Skip to content

Honor in-app blocking settings by default in AI Guard evaluate#10818

Open
smola wants to merge 2 commits intomasterfrom
smola/ai-guard-ui-blocing
Open

Honor in-app blocking settings by default in AI Guard evaluate#10818
smola wants to merge 2 commits intomasterfrom
smola/ai-guard-ui-blocing

Conversation

@smola
Copy link
Member

@smola smola commented Mar 12, 2026

What Does This Do

Change Options.block default from false to true so that evaluate() follows the remote is_blocking_enabled setting without requiring explicit opt-in. Users can still override with new Options().block(false).

Motivation

Additional Notes

Contributor Checklist

Jira ticket: APPSEC-61436

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

@smola @claude
Honor in-app blocking settings by default in AI Guard evaluate
a17224a 
Change Options.block default from false to true so that evaluate() follows
the remote is_blocking_enabled setting without requiring explicit opt-in.
Users can still override with new Options().block(false).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@smola smola added type: enhancement Enhancements and improvements comp: asm waf Application Security Management (WAF) tag: ai generated Largely based on code generated by an AI or LLM labels Mar 12, 2026
@pr-commenter
Copy link

pr-commenter bot commented Mar 12, 2026
edited
Loading

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/ai-guard-ui-blocing
git_commit_date 1773393433 1773394291
git_commit_sha 52d1e19 f1647d5
release_version 1.61.0-SNAPSHOT~52d1e1902e 1.61.0-SNAPSHOT~f1647d5d5e
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1773396028 1773396028
ci_job_id 1503430951 1503430951
ci_pipeline_id 102324630 102324630
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-tynl7doz 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-tynl7doz 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 62 metrics, 9 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.059 s) : 0, 1058873
Total [baseline] (11.096 s) : 0, 11096432
Agent [candidate] (1.056 s) : 0, 1056174
Total [candidate] (11.075 s) : 0, 11074794
section appsec
Agent [baseline] (1.246 s) : 0, 1245569
Total [baseline] (11.132 s) : 0, 11132324
Agent [candidate] (1.251 s) : 0, 1250569
Total [candidate] (11.083 s) : 0, 11083474
section iast
Agent [baseline] (1.232 s) : 0, 1232194
Total [baseline] (11.324 s) : 0, 11324333
Agent [candidate] (1.245 s) : 0, 1245192
Total [candidate] (11.357 s) : 0, 11356921
section profiling
Agent [baseline] (1.186 s) : 0, 1185593
Total [baseline] (11.045 s) : 0, 11045071
Agent [candidate] (1.18 s) : 0, 1180418
Total [candidate] (10.99 s) : 0, 10989629
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.059 s -
Agent appsec 1.246 s 186.696 ms (17.6%)
Agent iast 1.232 s 173.321 ms (16.4%)
Agent profiling 1.186 s 126.72 ms (12.0%)
Total tracing 11.096 s -
Total appsec 11.132 s 35.892 ms (0.3%)
Total iast 11.324 s 227.901 ms (2.1%)
Total profiling 11.045 s -51.361 ms (-0.5%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.056 s -
Agent appsec 1.251 s 194.395 ms (18.4%)
Agent iast 1.245 s 189.018 ms (17.9%)
Agent profiling 1.18 s 124.244 ms (11.8%)
Total tracing 11.075 s -
Total appsec 11.083 s 8.68 ms (0.1%)
Total iast 11.357 s 282.127 ms (2.5%)
Total profiling 10.99 s -85.166 ms (-0.8%) 
gantt
    title petclinic - break down per module: candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.203 ms) : 0, 1203
crashtracking [candidate] (1.186 ms) : 0, 1186
BytebuddyAgent [baseline] (628.611 ms) : 0, 628611
BytebuddyAgent [candidate] (626.212 ms) : 0, 626212
