Skip to content

Always collect response headers in span when AppSec is enabled#10648

Merged
gh-worker-dd-mergequeue-cf854d[bot] merged 1 commit intomasterfrom
alejandro.gonzalez/APPSEC-61289
Feb 20, 2026
Merged

Always collect response headers in span when AppSec is enabled#10648
gh-worker-dd-mergequeue-cf854d[bot] merged 1 commit intomasterfrom
alejandro.gonzalez/APPSEC-61289

Conversation

@jandro996
Copy link
Copy Markdown
Member

@jandro996 jandro996 commented Feb 20, 2026
edited
Loading

What Does This Do

Writes response headers (content-type, content-length, content-encoding, content-language) into the span for every request when AppSec is enabled, not just when a WAF event is detected.

Motivation

Additional Notes

Contributor Checklist

Jira ticket: [APPSEC-61289]

Note: Once your PR is ready to merge, add it to the merge queue by commenting /merge. /merge -c cancels the queue request. /merge -f --reason "reason" skips all merge queue checks; please use this judiciously, as some checks do not run at the PR-level. For more information, see this doc.

@jandro996 jandro996 requested a review from a team as a code owner February 20, 2026 09:39
@jandro996 jandro996 added the type: bug Bug report and fix label Feb 20, 2026
@jandro996 jandro996 added the comp: asm waf Application Security Management (WAF) label Feb 20, 2026
@pr-commenter
Copy link
Copy Markdown

pr-commenter Bot commented Feb 20, 2026

Benchmarks

Startup

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-61289
git_commit_date 1771530866 1771579541
git_commit_sha af8b844 b4d4f60
release_version 1.60.0-SNAPSHOT~af8b84438c 1.60.0-SNAPSHOT~b4d4f60b93
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1771581415 1771581415
ci_job_id 1442249839 1442249839
ci_pipeline_id 97801833 97801833
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-70f2cgpy 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-70f2cgpy 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module Agent Agent
parent None None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 60 metrics, 11 unstable metrics.

