contrast-agent 6.2.0 → 6.5.0

data/lib/contrast/extension/assess/marshal.rb

@@ -58,6 +58,22 @@ module Contrast
           end
         end
       end
+
+      # Used for aliasing
+      module ContrastMarshal
+        def cs__marshal_load source
+          # Do the protect
+          Contrast::Extension::Assess::MarshalPropagator.cs__load_protect(source) if source
+          # call the original
+          result = Marshal.load(source) # rubocop:disable Security/MarshalLoad
+          # Do the assess
+          tracked = Contrast::Agent::Assess::Tracker::PROPERTIES_HASH.tracked?(source) if source
+          skip = Contrast::Agent::Patching::Policy::Patch.skip_assess_analysis? if tracked
+          Contrast::Extension::Assess::MarshalPropagator.cs__load_assess(source, result) if skip
+          # return original
+          result
+        end
+      end
     end
   end
 end

data/lib/contrast/extension/assess/string.rb

@@ -31,31 +31,32 @@ module Contrast
         INTERPOLATION_NODE = Contrast::Agent::Assess::Policy::PropagationNode.new(NODE_HASH)
 
         class << self
+          # We call this method from C, and the Scope check is happening there. If we are in
+          # Contrast Scope the method won't be invoked.
+          #
+          # @param inputs [Array<String>] Inputs for interpolation.
+          # @param result [String] The result from the interpolation.
           def track_interpolation inputs, result
             return unless ::Contrast::AGENT.interpolation_enabled?
-            return if in_contrast_scope?
             return unless inputs.any? { |input| Contrast::Agent::Assess::Tracker.tracked?(input) }
+            return unless (properties = Contrast::Agent::Assess::Tracker.properties!(result))
 
-            with_contrast_scope do
-              return unless (properties = Contrast::Agent::Assess::Tracker.properties!(result))
-
-              parent_events = []
-              offset = 0
-              inputs.each do |input|
-                properties.copy_from(input, result, offset)
-                add_dynamic_sources_info(input, result)
-                offset += input.length
-                parent_event = Contrast::Agent::Assess::Tracker.properties(input)&.event
-                parent_events << parent_event if parent_event
-              end
-              event_data = Contrast::Agent::Assess::Events::EventData.new(INTERPOLATION_NODE,
-                                                                          result,
-                                                                          inputs,
-                                                                          result,
-                                                                          inputs)
-              properties.build_event(event_data)
-              properties.event.instance_variable_set(:@_parent_events, parent_events)
+            parent_events = []
+            offset = 0
+            inputs.each do |input|
+              properties.copy_from(input, result, offset)
+              add_dynamic_sources_info(input, result)
+              offset += input.length
+              parent_event = Contrast::Agent::Assess::Tracker.properties(input)&.event
+              parent_events << parent_event if parent_event
             end
+            event_data = Contrast::Agent::Assess::Events::EventData.new(INTERPOLATION_NODE,
+                                                                        result,
+                                                                        inputs,
+                                                                        result,
+                                                                        inputs)
+            properties.build_event(event_data)
+            properties.event.instance_variable_set(:@_parent_events, parent_events)
           rescue StandardError => e
             logger.error('Unable to track interpolation', e)
           end

data/lib/contrast/extension/object.rb

@@ -0,0 +1,19 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+# Some developers override various methods on Object, which can often involve
+# changing expected method parity/behavior which in turn prevents us from being
+# able to reliably use affected methods.
+# We alias these method so that we always have access to them.
+#
+# Because we use these methods in constructing classes (e.g., calling #freeze
+# on constants within class definitions) we do this aliasing ASAP.
+class Object
+  alias_method :cs__class, :class
+  alias_method :cs__freeze, :freeze
+  alias_method :cs__frozen?, :frozen?
+  alias_method :cs__is_a?, :is_a?
+  alias_method :cs__method, :method
+  alias_method :cs__respond_to?, :respond_to?
+  alias_method :cs__singleton_class, :singleton_class
+end

data/lib/contrast/framework/base_support.rb

@@ -8,18 +8,22 @@ module Contrast
     # The API for all subclasses to implement to correctly support a given framework
     module BaseSupport
       # The top level module name used by the framework
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def detection_class
         raise(NoMethodError('Subclasses of BaseSupport should implement this method'))
       end
 
