Add Forwarded header as a source to client IP resolution

[jandro996]

What Does This Do

Updates the resolver to include forwarded as one of the evaluated headers

Follow the parsing order for headers defined in https://datadoghq.atlassian.net/wiki/spaces/SAAL/pages/2118779066 forwarded header should be parsed between x-client-ip and forwarded-for

Motivation

Additional Notes

Rollback #7946 but changing X-forwarded for forwarded that is the correct one

Contributor Checklist

• Format the title according the contribution guidelines
• Assign the type: and (comp: or inst:) labels in addition to any usefull labels
• Don't use close, fix or any linking keywords when referencing an issue.
  Use solves instead, and assign the PR milestone to the issue
• Update the CODEOWNERS file on source file addition, move, or deletion
• Update the public documentation in case of new configuration flag or behavior

Jira ticket: APPSEC-58258

[datadog-datadog-prod-us1]

Code coverage: total 57.10%, patch 100.00% (view details)

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 397b6e8 | Docs | Was this helpful? Give us feedback!}

[pr-commenter]

Benchmarks

Startup

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/Add-Forwarded-as-a-source-to-client-IP-resolution
git_commit_date	1754476170	1754477182
git_commit_sha	0465b82	397b6e8
release_version	1.53.0-SNAPSHOT~0465b821af	1.51.1-SNAPSHOT~397b6e8738

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1754478968	1754478968
ci_job_id	1066544939	1066544939
ci_pipeline_id	72829354	72829354
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-fi3l5xq4 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-fi3l5xq4 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
module	Agent	Agent
parent	None	None

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 47 metrics, 12 unstable metrics.

Startup time reports for insecure-bank

gantt
    title insecure-bank - global startup overhead: candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.046 s) : 0, 1045947
Total [baseline] (8.586 s) : 0, 8585576
Agent [candidate] (1.045 s) : 0, 1045047
Total [candidate] (8.591 s) : 0, 8590559
section iast
Agent [baseline] (1.181 s) : 0, 1181438
Total [baseline] (9.332 s) : 0, 9332314
Agent [candidate] (1.172 s) : 0, 1172265
Total [candidate] (9.321 s) : 0, 9321046

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.046 s	-
Agent	iast	1.181 s	135.491 ms (13.0%)
Total	tracing	8.586 s	-
Total	iast	9.332 s	746.738 ms (8.7%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.045 s	-
Agent	iast	1.172 s	127.218 ms (12.2%)
Total	tracing	8.591 s	-
Total	iast	9.321 s	730.487 ms (8.5%)

gantt
    title insecure-bank - break down per module: candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.438 ms) : 0, 1438
crashtracking [candidate] (1.421 ms) : 0, 1421
BytebuddyAgent [baseline] (732.147 ms) : 0, 732147
BytebuddyAgent [candidate] (730.925 ms) : 0, 730925
GlobalTracer [baseline] (241.995 ms) : 0, 241995
GlobalTracer [candidate] (242.284 ms) : 0, 242284
AppSec [baseline] (30.008 ms) : 0, 30008
AppSec [candidate] (29.928 ms) : 0, 29928
Debugger [baseline] (6.032 ms) : 0, 6032
Debugger [candidate] (6.023 ms) : 0, 6023
Remote Config [baseline] (648.456 µs) : 0, 648
Remote Config [candidate] (651.114 µs) : 0, 651
Telemetry [baseline] (12.635 ms) : 0, 12635
Telemetry [candidate] (12.773 ms) : 0, 12773
section iast
crashtracking [baseline] (1.441 ms) : 0, 1441
crashtracking [candidate] (1.431 ms) : 0, 1431
BytebuddyAgent [baseline] (854.172 ms) : 0, 854172
BytebuddyAgent [candidate] (846.355 ms) : 0, 846355
GlobalTracer [baseline] (232.404 ms) : 0, 232404
GlobalTracer [candidate] (231.499 ms) : 0, 231499
AppSec [baseline] (26.977 ms) : 0, 26977
AppSec [candidate] (26.979 ms) : 0, 26979
Debugger [baseline] (7.546 ms) : 0, 7546
Debugger [candidate] (8.335 ms) : 0, 8335
Remote Config [baseline] (601.977 µs) : 0, 602
Remote Config [candidate] (577.237 µs) : 0, 577
Telemetry [baseline] (8.155 ms) : 0, 8155
Telemetry [candidate] (8.03 ms) : 0, 8030
IAST [baseline] (29.04 ms) : 0, 29040
IAST [candidate] (28.112 ms) : 0, 28112

