API Security sampling #6923
Draft
API Security sampling #6923
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…panPostProcessor.java Co-authored-by: Stuart McCulloch <[email protected]>
BenchmarksStartupParameters
See matching parameters
SummaryFound 1 performance improvements and 0 performance regressions! Performance is the same for 50 metrics, 12 unstable metrics.
Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.33.0-SNAPSHOT~1cf51e2d2c, baseline=1.34.0-SNAPSHOT~f34dfb52a1
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.075 s) : 0, 1075443
Total [baseline] (8.545 s) : 0, 8545079
Agent [candidate] (1.083 s) : 0, 1082951
Total [candidate] (8.578 s) : 0, 8578386
section iast
Agent [baseline] (1.198 s) : 0, 1197709
Total [baseline] (9.007 s) : 0, 9006846
Agent [candidate] (1.199 s) : 0, 1198921
Total [candidate] (8.998 s) : 0, 8998033
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.197 s) : 0, 1197137
Total [baseline] (8.978 s) : 0, 8977894
Agent [candidate] (1.202 s) : 0, 1201630
Total [candidate] (8.974 s) : 0, 8974189
section iast_TELEMETRY_OFF
Agent [baseline] (1.196 s) : 0, 1196258
Total [baseline] (8.998 s) : 0, 8997555
Agent [candidate] (1.204 s) : 0, 1204267
Total [candidate] (9.011 s) : 0, 9010679
gantt
title insecure-bank - break down per module: candidate=1.33.0-SNAPSHOT~1cf51e2d2c, baseline=1.34.0-SNAPSHOT~f34dfb52a1
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (673.321 ms) : 0, 673321
BytebuddyAgent [candidate] (678.281 ms) : 0, 678281
GlobalTracer [baseline] (310.021 ms) : 0, 310021
GlobalTracer [candidate] (312.13 ms) : 0, 312130
AppSec [baseline] (49.477 ms) : 0, 49477
AppSec [candidate] (49.592 ms) : 0, 49592
Remote Config [baseline] (655.995 µs) : 0, 656
Remote Config [candidate] (666.146 µs) : 0, 666
Telemetry [baseline] (7.579 ms) : 0, 7579
Telemetry [candidate] (7.681 ms) : 0, 7681
section iast
BytebuddyAgent [baseline] (793.964 ms) : 0, 793964
BytebuddyAgent [candidate] (795.018 ms) : 0, 795018
GlobalTracer [baseline] (287.989 ms) : 0, 287989
GlobalTracer [candidate] (288.458 ms) : 0, 288458
AppSec [baseline] (50.258 ms) : 0, 50258
AppSec [candidate] (50.137 ms) : 0, 50137
Remote Config [baseline] (579.191 µs) : 0, 579
Remote Config [candidate] (573.342 µs) : 0, 573
Telemetry [baseline] (8.107 ms) : 0, 8107
Telemetry [candidate] (6.632 ms) : 0, 6632
IAST [baseline] (22.582 ms) : 0, 22582
IAST [candidate] (23.653 ms) : 0, 23653
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (793.507 ms) : 0, 793507
BytebuddyAgent [candidate] (796.203 ms) : 0, 796203
GlobalTracer [baseline] (287.413 ms) : 0, 287413
GlobalTracer [candidate] (289.123 ms) : 0, 289123
AppSec [baseline] (51.556 ms) : 0, 51556
AppSec [candidate] (49.077 ms) : 0, 49077
Remote Config [baseline] (563.449 µs) : 0, 563
Remote Config [candidate] (583.68 µs) : 0, 584
Telemetry [baseline] (6.548 ms) : 0, 6548
Telemetry [candidate] (6.571 ms) : 0, 6571
IAST [baseline] (23.185 ms) : 0, 23185
IAST [candidate] (25.51 ms) : 0, 25510
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (792.551 ms) : 0, 792551
BytebuddyAgent [candidate] (797.729 ms) : 0, 797729