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def version
         raise(NoMethodError('Subclasses of BaseSupport should implement this method'))
       end
 
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def application_name
         raise(NoMethodError, 'Subclasses of BaseSupport should implement this method')
       end
 
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def server_type
         raise(NoMethodError, 'Subclasses of BaseSupport should implement this method')
       end
@@ -27,18 +31,22 @@ module Contrast
       # Find all the predefined routes for this application
       #
       # @return [Array<Contrast::Agent::Reporting::DiscoveredRoute>]
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def collect_routes
         raise(NoMethodError, 'Subclasses of BaseSupport should implement this method')
       end
 
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def current_route_coverage
         raise(NoMethodError, 'Subclasses of BaseSupport should implement this method')
       end
 
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def current_route
         raise(NoMethodError, 'Subclasses of BaseSupport should implement this method')
       end
 
+      # @raise [NoMethodError] raises error if subclass does not implement this method
       def retrieve_request _env
         raise(NoMethodError, 'Subclasses of BaseSupport should implement this method')
       end

data/lib/contrast/framework/manager.rb

@@ -7,7 +7,6 @@ require 'contrast/components/logger'
 require 'contrast/extension/module'
 require 'contrast/framework/grape/support'
 require 'contrast/framework/manager_extend'
-require 'contrast/framework/platform_version'
 require 'contrast/framework/rack/support'
 require 'contrast/framework/rails/support'
 require 'contrast/framework/sinatra/support'
@@ -64,16 +63,6 @@ module Contrast
         routes_for_all_frameworks
       end
 
-      def platform_version
-        framework_version = first_framework_result(:version, '')
-
-        Contrast::Framework::PlatformVersion.from_string(framework_version)
-      end
-
-      def platform_version_string
-        first_framework_result(:version, '')
-      end
-
       def server_type
         first_framework_result(:server_type, 'rack')
       end
@@ -157,16 +146,13 @@ module Contrast
           next unless module_name == framework.detection_class
 
           @_frameworks << framework
-          # Report the registered routes of that framework now that we know we need to find them
-          # TODO: RUBY-1438 -- remove and build ReportingEvent directly
-          app_update_msg = Contrast::Api::Dtm::ApplicationUpdate.build
-          if Contrast::Agent.reporter
-            report = Contrast::Agent::Reporting::DtmMessage.dtm_to_event(app_update_msg)
-            Contrast::Agent.reporter.send_event(report)
-          else
-            Contrast::Agent.messaging_queue.send_event_eventually(app_update_msg)
+          report = Contrast::Agent::Reporting::ApplicationUpdate.new
+          # This convert here is left as it'll be easier to be replaced when the Library is being changed
+          report.libraries = Contrast::Agent::Inventory::DependencyAnalysis.instance.library_pb_list
+          [report, Contrast::Agent::Reporting::ApplicationInventory.new].each do |e|
+            Contrast::Agent.reporter.send_event(e)
           end
-          Contrast::Agent.reporter.send_event(Contrast::Agent::Reporting::ApplicationInventory.new)
+
           logger.info('Framework detected after initialization. Enabling support.',
                       framework: framework.detection_class,
                       frameworks: @_frameworks)

data/lib/contrast/framework/manager_extend.rb

@@ -3,7 +3,6 @@
 
 require 'contrast/components/logger'
 require 'contrast/extension/module'
-require 'contrast/framework/platform_version'
 require 'contrast/framework/rack/support'
 require 'contrast/framework/rails/support'
 require 'contrast/framework/grape/support'

data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb

@@ -1,6 +1,8 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/agent/inventory/dependency_usage_analysis'
+
 module Contrast
   module Framework
     module Rails
@@ -9,27 +11,20 @@ module Contrast
         # event on streamed responses.
         module ActionControllerLiveBuffer
           class << self
-            # TODO: RUBY-1353
-            # TODO: RUBY-1355
-            # TODO: RUBY-1357
-            # TODO: RUBY-1357
             def send_messages
               return unless (context = Contrast::Agent::REQUEST_TRACKER.current)
 
