Skip to content

Added addresses for SSRF and LFI exploits #7189

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ValentinZakharov merged 1 commit into from
Jun 14, 2024
Merged

Added addresses for SSRF and LFI exploits #7189

ValentinZakharov merged 1 commit into from
Jun 14, 2024

Conversation

@ValentinZakharov
Copy link
Contributor

@ValentinZakharov ValentinZakharov commented Jun 14, 2024

What Does This Do

Added addresses for Server-side request forgery (SSRF) and Local File Inclusion (LFI) exploits

Motivation

This is part of AM Exploit Prevention initiative

Additional Notes

@ValentinZakharov ValentinZakharov added tag: no release notes Changes to exclude from release notes comp: asm waf Application Security Management (WAF) labels Jun 14, 2024
@ValentinZakharov ValentinZakharov self-assigned this Jun 14, 2024
@ValentinZakharov ValentinZakharov marked this pull request as ready for review June 14, 2024 09:01
@ValentinZakharov ValentinZakharov requested a review from a team as a code owner June 14, 2024 09:01
@smola smola changed the title Added addresses for SSRF and LIF exploits Added addresses for SSRF and LFI exploits Jun 14, 2024
@pr-commenter
Copy link

pr-commenter bot commented Jun 14, 2024

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master vzakharov/ssrf_lfi_addresses
git_commit_date 1718302534 1718355549
git_commit_sha 38271ed 10fcaf7
release_version 1.36.0-SNAPSHOT~38271eda58 1.36.0-SNAPSHOT~10fcaf710e
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1718358392 1718358392
ci_job_id 543387508 543387508
ci_pipeline_id 36757925 36757925
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
module Agent Agent
parent None None
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 55 metrics, 16 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.058 s) : 0, 1058068
Total [baseline] (10.38 s) : 0, 10379713
Agent [candidate] (1.062 s) : 0, 1062089
Total [candidate] (10.324 s) : 0, 10324106
section appsec
Agent [baseline] (1.176 s) : 0, 1175875
Total [baseline] (10.447 s) : 0, 10447107
Agent [candidate] (1.181 s) : 0, 1180655
Total [candidate] (10.447 s) : 0, 10446609
section iast
Agent [baseline] (1.178 s) : 0, 1177858
Total [baseline] (10.729 s) : 0, 10728731
Agent [candidate] (1.167 s) : 0, 1166942
Total [candidate] (10.64 s) : 0, 10639973
section profiling
Agent [baseline] (1.257 s) : 0, 1257063
Total [baseline] (10.732 s) : 0, 10732051
Agent [candidate] (1.259 s) : 0, 1259110
Total [candidate] (10.656 s) : 0, 10656360
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.058 s -
Agent appsec 1.176 s 117.807 ms (11.1%)
Agent iast 1.178 s 119.79 ms (11.3%)
Agent profiling 1.257 s 198.995 ms (18.8%)
Total tracing 10.38 s -
Total appsec 10.447 s 67.393 ms (0.6%)
Total iast 10.729 s 349.018 ms (3.4%)
Total profiling 10.732 s 352.338 ms (3.4%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.062 s -
Agent appsec 1.181 s 118.566 ms (11.2%)
Agent iast 1.167 s 104.853 ms (9.9%)
Agent profiling 1.259 s 197.021 ms (18.6%)
Total tracing 10.324 s -
Total appsec 10.447 s 122.502 ms (1.2%)
Total iast 10.64 s 315.866 ms (3.1%)
Total profiling 10.656 s 332.253 ms (3.2%) 
gantt
    title petclinic - break down per module: candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (663.51 ms) : 0, 663510
BytebuddyAgent [candidate] (665.405 ms) : 0, 665405
GlobalTracer [baseline] (301.969 ms) : 0, 301969
GlobalTracer [candidate] (303.729 ms) : 0, 303729
AppSec [baseline] (49.808 ms) : 0, 49808
AppSec [candidate] (49.897 ms) : 0, 49897
Logs Intake [baseline] (414.957 µs) : 0, 415
Logs Intake [candidate] (377.326 µs) : 0, 377
Remote Config [baseline] (674.45 µs) : 0, 674
Remote Config [candidate] (693.417 µs) : 0, 693
Telemetry [baseline] (7.504 ms) : 0, 7504
