1.02 s) : 0, 1019834
Total [candidate] (10.728 s) : 0, 10728446
section appsec
Agent [baseline] (1.198 s) : 0, 1198290
Total [baseline] (11.074 s) : 0, 11074462
Agent [candidate] (1.198 s) : 0, 1198325
Total [candidate] (10.968 s) : 0, 10967596
section iast
Agent [baseline] (1.154 s) : 0, 1153734
Total [baseline] (11.052 s) : 0, 11052118
Agent [candidate] (1.157 s) : 0, 1157460
Total [candidate] (11.148 s) : 0, 11147567
section profiling
Agent [baseline] (1.164 s) : 0, 1164075
Total [baseline] (11.082 s) : 0, 11082157
Agent [candidate] (1.172 s) : 0, 1172483
Total [candidate] (11.1 s) : 0, 11099995
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.019 s -
Agent appsec 1.198 s 179.401 ms (17.6%)
Agent iast 1.154 s 134.845 ms (13.2%)
Agent profiling 1.164 s 145.185 ms (14.2%)
Total tracing 10.716 s -
Total appsec 11.074 s 358.067 ms (3.3%)
Total iast 11.052 s 335.723 ms (3.1%)
Total profiling 11.082 s 365.762 ms (3.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.02 s -
Agent appsec 1.198 s 178.491 ms (17.5%)
Agent iast 1.157 s 137.626 ms (13.5%)
Agent profiling 1.172 s 152.649 ms (15.0%)
Total tracing 10.728 s -
Total appsec 10.968 s 239.151 ms (2.2%)
Total iast 11.148 s 419.121 ms (3.9%)
Total profiling 11.1 s 371.55 ms (3.5%) 
gantt
    title petclinic - break down per module: candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.476 ms) : 0, 1476
crashtracking [candidate] (1.443 ms) : 0, 1443
BytebuddyAgent [baseline] (686.983 ms) : 0, 686983
BytebuddyAgent [candidate] (685.921 ms) : 0, 685921
GlobalTracer [baseline] (258.786 ms) : 0, 258786
GlobalTracer [candidate] (258.576 ms) : 0, 258576
AppSec [baseline] (31.771 ms) : 0, 31771
AppSec [candidate] (33.351 ms) : 0, 33351
Debugger [baseline] (6.346 ms) : 0, 6346
Debugger [candidate] (6.371 ms) : 0, 6371
Remote Config [baseline] (692.135 µs) : 0, 692
Remote Config [candidate] (718.027 µs) : 0, 718
Telemetry [baseline] (11.8 ms) : 0, 11800
Telemetry [candidate] (12.386 ms) : 0, 12386
section appsec
crashtracking [baseline] (1.458 ms) : 0, 1458
crashtracking [candidate] (1.461 ms) : 0, 1461
BytebuddyAgent [baseline] (711.786 ms) : 0, 711786
BytebuddyAgent [candidate] (710.526 ms) : 0, 710526
GlobalTracer [baseline] (251.4 ms) : 0, 251400
GlobalTracer [candidate] (251.058 ms) : 0, 251058
IAST [baseline] (25.042 ms) : 0, 25042
IAST [candidate] (24.972 ms) : 0, 24972
AppSec [baseline] (170.823 ms) : 0, 170823
AppSec [candidate] (171.683 ms) : 0, 171683
Debugger [baseline] (6.082 ms) : 0, 6082
Debugger [candidate] (6.052 ms) : 0, 6052
Remote Config [baseline] (615.858 µs) : 0, 616
Remote Config [candidate] (648.708 µs) : 0, 649
Telemetry [baseline] (9.863 ms) : 0, 9863
Telemetry [candidate] (10.785 ms) : 0, 10785
section iast
crashtracking [baseline] (1.459 ms) : 0, 1459
crashtracking [candidate] (1.455 ms) : 0, 1455
BytebuddyAgent [baseline] (807.85 ms) : 0, 807850
BytebuddyAgent [candidate] (809.458 ms) : 0, 809458
GlobalTracer [baseline] (249.609 ms) : 0, 249609
GlobalTracer [candidate] (249.626 ms) : 0, 249626
IAST [baseline] (30.678 ms) : 0, 30678
IAST [candidate] (31.2 ms) : 0, 31200
AppSec [baseline] (28.133 ms) : 0, 28133
AppSec [candidate] (29.711 ms) : 0, 29711
Debugger [baseline] (6.109 ms) : 0, 6109
Debugger [candidate] (6.138 ms) : 0, 6138
Remote Config [baseline] (613.28 µs) : 0, 613
Remote Config [candidate] (617.508 µs) : 0, 618
Telemetry [baseline] (8.146 ms) : 0, 8146
Telemetry [candidate] (8.249 ms) : 0, 8249
section profiling
crashtracking [baseline] (1.449 ms) : 0, 1449
crashtracking [candidate] (1.447 ms) : 0, 1447
BytebuddyAgent [baseline] (718.161 ms) : 0, 718161
BytebuddyAgent [candidate] (723.138 ms) : 0, 723138
GlobalTracer [baseline] (236.474 ms) : 0, 236474
GlobalTracer [candidate] (237.54 ms) : 0, 237540
AppSec [baseline] (31.229 ms) : 0, 31229
AppSec [candidate] (33.024 ms) : 0, 33024
Debugger [baseline] (6.498 ms) : 0, 6498
Debugger [candidate] (6.547 ms) : 0, 6547
Remote Config [baseline] (706.088 µs) : 0, 706
Remote Config [candidate] (812.606 µs) : 0, 813
Telemetry [baseline] (16.697 ms) : 0, 16697
Telemetry [candidate] (16.564 ms) : 0, 16564
ProfilingAgent [baseline] (101.829 ms) : 0, 101829
ProfilingAgent [candidate] (101.912 ms) : 0, 101912
Profiling [baseline] (102.422 ms) : 0, 102422
Profiling [candidate] (102.506 ms) : 0, 102506
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-downstream-http
git_commit_date 1758552415 1758553121
git_commit_sha fc0582d 4ce366c
release_version 1.54.0-SNAPSHOT~fc0582d498 1.54.0-SNAPSHOT~4ce366c83a
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1758554647 1758554647
ci_job_id 1141159555 1141159555
ci_pipeline_id 77173162 77173162
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-m1hli8wb 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-m1hli8wb 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 1 performance regressions! Performance is the same for 11 metrics, 12 unstable metrics.