+              [
+                context.observed_route
+              ].each do |event|
+                Contrast::Agent.reporter&.send_event_immediately(event)
+              end
+
               if Contrast::Agent::Reporter.enabled?
-                [
-                  context.new_observed_route,
-                  context.observed_library_usage,
-                  Contrast::Agent::Reporting::DtmMessage.dtm_to_event(context.server_activity),
-                  Contrast::Agent::Reporting::DtmMessage.dtm_to_event(context.activity)
-                ].each do |event|
-                  Contrast::Agent.reporter&.send_event_immediately(event)
-                end
+                event = Contrast::Agent::Reporting::DtmMessage.dtm_to_event(context.activity)
+                Contrast::Agent.reporter&.send_event_immediately(event)
               else
-                Contrast::Agent.reporter.send_event_immediately(context.observed_library_usage)
-                [context.server_activity, context.activity, context.observed_route].each do |msg|
-                  Contrast::Agent.messaging_queue&.send_event_immediately(msg)
-                end
+                Contrast::Agent.messaging_queue&.send_event_immediately(context.activity)
               end
             end
 

data/lib/contrast/framework/rails/support.rb

@@ -135,8 +135,11 @@ module Contrast
           # @return [bool] whether the router is an engine or not.
           def engine_route? route
             return false unless route&.app&.app
+            return false unless route.app.is_a?(::ActionDispatch::Routing::Mapper::Constraints) ||
+                route.app.is_a?(::ActionDispatch::Routing::RouteSet::Dispatcher)
 
-            route.app.is_a?(::ActionDispatch::Routing::Mapper::Constraints) && route.app.app < ::Rails::Engine
+            clazz = route.app.app.is_a?(Class) ? route.app.app : route.app.app.cs__class
+            clazz < ::Rails::Engine
           end
 
           # Recursively get final route traversing engines as required. Because this can only be called once, we store

data/lib/contrast/logger/aliased_logging.rb

@@ -88,6 +88,8 @@ module Contrast
                end
         message = Contrast::Agent::Telemetry::TelemetryException::Message.build(tags, [message_exception])
         Contrast::Agent::Telemetry::TelemetryException::Event.new(message)
+      rescue ArgumentError => e
+        debug('TelemetryException failed from aliased logging with: ', e)
       end
 
       def get_stack_trace type

data/lib/contrast/logger/log.rb

@@ -134,7 +134,8 @@ module Contrast
 
         enable_trace_timing if current_level_const == ::Ougai::Logging::TRACE
 
-        @_logger = build(path: current_path, level_const: current_level_const)
+        progname = Contrast::CONFIG.root.agent.logger.progname
+        @_logger = build(path: current_path, level_const: current_level_const, progname: progname)
         # If we're logging to a new path, then let's start it w/ our helpful
         # data gathering messages
         log_update if path_change