Telemetry [candidate] (7.555 ms) : 0, 7555
section appsec
BytebuddyAgent [baseline] (673.824 ms) : 0, 673824
BytebuddyAgent [candidate] (676.125 ms) : 0, 676125
GlobalTracer [baseline] (296.239 ms) : 0, 296239
GlobalTracer [candidate] (297.311 ms) : 0, 297311
AppSec [baseline] (152.303 ms) : 0, 152303
AppSec [candidate] (152.698 ms) : 0, 152698
Logs Intake [baseline] (323.147 µs) : 0, 323
Logs Intake [candidate] (327.185 µs) : 0, 327
Remote Config [baseline] (627.395 µs) : 0, 627
Remote Config [candidate] (640.787 µs) : 0, 641
Telemetry [baseline] (8.434 ms) : 0, 8434
Telemetry [candidate] (8.801 ms) : 0, 8801
IAST [baseline] (19.702 ms) : 0, 19702
IAST [candidate] (20.778 ms) : 0, 20778
section iast
BytebuddyAgent [baseline] (783.908 ms) : 0, 783908
BytebuddyAgent [candidate] (780.277 ms) : 0, 780277
GlobalTracer [baseline] (296.826 ms) : 0, 296826
GlobalTracer [candidate] (292.469 ms) : 0, 292469
AppSec [baseline] (47.586 ms) : 0, 47586
AppSec [candidate] (46.87 ms) : 0, 46870
Logs Intake [baseline] (324.761 µs) : 0, 325
Logs Intake [candidate] (304.333 µs) : 0, 304
Remote Config [baseline] (579.019 µs) : 0, 579
Remote Config [candidate] (575.824 µs) : 0, 576
Telemetry [baseline] (7.695 ms) : 0, 7695
Telemetry [candidate] (8.525 ms) : 0, 8525
IAST [baseline] (27.601 ms) : 0, 27601
IAST [candidate] (24.607 ms) : 0, 24607
section profiling
BytebuddyAgent [baseline] (660.69 ms) : 0, 660690
BytebuddyAgent [candidate] (661.802 ms) : 0, 661802
GlobalTracer [baseline] (385.169 ms) : 0, 385169
GlobalTracer [candidate] (385.466 ms) : 0, 385466
AppSec [baseline] (50.515 ms) : 0, 50515
AppSec [candidate] (50.369 ms) : 0, 50369
Logs Intake [baseline] (329.149 µs) : 0, 329
Logs Intake [candidate] (336.443 µs) : 0, 336
Remote Config [baseline] (728.059 µs) : 0, 728
Remote Config [candidate] (758.069 µs) : 0, 758
Telemetry [baseline] (7.318 ms) : 0, 7318
Telemetry [candidate] (7.353 ms) : 0, 7353
ProfilingAgent [baseline] (95.513 ms) : 0, 95513
ProfilingAgent [candidate] (96.038 ms) : 0, 96038
Profiling [baseline] (95.538 ms) : 0, 95538
Profiling [candidate] (96.063 ms) : 0, 96063
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.059 s) : 0, 1059116
Total [baseline] (8.533 s) : 0, 8533381
Agent [candidate] (1.061 s) : 0, 1060588
Total [candidate] (8.557 s) : 0, 8556580
section iast
Agent [baseline] (1.166 s) : 0, 1166092
Total [baseline] (8.991 s) : 0, 8990662
Agent [candidate] (1.166 s) : 0, 1165810
Total [candidate] (8.972 s) : 0, 8972437
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.165 s) : 0, 1164991
Total [baseline] (8.969 s) : 0, 8968996
Agent [candidate] (1.176 s) : 0, 1176027
Total [candidate] (9.008 s) : 0, 9008077
section iast_TELEMETRY_OFF
Agent [baseline] (1.164 s) : 0, 1163800
Total [baseline] (8.968 s) : 0, 8968415
Agent [candidate] (1.171 s) : 0, 1170948
Total [candidate] (8.978 s) : 0, 8978095
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.059 s -
Agent iast 1.166 s 106.977 ms (10.1%)
Agent iast_HARDCODED_SECRET_DISABLED 1.165 s 105.875 ms (10.0%)
Agent iast_TELEMETRY_OFF 1.164 s 104.684 ms (9.9%)
Total tracing 8.533 s -
Total iast 8.991 s 457.281 ms (5.4%)
Total iast_HARDCODED_SECRET_DISABLED 8.969 s 435.615 ms (5.1%)
Total iast_TELEMETRY_OFF 8.968 s 435.034 ms (5.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.061 s -
Agent iast 1.166 s 105.223 ms (9.9%)
Agent iast_HARDCODED_SECRET_DISABLED 1.176 s 115.44 ms (10.9%)
Agent iast_TELEMETRY_OFF 1.171 s 110.36 ms (10.4%)
Total tracing 8.557 s -
Total iast 8.972 s 415.857 ms (4.9%)
Total iast_HARDCODED_SECRET_DISABLED 9.008 s 451.497 ms (5.3%)
Total iast_TELEMETRY_OFF 8.978 s 421.515 ms (4.9%) 
gantt
    title insecure-bank - break down per module: candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58