Startup time reports for petclinic 
gantt
    title petclinic - global startup overhead: candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.063 s) : 0, 1062763
Total [baseline] (10.815 s) : 0, 10815461
Agent [candidate] (1.067 s) : 0, 1066889
Total [candidate] (10.841 s) : 0, 10840510
section appsec
Agent [baseline] (1.239 s) : 0, 1238841
Total [baseline] (11.05 s) : 0, 11049913
Agent [candidate] (1.24 s) : 0, 1240032
Total [candidate] (10.997 s) : 0, 10997407
section iast
Agent [baseline] (1.232 s) : 0, 1231656
Total [baseline] (11.173 s) : 0, 11172916
Agent [candidate] (1.232 s) : 0, 1231727
Total [candidate] (11.23 s) : 0, 11229920
section profiling
Agent [baseline] (1.19 s) : 0, 1190398
Total [baseline] (10.908 s) : 0, 10908076
Agent [candidate] (1.192 s) : 0, 1192346
Total [candidate] (10.882 s) : 0, 10882374
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.063 s -
Agent appsec 1.239 s 176.077 ms (16.6%)
Agent iast 1.232 s 168.892 ms (15.9%)
Agent profiling 1.19 s 127.635 ms (12.0%)
Total tracing 10.815 s -
Total appsec 11.05 s 234.453 ms (2.2%)
Total iast 11.173 s 357.455 ms (3.3%)
Total profiling 10.908 s 92.615 ms (0.9%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.067 s -
Agent appsec 1.24 s 173.143 ms (16.2%)
Agent iast 1.232 s 164.838 ms (15.5%)
Agent profiling 1.192 s 125.457 ms (11.8%)
Total tracing 10.841 s -
Total appsec 10.997 s 156.897 ms (1.4%)
Total iast 11.23 s 389.41 ms (3.6%)
Total profiling 10.882 s 41.864 ms (0.4%) 
gantt
    title petclinic - break down per module: candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.199 ms) : 0, 1199
crashtracking [candidate] (1.194 ms) : 0, 1194
BytebuddyAgent [baseline] (626.39 ms) : 0, 626390
BytebuddyAgent [candidate] (628.975 ms) : 0, 628975
AgentMeter [baseline] (29.052 ms) : 0, 29052
AgentMeter [candidate] (29.048 ms) : 0, 29048
GlobalTracer [baseline] (257.224 ms) : 0, 257224
GlobalTracer [candidate] (257.891 ms) : 0, 257891
AppSec [baseline] (33.124 ms) : 0, 33124
AppSec [candidate] (32.966 ms) : 0, 32966
Debugger [baseline] (64.59 ms) : 0, 64590
Debugger [candidate] (65.949 ms) : 0, 65949
Remote Config [baseline] (624.972 µs) : 0, 625
Remote Config [candidate] (625.541 µs) : 0, 626
Telemetry [baseline] (9.973 ms) : 0, 9973
Telemetry [candidate] (10.537 ms) : 0, 10537
Flare Poller [baseline] (4.575 ms) : 0, 4575
Flare Poller [candidate] (3.718 ms) : 0, 3718
section appsec
crashtracking [baseline] (1.201 ms) : 0, 1201
crashtracking [candidate] (1.195 ms) : 0, 1195
BytebuddyAgent [baseline] (658.402 ms) : 0, 658402
BytebuddyAgent [candidate] (660.015 ms) : 0, 660015
AgentMeter [baseline] (11.912 ms) : 0, 11912
AgentMeter [candidate] (11.923 ms) : 0, 11923
GlobalTracer [baseline] (257.833 ms) : 0, 257833
GlobalTracer [candidate] (257.986 ms) : 0, 257986
AppSec [baseline] (167.921 ms) : 0, 167921
AppSec [candidate] (167.438 ms) : 0, 167438
Debugger [baseline] (66.588 ms) : 0, 66588
Debugger [candidate] (66.518 ms) : 0, 66518
Remote Config [baseline] (646.163 µs) : 0, 646
Remote Config [candidate] (674.986 µs) : 0, 675
Telemetry [baseline] (9.36 ms) : 0, 9360
Telemetry [candidate] (9.33 ms) : 0, 9330
Flare Poller [baseline] (3.62 ms) : 0, 3620
Flare Poller [candidate] (3.681 ms) : 0, 3681
IAST [baseline] (25.413 ms) : 0, 25413
IAST [candidate] (25.268 ms) : 0, 25268
section iast
crashtracking [baseline] (1.187 ms) : 0, 1187
crashtracking [candidate] (1.191 ms) : 0, 1191
BytebuddyAgent [baseline] (795.674 ms) : 0, 795674
BytebuddyAgent [candidate] (795.762 ms) : 0, 795762
AgentMeter [baseline] (11.317 ms) : 0, 11317
AgentMeter [candidate] (11.3 ms) : 0, 11300
GlobalTracer [baseline] (247.55 ms) : 0, 247550
GlobalTracer [candidate] (247.766 ms) : 0, 247766
AppSec [baseline] (32.175 ms) : 0, 32175
AppSec [candidate] (33.104 ms) : 0, 33104
Debugger [baseline] (68.005 ms) : 0, 68005
Debugger [candidate] (67.142 ms) : 0, 67142
Remote Config [baseline] (534.392 µs) : 0, 534
Remote Config [candidate] (539.995 µs) : 0, 540