scenario Δ mean http_req_duration Δ mean throughput candidate mean http_req_duration candidate mean throughput baseline mean http_req_duration baseline mean throughput
scenario:load:petclinic:code_origins:high_load worse
[+1.039ms; +1.897ms] or [+2.302%; +4.205%]		 unstable
[-10.464op/s; +3.939op/s] or [-10.089%; +3.798%]		 46.579ms 100.450op/s 45.111ms 103.713op/s
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498
    dateFormat X
    axisFormat %s
section baseline
no_agent (36.672 ms) : 36387, 36957
.   : milestone, 36672,
appsec (50.194 ms) : 49737, 50652
.   : milestone, 50194,
code_origins (45.111 ms) : 44722, 45500
.   : milestone, 45111,
iast (45.942 ms) : 45539, 46345
.   : milestone, 45942,
profiling (48.568 ms) : 48113, 49023
.   : milestone, 48568,
tracing (44.65 ms) : 44279, 45021
.   : milestone, 44650,
section candidate
no_agent (36.893 ms) : 36604, 37182
.   : milestone, 36893,
appsec (50.819 ms) : 50389, 51248
.   : milestone, 50819,
code_origins (46.579 ms) : 46170, 46987
.   : milestone, 46579,
iast (44.758 ms) : 44371, 45145
.   : milestone, 44758,
profiling (48.971 ms) : 48544, 49398
.   : milestone, 48971,
tracing (44.924 ms) : 44528, 45319
.   : milestone, 44924,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 36.672 ms [36.387 ms, 36.957 ms] -
appsec 50.194 ms [49.737 ms, 50.652 ms] 13.522 ms (36.9%)
code_origins 45.111 ms [44.722 ms, 45.5 ms] 8.438 ms (23.0%)
iast 45.942 ms [45.539 ms, 46.345 ms] 9.269 ms (25.3%)
profiling 48.568 ms [48.113 ms, 49.023 ms] 11.896 ms (32.4%)
tracing 44.65 ms [44.279 ms, 45.021 ms] 7.978 ms (21.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 36.893 ms [36.604 ms, 37.182 ms] -
appsec 50.819 ms [50.389 ms, 51.248 ms] 13.925 ms (37.7%)
code_origins 46.579 ms [46.17 ms, 46.987 ms] 9.685 ms (26.3%)
iast 44.758 ms [44.371 ms, 45.145 ms] 7.865 ms (21.3%)
profiling 48.971 ms [48.544 ms, 49.398 ms] 12.078 ms (32.7%)
tracing 44.924 ms [44.528 ms, 45.319 ms] 8.031 ms (21.8%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.445 ms) : 4396, 4495
.   : milestone, 4445,
iast (9.638 ms) : 9475, 9802
.   : milestone, 9638,
iast_FULL (14.499 ms) : 14214, 14784
.   : milestone, 14499,
iast_GLOBAL (10.525 ms) : 10340, 10710
.   : milestone, 10525,
profiling (8.918 ms) : 8780, 9056
.   : milestone, 8918,
tracing (7.948 ms) : 7827, 8070
.   : milestone, 7948,
section candidate
no_agent (4.506 ms) : 4456, 4555
.   : milestone, 4506,
iast (9.931 ms) : 9762, 10100
.   : milestone, 9931,
iast_FULL (14.228 ms) : 13944, 14511
.   : milestone, 14228,
iast_GLOBAL (10.763 ms) : 10573, 10953
.   : milestone, 10763,
profiling (9.111 ms) : 8967, 9254
.   : milestone, 9111,
tracing (7.761 ms) : 7648, 7874
.   : milestone, 7761,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.445 ms [4.396 ms, 4.495 ms] -
iast 9.638 ms [9.475 ms, 9.802 ms] 5.193 ms (116.8%)
iast_FULL 14.499 ms [14.214 ms, 14.784 ms] 10.054 ms (226.2%)
iast_GLOBAL 10.525 ms [10.34 ms, 10.71 ms] 6.08 ms (136.8%)
profiling 8.918 ms [8.78 ms, 9.056 ms] 4.473 ms (100.6%)
tracing 7.948 ms [7.827 ms, 8.07 ms] 3.503 ms (78.8%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 4.506 ms [4.456 ms, 4.555 ms] -
iast 9.931 ms [9.762 ms, 10.1 ms] 5.425 ms (120.4%)
iast_FULL 14.228 ms [13.944 ms, 14.511 ms] 9.722 ms (215.8%)
iast_GLOBAL 10.763 ms [10.573 ms, 10.953 ms] 6.257 ms (138.9%)
profiling 9.111 ms [8.967 ms, 9.254 ms] 4.605 ms (102.2%)
tracing 7.761 ms [7.648 ms, 7.874 ms] 3.256 ms (72.3%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master malvarez/appsec-downstream-http