    dateFormat X
    axisFormat %s
section tracing
BytebuddyAgent [baseline] (663.295 ms) : 0, 663295
BytebuddyAgent [candidate] (663.9 ms) : 0, 663900
GlobalTracer [baseline] (303.146 ms) : 0, 303146
GlobalTracer [candidate] (303.45 ms) : 0, 303450
AppSec [baseline] (49.736 ms) : 0, 49736
AppSec [candidate] (50.152 ms) : 0, 50152
Logs Intake [baseline] (404.366 µs) : 0, 404
Logs Intake [candidate] (427.768 µs) : 0, 428
Remote Config [baseline] (661.816 µs) : 0, 662
Remote Config [candidate] (673.255 µs) : 0, 673
Telemetry [baseline] (7.451 ms) : 0, 7451
Telemetry [candidate] (7.534 ms) : 0, 7534
section iast
BytebuddyAgent [baseline] (776.974 ms) : 0, 776974
BytebuddyAgent [candidate] (777.853 ms) : 0, 777853
GlobalTracer [baseline] (292.419 ms) : 0, 292419
GlobalTracer [candidate] (292.672 ms) : 0, 292672
AppSec [baseline] (46.922 ms) : 0, 46922
AppSec [candidate] (46.616 ms) : 0, 46616
IAST [baseline] (24.94 ms) : 0, 24940
IAST [candidate] (26.959 ms) : 0, 26959
Logs Intake [baseline] (302.018 µs) : 0, 302
Logs Intake [candidate] (300.694 µs) : 0, 301
Remote Config [baseline] (586.487 µs) : 0, 586
Remote Config [candidate] (563.687 µs) : 0, 564
Telemetry [baseline] (10.719 ms) : 0, 10719
Telemetry [candidate] (7.568 ms) : 0, 7568
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (777.157 ms) : 0, 777157
BytebuddyAgent [candidate] (784.457 ms) : 0, 784457
GlobalTracer [baseline] (292.439 ms) : 0, 292439
GlobalTracer [candidate] (295.796 ms) : 0, 295796
AppSec [baseline] (46.542 ms) : 0, 46542
AppSec [candidate] (46.677 ms) : 0, 46677
IAST [baseline] (26.26 ms) : 0, 26260
IAST [candidate] (27.907 ms) : 0, 27907
Logs Intake [baseline] (299.675 µs) : 0, 300
Logs Intake [candidate] (299.341 µs) : 0, 299
Remote Config [baseline] (569.325 µs) : 0, 569
Remote Config [candidate] (564.034 µs) : 0, 564
Telemetry [baseline] (8.392 ms) : 0, 8392
Telemetry [candidate] (6.888 ms) : 0, 6888
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (775.859 ms) : 0, 775859
BytebuddyAgent [candidate] (780.207 ms) : 0, 780207
GlobalTracer [baseline] (292.841 ms) : 0, 292841
GlobalTracer [candidate] (294.669 ms) : 0, 294669
AppSec [baseline] (47.856 ms) : 0, 47856
AppSec [candidate] (48.997 ms) : 0, 48997
IAST [baseline] (25.622 ms) : 0, 25622
IAST [candidate] (24.635 ms) : 0, 24635
Logs Intake [baseline] (296.239 µs) : 0, 296
Logs Intake [candidate] (300.643 µs) : 0, 301
Remote Config [baseline] (552.94 µs) : 0, 553
Remote Config [candidate] (561.243 µs) : 0, 561
Telemetry [baseline] (7.456 ms) : 0, 7456
Telemetry [candidate] (8.185 ms) : 0, 8185
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
end_time 2024-06-14T09:19:21 2024-06-14T09:26:11
git_branch master vzakharov/ssrf_lfi_addresses
git_commit_date 1718302534 1718355549
git_commit_sha 38271ed 10fcaf7
release_version 1.36.0-SNAPSHOT~38271eda58 1.36.0-SNAPSHOT~10fcaf710e
start_time 2024-06-14T09:19:07 2024-06-14T09:25:58
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1718357518 1718357518
ci_job_id 543387509 543387509
ci_pipeline_id 36757925 36757925
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant iast iast