Telemetry [baseline] (8.643 ms) : 0, 8643
Telemetry [candidate] (8.517 ms) : 0, 8517
Flare Poller [baseline] (3.504 ms) : 0, 3504
Flare Poller [candidate] (3.41 ms) : 0, 3410
IAST [baseline] (27.212 ms) : 0, 27212
IAST [candidate] (27.079 ms) : 0, 27079
section profiling
ProfilingAgent [baseline] (100.351 ms) : 0, 100351
ProfilingAgent [candidate] (99.227 ms) : 0, 99227
crashtracking [baseline] (1.176 ms) : 0, 1176
crashtracking [candidate] (1.176 ms) : 0, 1176
BytebuddyAgent [baseline] (680.947 ms) : 0, 680947
BytebuddyAgent [candidate] (682.263 ms) : 0, 682263
AgentMeter [baseline] (8.528 ms) : 0, 8528
AgentMeter [candidate] (8.597 ms) : 0, 8597
GlobalTracer [baseline] (215.785 ms) : 0, 215785
GlobalTracer [candidate] (216.789 ms) : 0, 216789
AppSec [baseline] (32.538 ms) : 0, 32538
AppSec [candidate] (32.931 ms) : 0, 32931
Debugger [baseline] (67.118 ms) : 0, 67118
Debugger [candidate] (67.291 ms) : 0, 67291
Remote Config [baseline] (664.903 µs) : 0, 665
Remote Config [candidate] (635.575 µs) : 0, 636
Telemetry [baseline] (8.955 ms) : 0, 8955
Telemetry [candidate] (8.992 ms) : 0, 8992
Flare Poller [baseline] (3.748 ms) : 0, 3748
Flare Poller [candidate] (3.819 ms) : 0, 3819
Profiling [baseline] (100.934 ms) : 0, 100934
Profiling [candidate] (99.804 ms) : 0, 99804
Loading
Startup time reports for insecure-bank 
gantt
    title insecure-bank - global startup overhead: candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.061 s) : 0, 1060735
Total [baseline] (8.742 s) : 0, 8742146
Agent [candidate] (1.063 s) : 0, 1062726
Total [candidate] (8.717 s) : 0, 8716889
section iast
Agent [baseline] (1.228 s) : 0, 1228436
Total [baseline] (9.359 s) : 0, 9359057
Agent [candidate] (1.231 s) : 0, 1230895
Total [candidate] (9.398 s) : 0, 9397946
Loading
  • baseline results
Module Variant Duration Δ tracing
Agent tracing 1.061 s -
Agent iast 1.228 s 167.701 ms (15.8%)
Total tracing 8.742 s -
Total iast 9.359 s 616.911 ms (7.1%)
  • candidate results
Module Variant Duration Δ tracing
Agent tracing 1.063 s -
Agent iast 1.231 s 168.17 ms (15.8%)
Total tracing 8.717 s -
Total iast 9.398 s 681.056 ms (7.8%) 
gantt
    title insecure-bank - break down per module: candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.202 ms) : 0, 1202
crashtracking [candidate] (1.206 ms) : 0, 1206
BytebuddyAgent [baseline] (627.07 ms) : 0, 627070
BytebuddyAgent [candidate] (626.372 ms) : 0, 626372
AgentMeter [baseline] (29.119 ms) : 0, 29119
AgentMeter [candidate] (29.01 ms) : 0, 29010
GlobalTracer [baseline] (257.136 ms) : 0, 257136
GlobalTracer [candidate] (257.146 ms) : 0, 257146
AppSec [baseline] (32.921 ms) : 0, 32921
AppSec [candidate] (33.059 ms) : 0, 33059
Debugger [baseline] (60.595 ms) : 0, 60595
Debugger [candidate] (64.095 ms) : 0, 64095
Remote Config [baseline] (633.052 µs) : 0, 633
Remote Config [candidate] (631.16 µs) : 0, 631
Telemetry [baseline] (10.692 ms) : 0, 10692
Telemetry [candidate] (9.797 ms) : 0, 9797
Flare Poller [baseline] (5.314 ms) : 0, 5314
Flare Poller [candidate] (5.411 ms) : 0, 5411
section iast
crashtracking [baseline] (1.198 ms) : 0, 1198
crashtracking [candidate] (1.202 ms) : 0, 1202
BytebuddyAgent [baseline] (793.426 ms) : 0, 793426
BytebuddyAgent [candidate] (795.492 ms) : 0, 795492
AgentMeter [baseline] (11.274 ms) : 0, 11274
AgentMeter [candidate] (11.271 ms) : 0, 11271
GlobalTracer [baseline] (247.223 ms) : 0, 247223
GlobalTracer [candidate] (248.073 ms) : 0, 248073
IAST [baseline] (27.166 ms) : 0, 27166
IAST [candidate] (27.167 ms) : 0, 27167
AppSec [baseline] (32.207 ms) : 0, 32207
AppSec [candidate] (33.149 ms) : 0, 33149
Debugger [baseline] (67.372 ms) : 0, 67372
Debugger [candidate] (66.042 ms) : 0, 66042
Remote Config [baseline] (535.294 µs) : 0, 535
Remote Config [candidate] (538.093 µs) : 0, 538
Telemetry [baseline] (8.626 ms) : 0, 8626
Telemetry [candidate] (8.63 ms) : 0, 8630
Flare Poller [baseline] (3.459 ms) : 0, 3459
Flare Poller [candidate] (3.439 ms) : 0, 3439
Loading