Loading

Startup time reports for petclinic

gantt
    title petclinic - global startup overhead: candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af

    dateFormat X
    axisFormat %s
section tracing
Agent [baseline] (1.047 s) : 0, 1047018
Total [baseline] (10.817 s) : 0, 10817064
Agent [candidate] (1.044 s) : 0, 1044351
Total [candidate] (10.672 s) : 0, 10671655
section appsec
Agent [baseline] (1.224 s) : 0, 1224454
Total [baseline] (10.812 s) : 0, 10812430
Agent [candidate] (1.224 s) : 0, 1224449
Total [candidate] (10.741 s) : 0, 10740876
section iast
Agent [baseline] (1.177 s) : 0, 1177304
Total [baseline] (10.962 s) : 0, 10962365
Agent [candidate] (1.173 s) : 0, 1173008
Total [candidate] (10.887 s) : 0, 10887476
section profiling
Agent [baseline] (1.198 s) : 0, 1197588
Total [baseline] (10.916 s) : 0, 10916357
Agent [candidate] (1.192 s) : 0, 1191631
Total [candidate] (10.843 s) : 0, 10842651

Loading

• baseline results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.047 s	-
Agent	appsec	1.224 s	177.437 ms (16.9%)
Agent	iast	1.177 s	130.286 ms (12.4%)
Agent	profiling	1.198 s	150.571 ms (14.4%)
Total	tracing	10.817 s	-
Total	appsec	10.812 s	-4.635 ms (-0.0%)
Total	iast	10.962 s	145.301 ms (1.3%)
Total	profiling	10.916 s	99.293 ms (0.9%)

• candidate results

Module	Variant	Duration	Δ tracing
Agent	tracing	1.044 s	-
Agent	appsec	1.224 s	180.098 ms (17.2%)
Agent	iast	1.173 s	128.657 ms (12.3%)
Agent	profiling	1.192 s	147.28 ms (14.1%)
Total	tracing	10.672 s	-
Total	appsec	10.741 s	69.221 ms (0.6%)
Total	iast	10.887 s	215.82 ms (2.0%)
Total	profiling	10.843 s	170.995 ms (1.6%)

gantt
    title petclinic - break down per module: candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af