GlobalTracer [baseline] (288.425 ms) : 0, 288425
GlobalTracer [candidate] (290.589 ms) : 0, 290589
AppSec [baseline] (48.797 ms) : 0, 48797
AppSec [candidate] (47.75 ms) : 0, 47750
Remote Config [baseline] (581.322 µs) : 0, 581
Remote Config [candidate] (576.048 µs) : 0, 576
Telemetry [baseline] (8.808 ms) : 0, 8808
Telemetry [candidate] (7.264 ms) : 0, 7264
IAST [baseline] (22.789 ms) : 0, 22789
IAST [candidate] (25.777 ms) : 0, 25777
Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.33.0-SNAPSHOT~1cf51e2d2c, baseline=1.34.0-SNAPSHOT~f34dfb52a1
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.092 s) : 0, 1092001
Total [baseline] (10.498 s) : 0, 10497704
Agent [candidate] (1.075 s) : 0, 1074608
Total [candidate] (10.26 s) : 0, 10260141
section appsec
Agent [baseline] (1.198 s) : 0, 1198435
Total [baseline] (10.427 s) : 0, 10426703
Agent [candidate] (1.205 s) : 0, 1204981
Total [candidate] (10.557 s) : 0, 10556580
section iast
Agent [baseline] (1.199 s) : 0, 1199112
Total [baseline] (10.706 s) : 0, 10706410
Agent [candidate] (1.198 s) : 0, 1197909
Total [candidate] (10.698 s) : 0, 10697882
section profiling
Agent [baseline] (1.276 s) : 0, 1275887
Total [baseline] (10.642 s) : 0, 10641717
Agent [candidate] (1.264 s) : 0, 1264305
Total [candidate] (10.59 s) : 0, 10590490
gantt
title petclinic - break down per module: candidate=1.33.0-SNAPSHOT~1cf51e2d2c, baseline=1.34.0-SNAPSHOT~f34dfb52a1
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (683.927 ms) : 0, 683927
BytebuddyAgent [candidate] (673.467 ms) : 0, 673467
GlobalTracer [baseline] (314.401 ms) : 0, 314401
GlobalTracer [candidate] (309.624 ms) : 0, 309624
AppSec [baseline] (50.414 ms) : 0, 50414
AppSec [candidate] (48.879 ms) : 0, 48879
Remote Config [baseline] (682.211 µs) : 0, 682
Remote Config [candidate] (653.935 µs) : 0, 654
Telemetry [baseline] (7.714 ms) : 0, 7714
Telemetry [candidate] (7.575 ms) : 0, 7575
section appsec
BytebuddyAgent [baseline] (694.195 ms) : 0, 694195
BytebuddyAgent [candidate] (700.269 ms) : 0, 700269
GlobalTracer [baseline] (290.607 ms) : 0, 290607
GlobalTracer [candidate] (294.066 ms) : 0, 294066
AppSec [baseline] (149.529 ms) : 0, 149529
AppSec [candidate] (148.794 ms) : 0, 148794
IAST [baseline] (19.198 ms) : 0, 19198
IAST [candidate] (19.094 ms) : 0, 19094
Remote Config [baseline] (606.369 µs) : 0, 606
Remote Config [candidate] (615.704 µs) : 0, 616
Telemetry [baseline] (9.965 ms) : 0, 9965
Telemetry [candidate] (7.473 ms) : 0, 7473
section iast
BytebuddyAgent [baseline] (794.244 ms) : 0, 794244
BytebuddyAgent [candidate] (794.011 ms) : 0, 794011
GlobalTracer [baseline] (288.404 ms) : 0, 288404
GlobalTracer [candidate] (288.139 ms) : 0, 288139
AppSec [baseline] (50.154 ms) : 0, 50154
AppSec [candidate] (49.803 ms) : 0, 49803
IAST [baseline] (23.339 ms) : 0, 23339
IAST [candidate] (24.492 ms) : 0, 24492
Remote Config [baseline] (571.624 µs) : 0, 572
Remote Config [candidate] (563.887 µs) : 0, 564
Telemetry [baseline] (8.144 ms) : 0, 8144
Telemetry [candidate] (6.567 ms) : 0, 6567
section profiling
BytebuddyAgent [baseline] (682.572 ms) : 0, 682572