AgentMeter [baseline] (29.075 ms) : 0, 29075
AgentMeter [candidate] (29.002 ms) : 0, 29002
GlobalTracer [baseline] (257.31 ms) : 0, 257310
GlobalTracer [candidate] (256.211 ms) : 0, 256211
AppSec [baseline] (31.499 ms) : 0, 31499
AppSec [candidate] (31.363 ms) : 0, 31363
Debugger [baseline] (59.367 ms) : 0, 59367
Debugger [candidate] (59.268 ms) : 0, 59268
Remote Config [baseline] (619.241 µs) : 0, 619
Remote Config [candidate] (612.901 µs) : 0, 613
Telemetry [baseline] (8.601 ms) : 0, 8601
Telemetry [candidate] (8.593 ms) : 0, 8593
Flare Poller [baseline] (6.559 ms) : 0, 6559
Flare Poller [candidate] (7.891 ms) : 0, 7891
section appsec
crashtracking [baseline] (1.195 ms) : 0, 1195
crashtracking [candidate] (1.206 ms) : 0, 1206
BytebuddyAgent [baseline] (657.874 ms) : 0, 657874
BytebuddyAgent [candidate] (660.768 ms) : 0, 660768
AgentMeter [baseline] (12.063 ms) : 0, 12063
AgentMeter [candidate] (12.079 ms) : 0, 12079
GlobalTracer [baseline] (257.839 ms) : 0, 257839
GlobalTracer [candidate] (258.999 ms) : 0, 258999
IAST [baseline] (23.95 ms) : 0, 23950
IAST [candidate] (24.186 ms) : 0, 24186
AppSec [baseline] (177.32 ms) : 0, 177320
AppSec [candidate] (177.992 ms) : 0, 177992
Debugger [baseline] (65.975 ms) : 0, 65975
Debugger [candidate] (65.923 ms) : 0, 65923
Remote Config [baseline] (570.003 µs) : 0, 570
Remote Config [candidate] (569.149 µs) : 0, 569
Telemetry [baseline] (8.952 ms) : 0, 8952
Telemetry [candidate] (9.003 ms) : 0, 9003
Flare Poller [baseline] (3.627 ms) : 0, 3627
Flare Poller [candidate] (3.614 ms) : 0, 3614
section iast
crashtracking [baseline] (1.199 ms) : 0, 1199
crashtracking [candidate] (1.225 ms) : 0, 1225
BytebuddyAgent [baseline] (800.974 ms) : 0, 800974
BytebuddyAgent [candidate] (808.64 ms) : 0, 808640
AgentMeter [baseline] (11.592 ms) : 0, 11592
AgentMeter [candidate] (11.933 ms) : 0, 11933
GlobalTracer [baseline] (247.339 ms) : 0, 247339
GlobalTracer [candidate] (250.269 ms) : 0, 250269
IAST [baseline] (25.025 ms) : 0, 25025
IAST [candidate] (25.612 ms) : 0, 25612
AppSec [baseline] (26.344 ms) : 0, 26344
AppSec [candidate] (26.911 ms) : 0, 26911
Debugger [baseline] (63.607 ms) : 0, 63607
Debugger [candidate] (64.653 ms) : 0, 64653
Remote Config [baseline] (500.634 µs) : 0, 501
Remote Config [candidate] (522.072 µs) : 0, 522
Telemetry [baseline] (14.633 ms) : 0, 14633
Telemetry [candidate] (14.279 ms) : 0, 14279
Flare Poller [baseline] (4.875 ms) : 0, 4875
Flare Poller [candidate] (4.806 ms) : 0, 4806
section profiling
crashtracking [baseline] (1.183 ms) : 0, 1183
crashtracking [candidate] (1.175 ms) : 0, 1175
BytebuddyAgent [baseline] (684.964 ms) : 0, 684964
BytebuddyAgent [candidate] (681.266 ms) : 0, 681266
AgentMeter [baseline] (8.644 ms) : 0, 8644
AgentMeter [candidate] (8.566 ms) : 0, 8566
GlobalTracer [baseline] (215.795 ms) : 0, 215795
GlobalTracer [candidate] (214.968 ms) : 0, 214968
AppSec [baseline] (31.988 ms) : 0, 31988
AppSec [candidate] (31.893 ms) : 0, 31893
Debugger [baseline] (62.336 ms) : 0, 62336
Debugger [candidate] (63.549 ms) : 0, 63549
Remote Config [baseline] (584.363 µs) : 0, 584
Remote Config [candidate] (593.489 µs) : 0, 593
Telemetry [baseline] (10.551 ms) : 0, 10551
Telemetry [candidate] (9.035 ms) : 0, 9035
Flare Poller [baseline] (4.346 ms) : 0, 4346
Flare Poller [candidate] (4.23 ms) : 0, 4230
ProfilingAgent [baseline] (94.145 ms) : 0, 94145
ProfilingAgent [candidate] (94.508 ms) : 0, 94508
Profiling [baseline] (94.716 ms) : 0, 94716
Profiling [candidate] (95.079 ms) : 0, 95079
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.071 s) : 0, 1071081
Total [baseline] (8.878 s) : 0, 8878482