    dateFormat X
    axisFormat %s
section tracing
crashtracking [baseline] (1.436 ms) : 0, 1436
crashtracking [candidate] (1.423 ms) : 0, 1423
BytebuddyAgent [baseline] (734.65 ms) : 0, 734650
BytebuddyAgent [candidate] (730.763 ms) : 0, 730763
GlobalTracer [baseline] (241.768 ms) : 0, 241768
GlobalTracer [candidate] (241.905 ms) : 0, 241905
AppSec [baseline] (30.042 ms) : 0, 30042
AppSec [candidate] (29.95 ms) : 0, 29950
Debugger [baseline] (6.034 ms) : 0, 6034
Debugger [candidate] (6.045 ms) : 0, 6045
Remote Config [baseline] (646.269 µs) : 0, 646
Remote Config [candidate] (655.645 µs) : 0, 656
Telemetry [baseline] (11.358 ms) : 0, 11358
Telemetry [candidate] (12.604 ms) : 0, 12604
section appsec
crashtracking [baseline] (1.439 ms) : 0, 1439
crashtracking [candidate] (1.443 ms) : 0, 1443
BytebuddyAgent [baseline] (756.084 ms) : 0, 756084
BytebuddyAgent [candidate] (755.846 ms) : 0, 755846
GlobalTracer [baseline] (235.736 ms) : 0, 235736
GlobalTracer [candidate] (236.124 ms) : 0, 236124
AppSec [baseline] (168.723 ms) : 0, 168723
AppSec [candidate] (170.111 ms) : 0, 170111
Debugger [baseline] (7.984 ms) : 0, 7984
Debugger [candidate] (7.215 ms) : 0, 7215
Remote Config [baseline] (626.68 µs) : 0, 627
Remote Config [candidate] (622.018 µs) : 0, 622
Telemetry [baseline] (9.097 ms) : 0, 9097
Telemetry [candidate] (8.326 ms) : 0, 8326
IAST [baseline] (23.567 ms) : 0, 23567
IAST [candidate] (23.688 ms) : 0, 23688
section iast
crashtracking [baseline] (1.433 ms) : 0, 1433
crashtracking [candidate] (1.434 ms) : 0, 1434
BytebuddyAgent [baseline] (849.845 ms) : 0, 849845
BytebuddyAgent [candidate] (847.545 ms) : 0, 847545
GlobalTracer [baseline] (233.467 ms) : 0, 233467
GlobalTracer [candidate] (231.143 ms) : 0, 231143
AppSec [baseline] (26.31 ms) : 0, 26310
AppSec [candidate] (27.592 ms) : 0, 27592
Debugger [baseline] (7.409 ms) : 0, 7409
Debugger [candidate] (5.808 ms) : 0, 5808
Remote Config [baseline] (608.298 µs) : 0, 608
Remote Config [candidate] (599.85 µs) : 0, 600
Telemetry [baseline] (8.198 ms) : 0, 8198
Telemetry [candidate] (8.079 ms) : 0, 8079
IAST [baseline] (28.992 ms) : 0, 28992
IAST [candidate] (29.86 ms) : 0, 29860
section profiling
crashtracking [baseline] (1.414 ms) : 0, 1414
crashtracking [candidate] (1.402 ms) : 0, 1402
BytebuddyAgent [baseline] (763.279 ms) : 0, 763279
BytebuddyAgent [candidate] (759.209 ms) : 0, 759209
GlobalTracer [baseline] (222.179 ms) : 0, 222179
GlobalTracer [candidate] (221.434 ms) : 0, 221434
AppSec [baseline] (30.056 ms) : 0, 30056
AppSec [candidate] (29.735 ms) : 0, 29735
Debugger [baseline] (6.292 ms) : 0, 6292
Debugger [candidate] (6.285 ms) : 0, 6285
Remote Config [baseline] (716.052 µs) : 0, 716
Remote Config [candidate] (668.6 µs) : 0, 669
Telemetry [baseline] (15.993 ms) : 0, 15993
Telemetry [candidate] (16.088 ms) : 0, 16088
ProfilingAgent [baseline] (108.196 ms) : 0, 108196
ProfilingAgent [candidate] (107.597 ms) : 0, 107597
Profiling [baseline] (108.827 ms) : 0, 108827
Profiling [candidate] (108.244 ms) : 0, 108244

Loading

Load

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/Add-Forwarded-as-a-source-to-client-IP-resolution
git_commit_date	1754476170	1754477182
git_commit_sha	0465b82	397b6e8
release_version	1.53.0-SNAPSHOT~0465b821af	1.51.1-SNAPSHOT~397b6e8738

See matching parameters

	Baseline	Candidate
application	insecure-bank	insecure-bank
ci_job_date	1754478644	1754478644
ci_job_id	1066544940	1066544940
ci_pipeline_id	72829354	72829354
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-qwiu76sh 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-qwiu76sh 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 2 performance improvements and 1 performance regressions! Performance is the same for 9 metrics, 12 unstable metrics.