BytebuddyAgent [candidate] (675.942 ms) : 0, 675942
GlobalTracer [baseline] (381.756 ms) : 0, 381756
GlobalTracer [candidate] (379.104 ms) : 0, 379104
AppSec [baseline] (50.427 ms) : 0, 50427
AppSec [candidate] (49.495 ms) : 0, 49495
Remote Config [baseline] (719.043 µs) : 0, 719
Remote Config [candidate] (676.358 µs) : 0, 676
Telemetry [baseline] (7.502 ms) : 0, 7502
Telemetry [candidate] (7.401 ms) : 0, 7401
ProfilingAgent [baseline] (96.113 ms) : 0, 96113
ProfilingAgent [candidate] (95.591 ms) : 0, 95591
Profiling [baseline] (96.136 ms) : 0, 96136
Profiling [candidate] (95.615 ms) : 0, 95615
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 17 unstable metrics. Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.33.0-SNAPSHOT~1cf51e2d2c, baseline=1.34.0-SNAPSHOT~f34dfb52a1
dateFormat X
axisFormat %s
section baseline
no_agent (1.331 ms) : 1311, 1350
. : milestone, 1331,
appsec (1.715 ms) : 1690, 1739
. : milestone, 1715,
appsec_no_iast (1.727 ms) : 1702, 1751
. : milestone, 1727,
iast (1.501 ms) : 1479, 1523
. : milestone, 1501,
profiling (1.486 ms) : 1462, 1510
. : milestone, 1486,
tracing (1.483 ms) : 1459, 1507
. : milestone, 1483,
section candidate
no_agent (1.336 ms) : 1317, 1355
. : milestone, 1336,
appsec (1.722 ms) : 1697, 1746
. : milestone, 1722,
appsec_no_iast (1.722 ms) : 1698, 1745
. : milestone, 1722,
iast (1.479 ms) : 1456, 1502
. : milestone, 1479,
profiling (1.524 ms) : 1498, 1551
. : milestone, 1524,
tracing (1.487 ms) : 1463, 1511
. : milestone, 1487,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.33.0-SNAPSHOT~1cf51e2d2c, baseline=1.34.0-SNAPSHOT~f34dfb52a1
dateFormat X
axisFormat %s
section baseline
no_agent (364.387 µs) : 344, 385
. : milestone, 364,
iast (474.487 µs) : 453, 496
. : milestone, 474,
iast_FULL (535.456 µs) : 515, 556
. : milestone, 535,
iast_GLOBAL (495.907 µs) : 474, 518
. : milestone, 496,
iast_HARDCODED_SECRET_DISABLED (469.974 µs) : 448, 492
. : milestone, 470,
iast_INACTIVE (450.148 µs) : 429, 471
. : milestone, 450,
iast_TELEMETRY_OFF (469.62 µs) : 448, 492
. : milestone, 470,
tracing (442.657 µs) : 422, 463
. : milestone, 443,
section candidate
no_agent (368.789 µs) : 349, 388
. : milestone, 369,
iast (477.915 µs) : 456, 499
. : milestone, 478,
iast_FULL (538.443 µs) : 517, 559
. : milestone, 538,
iast_GLOBAL (497.838 µs) : 477, 519
. : milestone, 498,
iast_HARDCODED_SECRET_DISABLED (475.286 µs) : 453, 498
. : milestone, 475,
iast_INACTIVE (446.095 µs) : 425, 467
. : milestone, 446,
iast_TELEMETRY_OFF (466.673 µs) : 446, 487
. : milestone, 467,
tracing (443.308 µs) : 422, 464
. : milestone, 443,
Dacapo |
ValentinZakharov
force-pushed
the
vzakharov/api_sec_sampling
branch
2 times, most recently
from
700ae57
to
640b30d
Compare
ValentinZakharov
force-pushed
the
vzakharov/api_sec_sampling
branch
5 times, most recently
from
7078c4a
to
82f629a
Compare
ValentinZakharov
force-pushed
the
vzakharov/api_sec_sampling
branch
from
82f629a
to
1cf51e2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Does This Do
Introduced API Security sampling mechanism
Motivation
Additional Notes
Jira ticket: [PROJ-IDENT]