Agent [candidate] (1.057 s) : 0, 1057070
Total [candidate] (8.858 s) : 0, 8857559
section iast
Agent [baseline] (1.227 s) : 0, 1226681
Total [baseline] (9.572 s) : 0, 9571546
Agent [candidate] (1.227 s) : 0, 1226549
Total [candidate] (9.576 s) : 0, 9575510
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.071 s -
Agent iast 1.227 s 155.599 ms (14.5%)
Total tracing 8.878 s -
Total iast 9.572 s 693.064 ms (7.8%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.057 s -
Agent iast 1.227 s 169.479 ms (16.0%)
Total tracing 8.858 s -
Total iast 9.576 s 717.951 ms (8.1%) 
gantt
    title insecure-bank - break down per module: candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.247 ms) : 0, 1247
crashtracking [candidate] (1.197 ms) : 0, 1197
BytebuddyAgent [baseline] (636.533 ms) : 0, 636533
BytebuddyAgent [candidate] (628.659 ms) : 0, 628659
AgentMeter [baseline] (29.136 ms) : 0, 29136
AgentMeter [candidate] (28.942 ms) : 0, 28942
GlobalTracer [baseline] (258.554 ms) : 0, 258554
GlobalTracer [candidate] (257.117 ms) : 0, 257117
AppSec [baseline] (31.78 ms) : 0, 31780
AppSec [candidate] (31.461 ms) : 0, 31461
Debugger [baseline] (59.344 ms) : 0, 59344
Debugger [candidate] (58.795 ms) : 0, 58795
Remote Config [baseline] (620.972 µs) : 0, 621
Remote Config [candidate] (619.292 µs) : 0, 619
Telemetry [baseline] (8.743 ms) : 0, 8743
Telemetry [candidate] (8.652 ms) : 0, 8652
Flare Poller [baseline] (8.789 ms) : 0, 8789
Flare Poller [candidate] (5.659 ms) : 0, 5659
section iast
crashtracking [baseline] (1.203 ms) : 0, 1203
crashtracking [candidate] (1.212 ms) : 0, 1212
BytebuddyAgent [baseline] (796.389 ms) : 0, 796389
BytebuddyAgent [candidate] (795.128 ms) : 0, 795128
AgentMeter [baseline] (11.348 ms) : 0, 11348
AgentMeter [candidate] (11.331 ms) : 0, 11331
GlobalTracer [baseline] (247.215 ms) : 0, 247215
GlobalTracer [candidate] (247.548 ms) : 0, 247548
IAST [baseline] (25.128 ms) : 0, 25128
IAST [candidate] (25.212 ms) : 0, 25212
AppSec [baseline] (28.084 ms) : 0, 28084
AppSec [candidate] (26.491 ms) : 0, 26491
Debugger [baseline] (60.947 ms) : 0, 60947
Debugger [candidate] (63.335 ms) : 0, 63335
Remote Config [baseline] (516.828 µs) : 0, 517
Remote Config [candidate] (521.306 µs) : 0, 521
Telemetry [baseline] (14.861 ms) : 0, 14861
Telemetry [candidate] (14.851 ms) : 0, 14851
Flare Poller [baseline] (4.884 ms) : 0, 4884
Flare Poller [candidate] (4.91 ms) : 0, 4910
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/ai-guard-ui-blocing
git_commit_date 1773393433 1773394291
git_commit_sha 52d1e19 f1647d5
release_version 1.61.0-SNAPSHOT~52d1e1902e 1.61.0-SNAPSHOT~f1647d5d5e
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1773396507 1773396507
ci_job_id 1503430952 1503430952
ci_pipeline_id 102324630 102324630
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-0yu72pw5 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-0yu72pw5 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 1 performance regressions! Performance is the same for 18 metrics, 16 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:petclinic:iast:high_load better
[-858.983µs; -458.714µs] or [-4.841%; -2.585%]		 same
[-1299.645µs; +40.137µs] or [-4.461%; +0.138%]		 unstable
[-18.676op/s; +33.238op/s] or [-7.246%; +12.896%]		 17.086ms 28.504ms 265.031op/s 17.745ms 29.133ms 257.750op/s
scenario:load:petclinic:no_agent:high_load worse
[+1.172ms; +2.676ms] or [+7.098%; +16.212%]		 unstable
[+0.783ms; +4.487ms] or [+2.762%; +15.836%]		 unstable
[-58.721op/s; -1.216op/s] or [-21.293%; -0.441%]		 18.433ms 30.968ms 245.812op/s 16.509ms 28.333ms 275.781op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.181 ms) : 1169, 1192