scenario	Δ mean http_req_duration	Δ mean throughput	candidate mean http_req_duration	candidate mean throughput	baseline mean http_req_duration	baseline mean throughput
scenario:load:insecure-bank:no_agent:high_load	better [-245.361µs; -129.107µs] or [-5.568%; -2.930%]	unstable [-63.729op/s; +156.541op/s] or [-6.119%; +15.031%]	4.220ms	1087.875op/s	4.407ms	1041.469op/s
scenario:load:petclinic:iast:high_load	worse [+1.985ms; +2.816ms] or [+4.588%; +6.507%]	unstable [-13.355op/s; +2.030op/s] or [-12.353%; +1.878%]	45.674ms	102.450op/s	43.274ms	108.112op/s
scenario:load:petclinic:profiling:high_load	better [-2.647ms; -1.688ms] or [-5.493%; -3.503%]	unstable [-3.004op/s; +12.029op/s] or [-3.094%; +12.387%]	46.023ms	101.625op/s	48.190ms	97.112op/s

Request duration reports for petclinic

gantt
    title petclinic - request duration [CI 0.99] : candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af
    dateFormat X
    axisFormat %s
section baseline
no_agent (36.697 ms) : 36397, 36997
.   : milestone, 36697,
appsec (47.825 ms) : 47404, 48247
.   : milestone, 47825,
code_origins (44.678 ms) : 44300, 45056
.   : milestone, 44678,
iast (43.274 ms) : 42896, 43651
.   : milestone, 43274,
profiling (48.19 ms) : 47724, 48657
.   : milestone, 48190,
tracing (43.082 ms) : 42713, 43450
.   : milestone, 43082,
section candidate
no_agent (35.955 ms) : 35665, 36245
.   : milestone, 35955,
appsec (48.205 ms) : 47783, 48627
.   : milestone, 48205,
code_origins (43.917 ms) : 43536, 44298
.   : milestone, 43917,
iast (45.674 ms) : 45280, 46068
.   : milestone, 45674,
profiling (46.023 ms) : 45599, 46447
.   : milestone, 46023,
tracing (44.155 ms) : 43781, 44529
.   : milestone, 44155,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	36.697 ms [36.397 ms, 36.997 ms]	-
appsec	47.825 ms [47.404 ms, 48.247 ms]	11.128 ms (30.3%)
code_origins	44.678 ms [44.3 ms, 45.056 ms]	7.981 ms (21.7%)
iast	43.274 ms [42.896 ms, 43.651 ms]	6.577 ms (17.9%)
profiling	48.19 ms [47.724 ms, 48.657 ms]	11.493 ms (31.3%)
tracing	43.082 ms [42.713 ms, 43.45 ms]	6.385 ms (17.4%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	35.955 ms [35.665 ms, 36.245 ms]	-
appsec	48.205 ms [47.783 ms, 48.627 ms]	12.25 ms (34.1%)
code_origins	43.917 ms [43.536 ms, 44.298 ms]	7.962 ms (22.1%)
iast	45.674 ms [45.28 ms, 46.068 ms]	9.719 ms (27.0%)
profiling	46.023 ms [45.599 ms, 46.447 ms]	10.068 ms (28.0%)
tracing	44.155 ms [43.781 ms, 44.529 ms]	8.199 ms (22.8%)