data/lib/contrast/utils/assess/event_limit_utils.rb

@@ -0,0 +1,96 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/components/logger'
+
+module Contrast
+  module Utils
+    module Assess
+      # EventLimitUtils is used to check and validate the number of source, propagation, or trigger events collected
+      # during the reporting time frame
+      module EventLimitUtils
+        include Contrast::Components::Logger::InstanceMethods
+        # Checks to see if the event limit for the policy type has been met or exceeded
+        # @param method_policy [Contrast::Agent::Patching::Policy::MethodPolicy] method to check for event limit
+        def event_limit? method_policy
+          return false unless (context = Contrast::Agent::REQUEST_TRACKER.current)
+
+          if method_policy.source_node
+            max =  (::Contrast::ASSESS.max_source_events ||
+              Contrast::Config::AssessConfiguration::DEFAULT_MAX_SOURCE_EVENTS)
+            return at_limit?(method_policy, context.source_event_count, max)
+
+          end
+          if method_policy.propagation_node
+            max = (::Contrast::ASSESS.max_propagation_events ||
+              Contrast::Config::AssessConfiguration::DEFAULT_MAX_PROPAGATION_EVENTS)
+            return at_limit?(method_policy, context.propagation_event_count, max)
+          end
+
+          false # policy does not have limit
+        end
+
+        def event_limit_for_rule? rule_id
+          if Contrast::Utils::Timer.now_ms > threshold_time_limit
+            @_rule_counts = nil
+            @_threshold_time_limit = nil
+            threshold_time_limit
+          end
+          rule_counts[rule_id] += 1
+          # TODO: RUBY-1680 remove default
+          rule_counts[rule_id] >=
+              (::Contrast::ASSESS.max_rule_reported || Contrast::Config::AssessConfiguration::DEFAULT_MAX_RULE_REPORTED)
+        end
+
+        # Increments the event count for the type of event that is being tracked
+        #
+        # @param node [Contrast::Agent::Assess::Policy::PolicyNode] policy to increment
+        def increment_event_count node
+          return unless (context = Contrast::Agent::REQUEST_TRACKER.current)
+
+          context.source_event_count += 1 if node.cs__is_a?(Contrast::Agent::Assess::Policy::SourceNode)
+          context.propagation_event_count += 1 if node.cs__is_a?(Contrast::Agent::Assess::Policy::PropagationNode)
+        end
+
+        private
+
+        # helper method to check limit and log when necessary
+        def at_limit? method_policy, current_count, event_max
+          if current_count == event_max
+            logger.warn('Event Limit Reached:',
+                        {
+                            count: current_count,
+                            max: event_max,
+                            policy: method_policy.method_name,
+                            node: method_policy
+                        })
+            # increment to be over count for logging purposes
+            increment_event_count(method_policy)
+            return true
+          elsif current_count > event_max
+            # increment to be over count for logging purposes
+            increment_event_count(method_policy)
+            logger.warn('Event Limit Exceeded:',
+                        {
+                            count: current_count,
+                            policy: method_policy.method_name,
+                            node: method_policy
+                        })
+            return true
+          end
+          false
+        end
+
+        def rule_counts
+          @_rule_counts ||= Hash.new { |h, k| h[k] = 0 }
+        end
+
+        # the time threshold for which to track rule counts resets when now >= threshold_time_limit
+        # @return [Integer]
+        def threshold_time_limit
+          @_threshold_time_limit ||= Contrast::Utils::Timer.now_ms + (::Contrast::ASSESS.time_limit_threshold || 0)
+        end
+      end
+    end
+  end
+end

data/lib/contrast/utils/assess/propagation_method_utils.rb

@@ -92,20 +92,24 @@ module Contrast
         # @param preshift [Contrast::Agent::Assess::PreShift] The capture of the state of the code just prior to
         #   the invocation of the patched method.
         # @param target [Object] the thing to which to propagate
+        # @param propagation_data [Contrast::Agent::Assess::Events::EventData] this will hold the
+        #                         object [Object] the Object on which the method was invoked
+        #                         args [Array<Object>] the Arguments with which the method was invoked
         # @return [Boolean]
-        def can_propagate? propagation_node, preshift, target
+        def can_propagate? propagation_node, preshift, target, propagation_data
           return false unless appropriate_target?(propagation_node, target)
           return true if Contrast::Utils::Assess::TrackingUtil.tracked?(target)
-          if propagation_node.use_original_object?
-            # return true since we don't have preshift while using the original object.
-            return true
-          end
-          return false unless preshift
+          return false unless appropriate_source?(propagation_node, propagation_data, preshift)
 
           propagation_node.sources.each do |source|
             case source
             when Contrast::Utils::ObjectShare::OBJECT_KEY
-              return true if Contrast::Utils::Assess::TrackingUtil.tracked?(preshift.object)
+              source_object = if propagation_node.use_original_object?
+                                propagation_data.object
+                              else
+                                preshift.object
+                              end
+              return true if Contrast::Utils::Assess::TrackingUtil.tracked?(source_object)
             else
               # has to be P, there's no ret source type (yet? ever?)
               return true if preshift.args && Contrast::Utils::Assess::TrackingUtil.tracked?(preshift.args[source])
@@ -129,6 +133,22 @@ module Contrast
 