Load

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-61289
git_commit_date 1771530866 1771579541
git_commit_sha af8b844 b4d4f60
release_version 1.60.0-SNAPSHOT~af8b84438c 1.60.0-SNAPSHOT~b4d4f60b93
See matching parameters
Baseline Candidate
application insecure-bank insecure-bank
ci_job_date 1771581909 1771581909
ci_job_id 1442249840 1442249840
ci_pipeline_id 97801833 97801833
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-8x6hvogv 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-8x6hvogv 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 5 performance improvements and 2 performance regressions! Performance is the same for 14 metrics, 15 unstable metrics.

scenario Δ mean agg_http_req_duration_p50 Δ mean agg_http_req_duration_p95 Δ mean throughput candidate mean agg_http_req_duration_p50 candidate mean agg_http_req_duration_p95 candidate mean throughput baseline mean agg_http_req_duration_p50 baseline mean agg_http_req_duration_p95 baseline mean throughput
scenario:load:insecure-bank:iast_FULL:high_load better
[-494.740µs; -211.742µs] or [-9.117%; -3.902%]		 better
[-1071.113µs; -271.143µs] or [-8.355%; -2.115%]		 unstable
[-33.020op/s; +120.770op/s] or [-4.322%; +15.806%]		 5.073ms 12.149ms 807.938op/s 5.427ms 12.820ms 764.062op/s
scenario:load:petclinic:tracing:high_load worse
[+543.098µs; +1002.941µs] or [+3.244%; +5.990%]		 worse
[+0.646ms; +1.805ms] or [+2.336%; +6.531%]		 unstable
[-39.968op/s; +19.843op/s] or [-14.774%; +7.335%]		 17.516ms 28.859ms 260.469op/s 16.743ms 27.634ms 270.531op/s
scenario:load:petclinic:profiling:high_load better
[-1.794ms; -0.760ms] or [-9.294%; -3.937%]		 unsure
[-2.181ms; -0.555ms] or [-7.106%; -1.809%]		 unstable
[-13.199op/s; +42.761op/s] or [-5.533%; +17.924%]		 18.021ms 29.317ms 253.344op/s 19.297ms 30.685ms 238.562op/s
scenario:load:petclinic:no_agent:high_load better
[-2.317ms; -0.811ms] or [-12.179%; -4.265%]		 better
[-4.250ms; -1.411ms] or [-13.433%; -4.459%]		 unstable
[-7.589op/s; +50.901op/s] or [-3.188%; +21.381%]		 17.460ms 28.807ms 259.719op/s 19.024ms 31.637ms 238.062op/s
Request duration reports for insecure-bank 
gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.177 ms) : 1166, 1188
.   : milestone, 1177,
iast (3.129 ms) : 3088, 3170
.   : milestone, 3129,
iast_FULL (6.051 ms) : 5989, 6113
.   : milestone, 6051,
iast_GLOBAL (3.552 ms) : 3498, 3606
.   : milestone, 3552,
profiling (2.074 ms) : 2055, 2092
.   : milestone, 2074,
tracing (1.785 ms) : 1770, 1800
.   : milestone, 1785,
section candidate
no_agent (1.162 ms) : 1151, 1174
.   : milestone, 1162,
iast (3.085 ms) : 3047, 3123
.   : milestone, 3085,
iast_FULL (5.724 ms) : 5666, 5781
.   : milestone, 5724,
