diff --git a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/GrpcRequestMessageHandler.java b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/GrpcRequestMessageHandler.java
index cfad9aa9847..9ab09d3dbcc 100644
--- a/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/GrpcRequestMessageHandler.java
+++ b/dd-java-agent/agent-iast/src/main/java/com/datadog/iast/GrpcRequestMessageHandler.java
@@ -46,7 +46,8 @@ public Flow<Void> apply(final RequestContext ctx, final Object o) {
   }
 
   static boolean visitProtobufArtifact(@Nonnull final Class<?> kls) {
-    if (kls.getSuperclass().getName().startsWith(GENERATED_MESSAGE)) {
+    final Class<?> superClass = kls.getSuperclass();
+    if (superClass != null && superClass.getName().startsWith(GENERATED_MESSAGE)) {
       return true; // GRPC custom messages
     }
     if (MAP_FIELD.equals(kls.getName())) {
diff --git a/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/GrpcRequestMessageHandlerTest.groovy b/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/GrpcRequestMessageHandlerTest.groovy
index b8b12ecbd89..093cbb45297 100644
--- a/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/GrpcRequestMessageHandlerTest.groovy
+++ b/dd-java-agent/agent-iast/src/test/groovy/com/datadog/iast/GrpcRequestMessageHandlerTest.groovy
@@ -113,6 +113,14 @@ class GrpcRequestMessageHandlerTest extends IastModuleImplTestBase {
     buildProto3Message() | _
   }
 
+  void 'visitProtobufArtifact handles classes without superclass'() {
+    when:
+    boolean result = GrpcRequestMessageHandler.visitProtobufArtifact(Object)
+
+    then:
+    !result
+  }
+
   private static def buildProto2Message() {
     final child = Test2.Proto2Child.newBuilder()
     .setOptional("optional")