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics.

Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.348 ms) : 1327, 1368
.   : milestone, 1348,
appsec (1.723 ms) : 1699, 1747
.   : milestone, 1723,
appsec_no_iast (1.724 ms) : 1700, 1749
.   : milestone, 1724,
iast (1.487 ms) : 1465, 1510
.   : milestone, 1487,
profiling (1.509 ms) : 1485, 1533
.   : milestone, 1509,
tracing (1.47 ms) : 1446, 1494
.   : milestone, 1470,
section candidate
no_agent (1.358 ms) : 1339, 1377
.   : milestone, 1358,
appsec (1.717 ms) : 1694, 1741
.   : milestone, 1717,
appsec_no_iast (1.738 ms) : 1711, 1765
.   : milestone, 1738,
iast (1.483 ms) : 1461, 1506
.   : milestone, 1483,
profiling (1.518 ms) : 1493, 1543
.   : milestone, 1518,
tracing (1.476 ms) : 1451, 1501
.   : milestone, 1476,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.348 ms [1.327 ms, 1.368 ms] -
appsec 1.723 ms [1.699 ms, 1.747 ms] 374.907 µs (27.8%)
appsec_no_iast 1.724 ms [1.7 ms, 1.749 ms] 376.789 µs (28.0%)
iast 1.487 ms [1.465 ms, 1.51 ms] 139.673 µs (10.4%)
profiling 1.509 ms [1.485 ms, 1.533 ms] 161.241 µs (12.0%)
tracing 1.47 ms [1.446 ms, 1.494 ms] 122.448 µs (9.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.358 ms [1.339 ms, 1.377 ms] -
appsec 1.717 ms [1.694 ms, 1.741 ms] 359.584 µs (26.5%)
appsec_no_iast 1.738 ms [1.711 ms, 1.765 ms] 379.975 µs (28.0%)
iast 1.483 ms [1.461 ms, 1.506 ms] 125.617 µs (9.3%)
profiling 1.518 ms [1.493 ms, 1.543 ms] 160.307 µs (11.8%)
tracing 1.476 ms [1.451 ms, 1.501 ms] 118.163 µs (8.7%)
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58
    dateFormat X
    axisFormat %s
section baseline
no_agent (364.936 µs) : 345, 384
.   : milestone, 365,
iast (488.167 µs) : 467, 510
.   : milestone, 488,
iast_FULL (555.066 µs) : 534, 576
.   : milestone, 555,
iast_GLOBAL (510.635 µs) : 489, 532
.   : milestone, 511,
iast_HARDCODED_SECRET_DISABLED (485.816 µs) : 465, 507
.   : milestone, 486,
iast_INACTIVE (459.946 µs) : 439, 481
.   : milestone, 460,
iast_TELEMETRY_OFF (473.11 µs) : 451, 495
.   : milestone, 473,
tracing (442.614 µs) : 422, 463
.   : milestone, 443,
section candidate
no_agent (371.703 µs) : 352, 391
.   : milestone, 372,
iast (489.876 µs) : 469, 511
.   : milestone, 490,
iast_FULL (548.631 µs) : 528, 570
.   : milestone, 549,
iast_GLOBAL (515.699 µs) : 493, 538
.   : milestone, 516,
iast_HARDCODED_SECRET_DISABLED (489.54 µs) : 468, 511
.   : milestone, 490,
iast_INACTIVE (458.495 µs) : 438, 479
.   : milestone, 458,
iast_TELEMETRY_OFF (482.625 µs) : 461, 504
.   : milestone, 483,
tracing (445.543 µs) : 425, 466
.   : milestone, 446,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 364.936 µs [345.489 µs, 384.383 µs] -
iast 488.167 µs [466.586 µs, 509.748 µs] 123.231 µs (33.8%)
iast_FULL 555.066 µs [533.988 µs, 576.143 µs] 190.13 µs (52.1%)
iast_GLOBAL 510.635 µs [489.266 µs, 532.003 µs] 145.699 µs (39.9%)
iast_HARDCODED_SECRET_DISABLED 485.816 µs [465.018 µs, 506.615 µs] 120.881 µs (33.1%)
iast_INACTIVE 459.946 µs [438.999 µs, 480.893 µs] 95.011 µs (26.0%)
iast_TELEMETRY_OFF 473.11 µs [451.46 µs, 494.76 µs] 108.174 µs (29.6%)
tracing 442.614 µs [422.386 µs, 462.842 µs] 77.678 µs (21.3%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 371.703 µs [352.095 µs, 391.311 µs] -
iast 489.876 µs [468.518 µs, 511.234 µs] 118.173 µs (31.8%)
iast_FULL 548.631 µs [527.629 µs, 569.632 µs] 176.928 µs (47.6%)
iast_GLOBAL 515.699 µs [493.19 µs, 538.209 µs] 143.996 µs (38.7%)
iast_HARDCODED_SECRET_DISABLED 489.54 µs [468.23 µs, 510.851 µs] 117.837 µs (31.7%)
iast_INACTIVE 458.495 µs [437.543 µs, 479.446 µs] 86.792 µs (23.3%)
iast_TELEMETRY_OFF 482.625 µs [461.335 µs, 503.915 µs] 110.922 µs (29.8%)
tracing 445.543 µs [424.877 µs, 466.209 µs] 73.84 µs (19.9%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master vzakharov/ssrf_lfi_addresses
git_commit_date 1718302534 1718355549
git_commit_sha 38271ed 10fcaf7
release_version 1.36.0-SNAPSHOT~38271eda58 1.36.0-SNAPSHOT~10fcaf710e
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1718358036 1718358036
ci_job_id 543387510 543387510
ci_pipeline_id 36757925 36757925
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
variant appsec appsec