           Contrast::Agent::Assess::Tracker.trackable?(target)
         end
+
+        # A source is appropriate if it is available for propagation
+        #
+        # @param propagation_node [Contrast::Agent::Assess::Policy::PropagationNode] the node that governs this
+        #   propagation event.
+        # @param propagation_data [Contrast::Agent::Assess::Events::EventData] this will hold the
+        #                         object [Object] the Object on which the method was invoked
+        #                         args [Array<Object>] the Arguments with which the method was invoked
+        # @param preshift [Contrast::Agent::Assess::PreShift] The capture of the state of the code just prior to
+        #   the invocation of the patched method.
+        # @return [Boolean]
+        def appropriate_source? propagation_node, propagation_data, preshift
+          return true if preshift
+
+          propagation_node.use_original_object? && propagation_data&.object
+        end
       end
     end
   end

data/lib/contrast/utils/assess/source_method_utils.rb

@@ -7,15 +7,6 @@ module Contrast
       # This module will include all methods for some internal validations in the SourceMethod module
       # and some other module methods from the same place, so we can ease the main module
       module SourceMethodUtils
-        # Safely duplicate the target, or return nil
-        #
-        # @param target [Object] the thing to check for duplication
-        def safe_dup target
-          target.dup
-        rescue StandardError => _e
-          nil
-        end
-
         # Find the name of the source
         #
         # @param source_node [Contrast::Agent::Assess::Policy::SourceNode] the node to direct applying this source

data/lib/contrast/utils/log_utils.rb

@@ -19,7 +19,7 @@ module Contrast
 
       private
 
-      def build path: STDOUT_STR, level_const: DEFAULT_LEVEL
+      def build path: STDOUT_STR, level_const: DEFAULT_LEVEL, progname: PROGNAME
         logger = case path
                  when STDOUT_STR, STDERR_STR
                    ::Ougai::Logger.new(Object.cs__const_get(path))
@@ -27,7 +27,7 @@ module Contrast
                    ::Ougai::Logger.new(path)
                  end
         add_contrast_loggers(logger)
-        logger.progname = PROGNAME
+        logger.progname = progname
         logger.level = level_const
         logger.formatter = Contrast::Logger::Format.new
         logger.formatter.datetime_format = DATE_TIME_FORMAT

data/lib/contrast/utils/lru_cache.rb

@@ -5,6 +5,9 @@ module Contrast
   module Utils
     # A LRU(Least Recently Used) Cache store.
     class LRUCache
+      # Initializes new Least Recently Used Cache Store
+      #
+      # @raise [StandardError] raises error if provided capacity is invalid or less or equal to zero
       def initialize capacity = 500
         raise(StandardError('Capacity must be bigger than 0')) if capacity <= 0
 

data/lib/contrast/utils/middleware_utils.rb

@@ -34,6 +34,7 @@ module Contrast
       SECURITY_EXCEPTION_MARKER = 'Contrast::SecurityException'
       # We're only going to suppress SecurityExceptions indicating a blocked attack. And, only if the
       # config.agent.ruby.exceptions.capture? is set
+      # @raise [Contrast::SecurityException] if exceptions.capture? is allowed
       def handle_exception exception
         if security_exception?(exception)
           exception_control = ::Contrast::AGENT.exception_control
@@ -74,6 +75,7 @@ module Contrast
         true
       end
 
+      # @raise [Contrast::SecurityException] raises error to prevent an attack
       def application_code env
         logger.trace_with_time('application') do
           app.call(env)

data/lib/contrast/utils/patching/policy/patch_utils.rb

@@ -7,18 +7,6 @@ module Contrast
       # This module will include all methods for different patch applies from Patch module and some other module
       # methods from the same place, so we can ease the main module
       module PatchUtils
-        # Method to choose which replaced return from the post_patch to actually return.
-        #
-        # @param propagated_ret [Object, nil] The replaced return from the propagation patch.
-        # @param source_ret [Object, nil] The replaced return from the source patch.
-        # @param ret [Object, nil] The original return of the patched method.
-        # @return [Object, nil] The thing to return from the post patch.
-        def handle_return propagated_ret, source_ret, ret
-          safe_return = propagated_ret || source_ret || ret
-          safe_return.rewind if Contrast::Utils::IOUtil.should_rewind?(safe_return)
-          safe_return
-        end
-
         # Given a module and method, construct an expected name for the alias by which Contrast will reference the
         # original.
         #
@@ -107,7 +95,7 @@ module Contrast
         # @param object [Object] The object on which the method is invoked, typically what would be returned by self.
         # @param args [Array<Object>] The arguments passed to the method being invoked.
         def apply_inventory method_policy, method, exception, object, args
-          return unless ::Contrast::INVENTORY.enabled?
+          return unless ::Contrast::INVENTORY.enable
 