.   : milestone, 1181,
iast (3.22 ms) : 3173, 3267
.   : milestone, 3220,
iast_FULL (5.845 ms) : 5786, 5903
.   : milestone, 5845,
iast_GLOBAL (3.522 ms) : 3468, 3575
.   : milestone, 3522,
profiling (2.017 ms) : 2000, 2034
.   : milestone, 2017,
tracing (1.789 ms) : 1772, 1805
.   : milestone, 1789,
section candidate
no_agent (1.185 ms) : 1173, 1196
.   : milestone, 1185,
iast (3.231 ms) : 3186, 3277
.   : milestone, 3231,
iast_FULL (5.755 ms) : 5698, 5811
.   : milestone, 5755,
iast_GLOBAL (3.444 ms) : 3392, 3496
.   : milestone, 3444,
profiling (1.974 ms) : 1957, 1990
.   : milestone, 1974,
tracing (1.788 ms) : 1772, 1803
.   : milestone, 1788,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.181 ms [1.169 ms, 1.192 ms] -
iast 3.22 ms [3.173 ms, 3.267 ms] 2.039 ms (172.7%)
iast_FULL 5.845 ms [5.786 ms, 5.903 ms] 4.664 ms (395.1%)
iast_GLOBAL 3.522 ms [3.468 ms, 3.575 ms] 2.341 ms (198.3%)
profiling 2.017 ms [2.0 ms, 2.034 ms] 836.475 µs (70.8%)
tracing 1.789 ms [1.772 ms, 1.805 ms] 607.842 µs (51.5%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.185 ms [1.173 ms, 1.196 ms] -
iast 3.231 ms [3.186 ms, 3.277 ms] 2.046 ms (172.7%)
iast_FULL 5.755 ms [5.698 ms, 5.811 ms] 4.57 ms (385.6%)
iast_GLOBAL 3.444 ms [3.392 ms, 3.496 ms] 2.259 ms (190.6%)
profiling 1.974 ms [1.957 ms, 1.99 ms] 788.679 µs (66.6%)
tracing 1.788 ms [1.772 ms, 1.803 ms] 602.806 µs (50.9%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e
    dateFormat X
    axisFormat %s
section baseline
no_agent (16.916 ms) : 16745, 17086
.   : milestone, 16916,
appsec (18.352 ms) : 18169, 18536
.   : milestone, 18352,
code_origins (17.713 ms) : 17534, 17893
.   : milestone, 17713,
iast (18.103 ms) : 17920, 18286
.   : milestone, 18103,
profiling (18.687 ms) : 18502, 18872
.   : milestone, 18687,
tracing (17.786 ms) : 17608, 17965
.   : milestone, 17786,
section candidate
no_agent (18.992 ms) : 18793, 19190
.   : milestone, 18992,
appsec (18.428 ms) : 18238, 18619
.   : milestone, 18428,
code_origins (17.946 ms) : 17766, 18127
.   : milestone, 17946,
iast (17.603 ms) : 17427, 17780
.   : milestone, 17603,
profiling (18.622 ms) : 18437, 18807
.   : milestone, 18622,
tracing (18.104 ms) : 17924, 18285
.   : milestone, 18104,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 16.916 ms [16.745 ms, 17.086 ms] -
appsec 18.352 ms [18.169 ms, 18.536 ms] 1.437 ms (8.5%)
code_origins 17.713 ms [17.534 ms, 17.893 ms] 797.75 µs (4.7%)
iast 18.103 ms [17.92 ms, 18.286 ms] 1.188 ms (7.0%)
profiling 18.687 ms [18.502 ms, 18.872 ms] 1.771 ms (10.5%)
tracing 17.786 ms [17.608 ms, 17.965 ms] 870.643 µs (5.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 18.992 ms [18.793 ms, 19.19 ms] -
appsec 18.428 ms [18.238 ms, 18.619 ms] -563.035 µs (-3.0%)
code_origins 17.946 ms [17.766 ms, 18.127 ms] -1.045 ms (-5.5%)
iast 17.603 ms [17.427 ms, 17.78 ms] -1.388 ms (-7.3%)
profiling 18.622 ms [18.437 ms, 18.807 ms] -369.621 µs (-1.9%)
tracing 18.104 ms [17.924 ms, 18.285 ms] -887.036 µs (-4.7%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master smola/ai-guard-ui-blocing
git_commit_date 1773393433 1773394291
git_commit_sha 52d1e19 f1647d5
release_version 1.61.0-SNAPSHOT~52d1e1902e 1.61.0-SNAPSHOT~f1647d5d5e
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1773396364 1773396364
ci_job_id 1503430953 1503430953
ci_pipeline_id 102324630 102324630
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-1-qokr7j5h 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-1-qokr7j5h 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 0 unstable metrics.