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.464 s) : 15464000, 15464000
.   : milestone, 15464000,
appsec (15.062 s) : 15062000, 15062000
.   : milestone, 15062000,
iast (19.137 s) : 19137000, 19137000
.   : milestone, 19137000,
iast_GLOBAL (17.96 s) : 17960000, 17960000
.   : milestone, 17960000,
profiling (15.551 s) : 15551000, 15551000
.   : milestone, 15551000,
tracing (14.97 s) : 14970000, 14970000
.   : milestone, 14970000,
section candidate
no_agent (15.118 s) : 15118000, 15118000
.   : milestone, 15118000,
appsec (15.034 s) : 15034000, 15034000
.   : milestone, 15034000,
iast (18.899 s) : 18899000, 18899000
.   : milestone, 18899000,
iast_GLOBAL (17.943 s) : 17943000, 17943000
.   : milestone, 17943000,
profiling (15.325 s) : 15325000, 15325000
.   : milestone, 15325000,
tracing (15.052 s) : 15052000, 15052000
.   : milestone, 15052000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.464 s [15.464 s, 15.464 s] -
appsec 15.062 s [15.062 s, 15.062 s] -402.0 ms (-2.6%)
iast 19.137 s [19.137 s, 19.137 s] 3.673 s (23.8%)
iast_GLOBAL 17.96 s [17.96 s, 17.96 s] 2.496 s (16.1%)
profiling 15.551 s [15.551 s, 15.551 s] 87.0 ms (0.6%)
tracing 14.97 s [14.97 s, 14.97 s] -494.0 ms (-3.2%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.118 s [15.118 s, 15.118 s] -
appsec 15.034 s [15.034 s, 15.034 s] -84.0 ms (-0.6%)
iast 18.899 s [18.899 s, 18.899 s] 3.781 s (25.0%)
iast_GLOBAL 17.943 s [17.943 s, 17.943 s] 2.825 s (18.7%)
profiling 15.325 s [15.325 s, 15.325 s] 207.0 ms (1.4%)
tracing 15.052 s [15.052 s, 15.052 s] -66.0 ms (-0.4%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.36.0-SNAPSHOT~10fcaf710e, baseline=1.36.0-SNAPSHOT~38271eda58
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.46 ms) : 1449, 1472
.   : milestone, 1460,
appsec (2.202 ms) : 2168, 2235
.   : milestone, 2202,
iast (1.952 ms) : 1911, 1993
.   : milestone, 1952,
iast_GLOBAL (2.005 ms) : 1963, 2046
.   : milestone, 2005,
profiling (1.842 ms) : 1808, 1876
.   : milestone, 1842,
tracing (1.824 ms) : 1792, 1856
.   : milestone, 1824,
section candidate
no_agent (1.464 ms) : 1452, 1475
.   : milestone, 1464,
appsec (2.188 ms) : 2154, 2221
.   : milestone, 2188,
iast (1.945 ms) : 1905, 1986
.   : milestone, 1945,
iast_GLOBAL (2.009 ms) : 1967, 2050
.   : milestone, 2009,
profiling (1.849 ms) : 1815, 1883
.   : milestone, 1849,
tracing (1.83 ms) : 1798, 1863
.   : milestone, 1830,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.46 ms [1.449 ms, 1.472 ms] -
appsec 2.202 ms [2.168 ms, 2.235 ms] 741.257 µs (50.8%)
iast 1.952 ms [1.911 ms, 1.993 ms] 491.563 µs (33.7%)
iast_GLOBAL 2.005 ms [1.963 ms, 2.046 ms] 544.54 µs (37.3%)
profiling 1.842 ms [1.808 ms, 1.876 ms] 382.095 µs (26.2%)
tracing 1.824 ms [1.792 ms, 1.856 ms] 363.55 µs (24.9%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.464 ms [1.452 ms, 1.475 ms] -
appsec 2.188 ms [2.154 ms, 2.221 ms] 724.027 µs (49.5%)
iast 1.945 ms [1.905 ms, 1.986 ms] 481.591 µs (32.9%)
iast_GLOBAL 2.009 ms [1.967 ms, 2.05 ms] 544.826 µs (37.2%)
profiling 1.849 ms [1.815 ms, 1.883 ms] 385.163 µs (26.3%)
tracing 1.83 ms [1.798 ms, 1.863 ms] 366.507 µs (25.0%)