Request duration reports for insecure-bank

gantt
    title insecure-bank - request duration [CI 0.99] : candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af
    dateFormat X
    axisFormat %s
section baseline
no_agent (4.407 ms) : 4351, 4463
.   : milestone, 4407,
iast (9.371 ms) : 9219, 9522
.   : milestone, 9371,
iast_FULL (13.517 ms) : 13254, 13781
.   : milestone, 13517,
iast_GLOBAL (10.666 ms) : 10477, 10855
.   : milestone, 10666,
profiling (8.725 ms) : 8586, 8864
.   : milestone, 8725,
tracing (7.637 ms) : 7531, 7743
.   : milestone, 7637,
section candidate
no_agent (4.22 ms) : 4168, 4272
.   : milestone, 4220,
iast (9.645 ms) : 9474, 9815
.   : milestone, 9645,
iast_FULL (13.734 ms) : 13462, 14006
.   : milestone, 13734,
iast_GLOBAL (10.396 ms) : 10212, 10580
.   : milestone, 10396,
profiling (8.78 ms) : 8648, 8911
.   : milestone, 8780,
tracing (7.683 ms) : 7572, 7794
.   : milestone, 7683,

Loading

• baseline results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	4.407 ms [4.351 ms, 4.463 ms]	-
iast	9.371 ms [9.219 ms, 9.522 ms]	4.964 ms (112.6%)
iast_FULL	13.517 ms [13.254 ms, 13.781 ms]	9.11 ms (206.7%)
iast_GLOBAL	10.666 ms [10.477 ms, 10.855 ms]	6.259 ms (142.0%)
profiling	8.725 ms [8.586 ms, 8.864 ms]	4.318 ms (98.0%)
tracing	7.637 ms [7.531 ms, 7.743 ms]	3.23 ms (73.3%)

• candidate results

Variant	Request duration [CI 0.99]	Δ no_agent
no_agent	4.22 ms [4.168 ms, 4.272 ms]	-
iast	9.645 ms [9.474 ms, 9.815 ms]	5.425 ms (128.6%)
iast_FULL	13.734 ms [13.462 ms, 14.006 ms]	9.514 ms (225.5%)
iast_GLOBAL	10.396 ms [10.212 ms, 10.58 ms]	6.176 ms (146.4%)
profiling	8.78 ms [8.648 ms, 8.911 ms]	4.56 ms (108.1%)
tracing	7.683 ms [7.572 ms, 7.794 ms]	3.463 ms (82.1%)

Dacapo

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	alejandro.gonzalez/Add-Forwarded-as-a-source-to-client-IP-resolution
git_commit_date	1754476170	1754477182
git_commit_sha	0465b82	397b6e8
release_version	1.53.0-SNAPSHOT~0465b821af	1.51.1-SNAPSHOT~397b6e8738

See matching parameters

	Baseline	Candidate
application	biojava	biojava
ci_job_date	1754479183	1754479183
ci_job_id	1066544941	1066544941
ci_pipeline_id	72829354	72829354
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
kernel_version	Linux runner-zfyrx7zua-project-304-concurrent-0-9q64dzcr 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux	Linux runner-zfyrx7zua-project-304-concurrent-0-9q64dzcr 6.8.0-1031-aws #33~22.04.1-Ubuntu SMP Thu Jun 26 14:22:30 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 11 metrics, 1 unstable metrics.