scenario Δ mean execution_time candidate mean execution_time baseline mean execution_time
scenario:dacapo:tomcat:appsec better
[-1.437ms; -1.091ms] or [-37.918%; -28.796%]		 2.525ms 3.789ms
Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e
    dateFormat X
    axisFormat %s
section baseline
no_agent (14.998 s) : 14998000, 14998000
.   : milestone, 14998000,
appsec (15.041 s) : 15041000, 15041000
.   : milestone, 15041000,
iast (18.359 s) : 18359000, 18359000
.   : milestone, 18359000,
iast_GLOBAL (17.728 s) : 17728000, 17728000
.   : milestone, 17728000,
profiling (15.227 s) : 15227000, 15227000
.   : milestone, 15227000,
tracing (15.297 s) : 15297000, 15297000
.   : milestone, 15297000,
section candidate
no_agent (15.301 s) : 15301000, 15301000
.   : milestone, 15301000,
appsec (14.898 s) : 14898000, 14898000
.   : milestone, 14898000,
iast (17.798 s) : 17798000, 17798000
.   : milestone, 17798000,
iast_GLOBAL (17.694 s) : 17694000, 17694000
.   : milestone, 17694000,
profiling (15.567 s) : 15567000, 15567000
.   : milestone, 15567000,
tracing (15.289 s) : 15289000, 15289000
.   : milestone, 15289000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 14.998 s [14.998 s, 14.998 s] -
appsec 15.041 s [15.041 s, 15.041 s] 43.0 ms (0.3%)
iast 18.359 s [18.359 s, 18.359 s] 3.361 s (22.4%)
iast_GLOBAL 17.728 s [17.728 s, 17.728 s] 2.73 s (18.2%)
profiling 15.227 s [15.227 s, 15.227 s] 229.0 ms (1.5%)
tracing 15.297 s [15.297 s, 15.297 s] 299.0 ms (2.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.301 s [15.301 s, 15.301 s] -
appsec 14.898 s [14.898 s, 14.898 s] -403.0 ms (-2.6%)
iast 17.798 s [17.798 s, 17.798 s] 2.497 s (16.3%)
iast_GLOBAL 17.694 s [17.694 s, 17.694 s] 2.393 s (15.6%)
profiling 15.567 s [15.567 s, 15.567 s] 266.0 ms (1.7%)
tracing 15.289 s [15.289 s, 15.289 s] -12.0 ms (-0.1%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.61.0-SNAPSHOT~f1647d5d5e, baseline=1.61.0-SNAPSHOT~52d1e1902e
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.473 ms) : 1461, 1484
.   : milestone, 1473,
appsec (3.789 ms) : 3569, 4009
.   : milestone, 3789,
iast (2.252 ms) : 2183, 2321
.   : milestone, 2252,
iast_GLOBAL (2.3 ms) : 2231, 2370
.   : milestone, 2300,
profiling (2.08 ms) : 2025, 2135
.   : milestone, 2080,
tracing (2.062 ms) : 2009, 2116
.   : milestone, 2062,
section candidate
no_agent (1.468 ms) : 1457, 1480
.   : milestone, 1468,
appsec (2.525 ms) : 2470, 2580
.   : milestone, 2525,
iast (2.247 ms) : 2179, 2316
.   : milestone, 2247,
iast_GLOBAL (2.297 ms) : 2227, 2366
.   : milestone, 2297,
profiling (2.107 ms) : 2050, 2163
.   : milestone, 2107,
tracing (2.061 ms) : 2008, 2115
.   : milestone, 2061,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.473 ms [1.461 ms, 1.484 ms] -
appsec 3.789 ms [3.569 ms, 4.009 ms] 2.316 ms (157.3%)
iast 2.252 ms [2.183 ms, 2.321 ms] 779.543 µs (52.9%)
iast_GLOBAL 2.3 ms [2.231 ms, 2.37 ms] 827.605 µs (56.2%)
profiling 2.08 ms [2.025 ms, 2.135 ms] 607.255 µs (41.2%)
tracing 2.062 ms [2.009 ms, 2.116 ms] 589.578 µs (40.0%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.468 ms [1.457 ms, 1.48 ms] -
appsec 2.525 ms [2.47 ms, 2.58 ms] 1.057 ms (72.0%)
iast 2.247 ms [2.179 ms, 2.316 ms] 779.098 µs (53.1%)
iast_GLOBAL 2.297 ms [2.227 ms, 2.366 ms] 828.12 µs (56.4%)
profiling 2.107 ms [2.05 ms, 2.163 ms] 638.317 µs (43.5%)
tracing 2.061 ms [2.008 ms, 2.115 ms] 592.94 µs (40.4%)