git_commit_date 1758552415 1758553121
git_commit_sha fc0582d 4ce366c
release_version 1.54.0-SNAPSHOT~fc0582d498 1.54.0-SNAPSHOT~4ce366c83a
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1758555234 1758555234
ci_job_id 1141159557 1141159557
ci_pipeline_id 77173162 77173162
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-snl01lhn 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-snl01lhn 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.546 s) : 15546000, 15546000
.   : milestone, 15546000,
appsec (15.095 s) : 15095000, 15095000
.   : milestone, 15095000,
iast (18.812 s) : 18812000, 18812000
.   : milestone, 18812000,
iast_GLOBAL (18.209 s) : 18209000, 18209000
.   : milestone, 18209000,
profiling (15.059 s) : 15059000, 15059000
.   : milestone, 15059000,
tracing (15.005 s) : 15005000, 15005000
.   : milestone, 15005000,
section candidate
no_agent (15.384 s) : 15384000, 15384000
.   : milestone, 15384000,
appsec (15.151 s) : 15151000, 15151000
.   : milestone, 15151000,
iast (18.337 s) : 18337000, 18337000
.   : milestone, 18337000,
iast_GLOBAL (18.123 s) : 18123000, 18123000
.   : milestone, 18123000,
profiling (15.294 s) : 15294000, 15294000
.   : milestone, 15294000,
tracing (14.961 s) : 14961000, 14961000
.   : milestone, 14961000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.546 s [15.546 s, 15.546 s] -
appsec 15.095 s [15.095 s, 15.095 s] -451.0 ms (-2.9%)
iast 18.812 s [18.812 s, 18.812 s] 3.266 s (21.0%)
iast_GLOBAL 18.209 s [18.209 s, 18.209 s] 2.663 s (17.1%)
profiling 15.059 s [15.059 s, 15.059 s] -487.0 ms (-3.1%)
tracing 15.005 s [15.005 s, 15.005 s] -541.0 ms (-3.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.384 s [15.384 s, 15.384 s] -
appsec 15.151 s [15.151 s, 15.151 s] -233.0 ms (-1.5%)
iast 18.337 s [18.337 s, 18.337 s] 2.953 s (19.2%)
iast_GLOBAL 18.123 s [18.123 s, 18.123 s] 2.739 s (17.8%)
profiling 15.294 s [15.294 s, 15.294 s] -90.0 ms (-0.6%)
tracing 14.961 s [14.961 s, 14.961 s] -423.0 ms (-2.7%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.54.0-SNAPSHOT~4ce366c83a, baseline=1.54.0-SNAPSHOT~fc0582d498
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.483 ms) : 1472, 1495
.   : milestone, 1483,
appsec (2.454 ms) : 2404, 2505
.   : milestone, 2454,
iast (2.205 ms) : 2141, 2269
.   : milestone, 2205,
iast_GLOBAL (2.253 ms) : 2189, 2316
.   : milestone, 2253,
profiling (2.056 ms) : 2005, 2107
.   : milestone, 2056,
tracing (2.033 ms) : 1983, 2082
.   : milestone, 2033,
section candidate
no_agent (1.478 ms) : 1467, 1490
.   : milestone, 1478,
appsec (3.716 ms) : 3498, 3935
.   : milestone, 3716,
iast (2.201 ms) : 2138, 2264
.   : milestone, 2201,
iast_GLOBAL (2.249 ms) : 2186, 2313
.   : milestone, 2249,
profiling (2.075 ms) : 2022, 2128
.   : milestone, 2075,
tracing (2.027 ms) : 1978, 2076
.   : milestone, 2027,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.483 ms [1.472 ms, 1.495 ms] -
appsec 2.454 ms [2.404 ms, 2.505 ms] 971.061 µs (65.5%)
iast 2.205 ms [2.141 ms, 2.269 ms] 721.731 µs (48.7%)
iast_GLOBAL 2.253 ms [2.189 ms, 2.316 ms] 769.348 µs (51.9%)
profiling 2.056 ms [2.005 ms, 2.107 ms] 573.256 µs (38.7%)
tracing 2.033 ms [1.983 ms, 2.082 ms] 549.441 µs (37.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.478 ms [1.467 ms, 1.49 ms] -
appsec 3.716 ms [3.498 ms, 3.935 ms] 2.238 ms (151.4%)
iast 2.201 ms [2.138 ms, 2.264 ms] 722.585 µs (48.9%)
iast_GLOBAL 2.249 ms [2.186 ms, 2.313 ms] 770.881 µs (52.1%)
profiling 2.075 ms [2.022 ms, 2.128 ms] 596.425 µs (40.3%)
tracing 2.027 ms [1.978 ms, 2.076 ms] 548.862 µs (37.1%)