Execution time for biojava

gantt
    title biojava - execution time [CI 0.99] : candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af
    dateFormat X
    axisFormat %s
section baseline
no_agent (15.011 s) : 15011000, 15011000
.   : milestone, 15011000,
appsec (14.89 s) : 14890000, 14890000
.   : milestone, 14890000,
iast (18.47 s) : 18470000, 18470000
.   : milestone, 18470000,
iast_GLOBAL (18.192 s) : 18192000, 18192000
.   : milestone, 18192000,
profiling (15.221 s) : 15221000, 15221000
.   : milestone, 15221000,
tracing (14.755 s) : 14755000, 14755000
.   : milestone, 14755000,
section candidate
no_agent (14.843 s) : 14843000, 14843000
.   : milestone, 14843000,
appsec (14.76 s) : 14760000, 14760000
.   : milestone, 14760000,
iast (18.322 s) : 18322000, 18322000
.   : milestone, 18322000,
iast_GLOBAL (18.068 s) : 18068000, 18068000
.   : milestone, 18068000,
profiling (15.334 s) : 15334000, 15334000
.   : milestone, 15334000,
tracing (14.957 s) : 14957000, 14957000
.   : milestone, 14957000,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	15.011 s [15.011 s, 15.011 s]	-
appsec	14.89 s [14.89 s, 14.89 s]	-121.0 ms (-0.8%)
iast	18.47 s [18.47 s, 18.47 s]	3.459 s (23.0%)
iast_GLOBAL	18.192 s [18.192 s, 18.192 s]	3.181 s (21.2%)
profiling	15.221 s [15.221 s, 15.221 s]	210.0 ms (1.4%)
tracing	14.755 s [14.755 s, 14.755 s]	-256.0 ms (-1.7%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	14.843 s [14.843 s, 14.843 s]	-
appsec	14.76 s [14.76 s, 14.76 s]	-83.0 ms (-0.6%)
iast	18.322 s [18.322 s, 18.322 s]	3.479 s (23.4%)
iast_GLOBAL	18.068 s [18.068 s, 18.068 s]	3.225 s (21.7%)
profiling	15.334 s [15.334 s, 15.334 s]	491.0 ms (3.3%)
tracing	14.957 s [14.957 s, 14.957 s]	114.0 ms (0.8%)

Execution time for tomcat

gantt
    title tomcat - execution time [CI 0.99] : candidate=1.51.1-SNAPSHOT~397b6e8738, baseline=1.53.0-SNAPSHOT~0465b821af
    dateFormat X
    axisFormat %s
section baseline
no_agent (1.475 ms) : 1463, 1486
.   : milestone, 1475,
appsec (3.681 ms) : 3463, 3900
.   : milestone, 3681,
iast (2.201 ms) : 2139, 2264
.   : milestone, 2201,
iast_GLOBAL (2.232 ms) : 2169, 2295
.   : milestone, 2232,
profiling (2.033 ms) : 1983, 2083
.   : milestone, 2033,
tracing (2.019 ms) : 1970, 2068
.   : milestone, 2019,
section candidate
no_agent (1.481 ms) : 1469, 1492
.   : milestone, 1481,
appsec (3.633 ms) : 3419, 3848
.   : milestone, 3633,
iast (2.201 ms) : 2139, 2264
.   : milestone, 2201,
iast_GLOBAL (2.24 ms) : 2177, 2303
.   : milestone, 2240,
profiling (2.051 ms) : 2000, 2102
.   : milestone, 2051,
tracing (2.019 ms) : 1969, 2068
.   : milestone, 2019,

Loading

• baseline results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.475 ms [1.463 ms, 1.486 ms]	-
appsec	3.681 ms [3.463 ms, 3.9 ms]	2.206 ms (149.6%)
iast	2.201 ms [2.139 ms, 2.264 ms]	726.356 µs (49.2%)
iast_GLOBAL	2.232 ms [2.169 ms, 2.295 ms]	757.127 µs (51.3%)
profiling	2.033 ms [1.983 ms, 2.083 ms]	557.927 µs (37.8%)
tracing	2.019 ms [1.97 ms, 2.068 ms]	544.232 µs (36.9%)

• candidate results

Variant	Execution Time [CI 0.99]	Δ no_agent
no_agent	1.481 ms [1.469 ms, 1.492 ms]	-
appsec	3.633 ms [3.419 ms, 3.848 ms]	2.153 ms (145.4%)
iast	2.201 ms [2.139 ms, 2.264 ms]	720.375 µs (48.6%)
iast_GLOBAL	2.24 ms [2.177 ms, 2.303 ms]	758.843 µs (51.2%)
profiling	2.051 ms [2.0 ms, 2.102 ms]	570.355 µs (38.5%)
tracing	2.019 ms [1.969 ms, 2.068 ms]	537.744 µs (36.3%)