@ValentinZakharov ValentinZakharov force-pushed the vzakharov/ssrf_lfi_addresses branch from 10fcaf7 to ab17313 Compare June 14, 2024 10:14
@ValentinZakharov ValentinZakharov requested review from a team as code owners June 14, 2024 10:14
@ValentinZakharov ValentinZakharov force-pushed the vzakharov/ssrf_lfi_addresses branch from ab17313 to 14dd2b2 Compare June 14, 2024 10:15
@ValentinZakharov ValentinZakharov merged commit fba0450 into master Jun 14, 2024
@ValentinZakharov ValentinZakharov deleted the vzakharov/ssrf_lfi_addresses branch June 14, 2024 10:47
@github-actions github-actions bot added this to the 1.35.1 milestone Jun 14, 2024
@mcculls mcculls modified the milestones: 1.35.1, 1.36.0 Jun 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smola smola smola approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez manuel-alvarez-alvarez approved these changes

@jandro996 jandro996 jandro996 approved these changes

@mcculls mcculls Awaiting requested review from mcculls mcculls was automatically assigned from DataDog/apm-java

@am312 am312 Awaiting requested review from am312 am312 was automatically assigned from DataDog/apm-java

Assignees

@ValentinZakharov ValentinZakharov

Labels

comp: asm waf Application Security Management (WAF) tag: no release notes Changes to exclude from release notes

Projects

None yet

Milestone

1.36.0

Development

Successfully merging this pull request may close these issues.

6 participants

@ValentinZakharov @smola @manuel-alvarez-alvarez @jandro996 @mcculls