iast_GLOBAL (3.615 ms) : 3552, 3677
.   : milestone, 3615,
profiling (2.167 ms) : 2147, 2187
.   : milestone, 2167,
tracing (1.783 ms) : 1769, 1798
.   : milestone, 1783,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.177 ms [1.166 ms, 1.188 ms] -
iast 3.129 ms [3.088 ms, 3.17 ms] 1.952 ms (165.8%)
iast_FULL 6.051 ms [5.989 ms, 6.113 ms] 4.874 ms (414.1%)
iast_GLOBAL 3.552 ms [3.498 ms, 3.606 ms] 2.375 ms (201.8%)
profiling 2.074 ms [2.055 ms, 2.092 ms] 896.821 µs (76.2%)
tracing 1.785 ms [1.77 ms, 1.8 ms] 607.812 µs (51.6%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 1.162 ms [1.151 ms, 1.174 ms] -
iast 3.085 ms [3.047 ms, 3.123 ms] 1.922 ms (165.4%)
iast_FULL 5.724 ms [5.666 ms, 5.781 ms] 4.561 ms (392.4%)
iast_GLOBAL 3.615 ms [3.552 ms, 3.677 ms] 2.452 ms (211.0%)
profiling 2.167 ms [2.147 ms, 2.187 ms] 1.004 ms (86.4%)
tracing 1.783 ms [1.769 ms, 1.798 ms] 620.898 µs (53.4%)
Request duration reports for petclinic 
gantt
    title petclinic - request duration [CI 0.99] : candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c
    dateFormat X
    axisFormat %s
section baseline
no_agent (19.611 ms) : 19404, 19818
.   : milestone, 19611,
appsec (18.384 ms) : 18198, 18570
.   : milestone, 18384,
code_origins (17.783 ms) : 17609, 17958
.   : milestone, 17783,
iast (17.603 ms) : 17429, 17778
.   : milestone, 17603,
profiling (19.566 ms) : 19367, 19765
.   : milestone, 19566,
tracing (17.243 ms) : 17075, 17412
.   : milestone, 17243,
section candidate
no_agent (17.971 ms) : 17793, 18149
.   : milestone, 17971,
appsec (18.433 ms) : 18247, 18620
.   : milestone, 18433,
code_origins (17.581 ms) : 17405, 17757
.   : milestone, 17581,
iast (17.807 ms) : 17624, 17991
.   : milestone, 17807,
profiling (18.419 ms) : 18238, 18601
.   : milestone, 18419,
tracing (17.911 ms) : 17731, 18092
.   : milestone, 17911,
Loading
  • baseline results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 19.611 ms [19.404 ms, 19.818 ms] -
appsec 18.384 ms [18.198 ms, 18.57 ms] -1.227 ms (-6.3%)
code_origins 17.783 ms [17.609 ms, 17.958 ms] -1.827 ms (-9.3%)
iast 17.603 ms [17.429 ms, 17.778 ms] -2.007 ms (-10.2%)
profiling 19.566 ms [19.367 ms, 19.765 ms] -44.873 µs (-0.2%)
tracing 17.243 ms [17.075 ms, 17.412 ms] -2.368 ms (-12.1%)
  • candidate results
Variant Request duration [CI 0.99] Δ no_agent
no_agent 17.971 ms [17.793 ms, 18.149 ms] -
appsec 18.433 ms [18.247 ms, 18.62 ms] 462.055 µs (2.6%)
code_origins 17.581 ms [17.405 ms, 17.757 ms] -390.07 µs (-2.2%)
iast 17.807 ms [17.624 ms, 17.991 ms] -163.877 µs (-0.9%)
profiling 18.419 ms [18.238 ms, 18.601 ms] 448.416 µs (2.5%)
tracing 17.911 ms [17.731 ms, 18.092 ms] -59.874 µs (-0.3%)