           apply_trigger_only(method_policy&.inventory_node, method, exception, object, args)
         end
@@ -123,8 +111,6 @@ module Contrast
         # @param args [Array<Object>] The arguments passed to the method being invoked.
         # @param block [Proc] The block passed to the method that was invoked.
         def apply_assess method_policy, preshift, object, ret, args, block
-          source_ret = nil
-          propagated_ret = nil
           return ret unless method_policy && ::Contrast::ASSESS.enabled?
 
           current_context = Contrast::Agent::REQUEST_TRACKER.current
@@ -135,27 +121,24 @@ module Contrast
             Contrast::Agent::Assess::Policy::TriggerMethod.apply_trigger_rule(trigger_node, object, ret, args)
           end
           if method_policy.source_node
-            # If we were given a frozen return, and it was the target of a source, and we have frozen sources enabled,
-            # we'll need to replace the return. Note, this is not the default case.
-            source_ret = Contrast::Agent::Assess::Policy::SourceMethod.apply_source(method_policy, object, ret, args)
+            Contrast::Agent::Assess::Policy::SourceMethod.apply_source(method_policy, object, ret, args)
           end
           if method_policy.propagation_node
-            propagated_ret = Contrast::Agent::Assess::Policy::PropagationMethod.apply_propagation(
+            Contrast::Agent::Assess::Policy::PropagationMethod.apply_propagation(
                 method_policy,
                 preshift,
                 object,
-                source_ret || ret,
+                ret,
                 args,
                 block)
           end
-          handle_return(propagated_ret, source_ret, ret)
         rescue StandardError => e
           logger.error('Unable to assess method call.', e)
-          handle_return(propagated_ret, source_ret, ret)
         rescue Exception => e # rubocop:disable Lint/RescueException
           logger.error('Unable to assess method call.', e)
-          handle_return(propagated_ret, source_ret, ret)
           raise(e)
+        ensure
+          ret.rewind if Contrast::Utils::IOUtil.should_rewind?(ret)
         end
 
         # Generic invocation of the Inventory or Protect patch which apply to the given method.

data/lib/contrast/utils/telemetry_client.rb

@@ -34,8 +34,8 @@ module Contrast
       def build_request event
         return unless valid_event?(event)
 
-        string_body = if Array(event).all?(Contrast::Agent::Telemetry::TelemetryException::Event)
-                        event.map(&:to_controlled_hash).flatten!
+        string_body = if event.cs__is_a?(Contrast::Agent::Telemetry::TelemetryException::Event)
+                        [event.to_controlled_hash]
                       else
                         [event.to_hash]
                       end
@@ -73,14 +73,14 @@ module Contrast
         ready_after if status_code == 429
       end
 
-      # This method will be responsible for validating the event
-      # @param event[Contrast::Agent::Telemetry::Event,Contrast::Agent::Telemetry::StartupMetricsEvent,
-      # array<Contrast::Agent::Telemetry::TelemetryException::Event>]
+      # This method will be responsible for validating the event. Valid if event is of a known
+      # Contrast::Agent::Telemetry type
+      #
+      # @param event [Object]
       def valid_event? event
         return true if event.cs__is_a?(Contrast::Agent::Telemetry::Event)
         return true if event.cs__is_a?(Contrast::Agent::Telemetry::StartupMetricsEvent)
-        # Batch
-        return true if Array(event).all?(Contrast::Agent::Telemetry::TelemetryException::Event)
+        return true if event.cs__is_a?(Contrast::Agent::Telemetry::TelemetryException::Event)
 
         false
       end