SirionRazzer
commented
6 months ago Hi @PeperMarkreel , thank you for raising this! You are right. There currently is no way to get a final verdict. This feature is commonly requested, so we are evaluating possible designs to facilitate that.
Regarding your other question, this doc may come in handy: https://github.com/talsec/Free-RASP-Community/wiki/Callback-Delay,-Telemetry-Impact,-and-Threat-Scanning-Completion-Status. The duration per callback is not deterministic. Hardcoding any artificial completion time window is not recommended.
Best Regards, Tomas
PeperMarkreel
Hi, I'd like to be able to know if certain checks are finished and what their result is before initiating a certain procedure.
What I would like is a feature like: await freeRasp.threatAnalysisComplete; or ThreatDetectionResults results = await freeRasp.analysisResults; // analyze results & decide if to initiate sensitive procedures or await freeRasp.onPrivilegedAccessResult;
etc
The current way I do it: I now set a bool deviceCompromised to true in a few of the configuration callbacks and just wait a second after the initial frame is rendered at startup and check the bool . Not sure how threat detection works and how long these take to finish. Are these heuristic based upon behavior or do these have a predictable execution time?
So documentation of the duration per callback would be a valid alternative, after how long you can assume these callback's won't be triggered?