Dacapo

Parameters

Baseline Candidate
baseline_or_candidate baseline candidate
git_branch master alejandro.gonzalez/APPSEC-61289
git_commit_date 1771530866 1771579541
git_commit_sha af8b844 b4d4f60
release_version 1.60.0-SNAPSHOT~af8b84438c 1.60.0-SNAPSHOT~b4d4f60b93
See matching parameters
Baseline Candidate
application biojava biojava
ci_job_date 1771581612 1771581612
ci_job_id 1442249842 1442249842
ci_pipeline_id 97801833 97801833
cpu_model Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version Linux runner-zfyrx7zua-project-304-concurrent-0-56z8ez2s 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux Linux runner-zfyrx7zua-project-304-concurrent-0-56z8ez2s 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 10 metrics, 2 unstable metrics.

Execution time for biojava 
gantt
    title biojava - execution time [CI 0.99] : candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.371 s) : 15371000, 15371000
.   : milestone, 15371000,
appsec (14.616 s) : 14616000, 14616000
.   : milestone, 14616000,
iast (18.153 s) : 18153000, 18153000
.   : milestone, 18153000,
iast_GLOBAL (17.635 s) : 17635000, 17635000
.   : milestone, 17635000,
profiling (14.957 s) : 14957000, 14957000
.   : milestone, 14957000,
tracing (14.513 s) : 14513000, 14513000
.   : milestone, 14513000,
section candidate
no_agent (15.309 s) : 15309000, 15309000
.   : milestone, 15309000,
appsec (14.879 s) : 14879000, 14879000
.   : milestone, 14879000,
iast (17.944 s) : 17944000, 17944000
.   : milestone, 17944000,
iast_GLOBAL (17.853 s) : 17853000, 17853000
.   : milestone, 17853000,
profiling (14.72 s) : 14720000, 14720000
.   : milestone, 14720000,
tracing (14.447 s) : 14447000, 14447000
.   : milestone, 14447000,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.371 s [15.371 s, 15.371 s] -
appsec 14.616 s [14.616 s, 14.616 s] -755.0 ms (-4.9%)
iast 18.153 s [18.153 s, 18.153 s] 2.782 s (18.1%)
iast_GLOBAL 17.635 s [17.635 s, 17.635 s] 2.264 s (14.7%)
profiling 14.957 s [14.957 s, 14.957 s] -414.0 ms (-2.7%)
tracing 14.513 s [14.513 s, 14.513 s] -858.0 ms (-5.6%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 15.309 s [15.309 s, 15.309 s] -
appsec 14.879 s [14.879 s, 14.879 s] -430.0 ms (-2.8%)
iast 17.944 s [17.944 s, 17.944 s] 2.635 s (17.2%)
iast_GLOBAL 17.853 s [17.853 s, 17.853 s] 2.544 s (16.6%)
profiling 14.72 s [14.72 s, 14.72 s] -589.0 ms (-3.8%)
tracing 14.447 s [14.447 s, 14.447 s] -862.0 ms (-5.6%)
Execution time for tomcat 
gantt
    title tomcat - execution time [CI 0.99] : candidate=1.60.0-SNAPSHOT~b4d4f60b93, baseline=1.60.0-SNAPSHOT~af8b84438c
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.472 ms) : 1461, 1484
.   : milestone, 1472,
appsec (3.757 ms) : 3534, 3980
.   : milestone, 3757,
iast (2.249 ms) : 2180, 2317
.   : milestone, 2249,
iast_GLOBAL (2.288 ms) : 2218, 2357
.   : milestone, 2288,
profiling (2.517 ms) : 2353, 2681
.   : milestone, 2517,
tracing (2.054 ms) : 2000, 2107
.   : milestone, 2054,
section candidate
no_agent (1.469 ms) : 1457, 1480
.   : milestone, 1469,
appsec (3.782 ms) : 3561, 4002
.   : milestone, 3782,
iast (2.25 ms) : 2181, 2319
.   : milestone, 2250,
iast_GLOBAL (2.295 ms) : 2225, 2364
.   : milestone, 2295,
profiling (2.087 ms) : 2033, 2142
.   : milestone, 2087,
tracing (2.065 ms) : 2011, 2118
.   : milestone, 2065,
Loading
  • baseline results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.472 ms [1.461 ms, 1.484 ms] -
appsec 3.757 ms [3.534 ms, 3.98 ms] 2.284 ms (155.1%)
iast 2.249 ms [2.18 ms, 2.317 ms] 776.159 µs (52.7%)
iast_GLOBAL 2.288 ms [2.218 ms, 2.357 ms] 815.051 µs (55.4%)
profiling 2.517 ms [2.353 ms, 2.681 ms] 1.045 ms (70.9%)
tracing 2.054 ms [2.0 ms, 2.107 ms] 581.204 µs (39.5%)
  • candidate results
Variant Execution Time [CI 0.99] Δ no_agent
no_agent 1.469 ms [1.457 ms, 1.48 ms] -
appsec 3.782 ms [3.561 ms, 4.002 ms] 2.313 ms (157.5%)
iast 2.25 ms [2.181 ms, 2.319 ms] 781.418 µs (53.2%)
iast_GLOBAL 2.295 ms [2.225 ms, 2.364 ms] 825.824 µs (56.2%)
profiling 2.087 ms [2.033 ms, 2.142 ms] 618.641 µs (42.1%)
tracing 2.065 ms [2.011 ms, 2.118 ms] 595.984 µs (40.6%)