@smola smola mentioned this pull request Mar 12, 2026
Open
@smola smola marked this pull request as ready for review March 13, 2026 10:28
@smola smola requested a review from a team as a code owner March 13, 2026 10:28
@smola smola requested review from claponcet and jandro996 March 13, 2026 10:28
jandro996
jandro996 approved these changes Mar 13, 2026
View reviewed changes
Copy link
Member

@jandro996 jandro996 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@smola
Copy link
Member Author

smola commented Mar 13, 2026

/merge

@gh-worker-devflow-routing-ef8351
Copy link

gh-worker-devflow-routing-ef8351 bot commented Mar 13, 2026
edited
Loading

View all feedbacks in Devflow UI.

2026-03-13 12:22:05 UTC ℹ️ Start processing command /merge
Use /merge -c to cancel this operation!

2026-03-13 12:22:09 UTC ℹ️ MergeQueue: pull request added to the queue

The expected merge time in master is approximately 2h (p90).

Use /merge -c to cancel this operation!

⏳ Processing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jandro996 jandro996 jandro996 approved these changes

@claponcet claponcet Awaiting requested review from claponcet claponcet is a code owner automatically assigned from DataDog/asm-java

Assignees

No one assigned

Labels

comp: asm waf Application Security Management (WAF) tag: ai generated Largely based on code generated by an AI or LLM type: enhancement Enhancements and improvements

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@smola @jandro996