@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-downstream-http branch from e10c32e to 094375b Compare September 19, 2025 15:39
@manuel-alvarez-alvarez manuel-alvarez-alvarez marked this pull request as ready for review September 19, 2025 15:39
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 19, 2025
edited
Loading

Hi! 👋 Thanks for your pull request! 🎉

To help us review it, please make sure to:

  • Add at least one type, and one component or instrumentation label to the pull request

If you need help, please check our contributing guidelines.

@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-downstream-http branch 2 times, most recently from fe39167 to 1dae6dc Compare September 19, 2025 15:59
@manuel-alvarez-alvarez manuel-alvarez-alvarez added the type: enhancement Enhancements and improvements label Sep 22, 2025
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-downstream-http branch from 1dae6dc to 86ba6d2 Compare September 22, 2025 08:45
@manuel-alvarez-alvarez manuel-alvarez-alvarez force-pushed the malvarez/appsec-downstream-http branch from 86ba6d2 to 4ce366c Compare September 22, 2025 14:58
@datadog-datadog-prod-us1
Copy link
Contributor

datadog-datadog-prod-us1 bot commented Sep 22, 2025
edited
Loading

🎯 Code Coverage
Patch Coverage: 55.17%
Total Coverage: 60.66% (+0.80%)

View detailed report

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 4ce366c | Docs | Was this helpful? Give us feedback!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robertpi robertpi Awaiting requested review from robertpi robertpi is a code owner automatically assigned from DataDog/asm-java

@sezen-datadog sezen-datadog Awaiting requested review from sezen-datadog sezen-datadog is a code owner automatically assigned from DataDog/asm-java

@mcculls mcculls Awaiting requested review from mcculls mcculls is a code owner automatically assigned from DataDog/apm-java

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
comp: asm waf Application Security Management (WAF) inst: others All other instrumentations type: enhancement Enhancements and improvements
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@manuel-alvarez-alvarez