@jandro996 jandro996 requested review from claponcet and smola February 20, 2026 10:33
daniel-romano-DD
daniel-romano-DD approved these changes Feb 20, 2026
View reviewed changes
Copy link
Copy Markdown

@daniel-romano-DD daniel-romano-DD left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TY!

@jandro996
Copy link
Copy Markdown
Member Author

jandro996 commented Feb 20, 2026

/merge

@gh-worker-devflow-routing-ef8351
Copy link
Copy Markdown

gh-worker-devflow-routing-ef8351 Bot commented Feb 20, 2026
edited
Loading

View all feedbacks in Devflow UI.

2026-02-20 11:29:10 UTC ℹ️ Start processing command /merge

2026-02-20 11:29:15 UTC ℹ️ MergeQueue: pull request added to the queue

The expected merge time in master is approximately 1h (p90).

2026-02-20 11:54:05 UTC ℹ️ MergeQueue: This merge request was merged

@gh-worker-dd-mergequeue-cf854d gh-worker-dd-mergequeue-cf854d Bot merged commit e9b5a57 into master Feb 20, 2026
734 of 749 checks passed
@gh-worker-dd-mergequeue-cf854d gh-worker-dd-mergequeue-cf854d Bot deleted the alejandro.gonzalez/APPSEC-61289 branch February 20, 2026 11:54
@github-actions github-actions Bot added this to the 1.60.0 milestone Feb 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@daniel-romano-DD daniel-romano-DD daniel-romano-DD approved these changes

@manuel-alvarez-alvarez manuel-alvarez-alvarez Awaiting requested review from manuel-alvarez-alvarez manuel-alvarez-alvarez is a code owner automatically assigned from DataDog/asm-java

@claponcet claponcet Awaiting requested review from claponcet

@smola smola Awaiting requested review from smola

Assignees

No one assigned

Labels

comp: asm waf Application Security Management (WAF) type: bug Bug report and fix

Projects

None yet

Milestone

1.60.0

Development

Successfully merging this pull request may close these issues.

2 participants

@jandro996 @daniel-romano-DD