Security News > 2021 > September > Facebook open-sources tool to find Android app security flaws

Facebook open-sources tool to find Android app security flaws
2021-09-29 20:11

Facebook today open-sourced a static analysis tool its software and security engineers use internally to find potentially dangerous security and privacy flaws in the company's Android and Java applications.

"A flow from sources to sinks indicate that for example user passwords may get logged into a file, which is not desirable and is called as an 'issue' under the context of Mariana Trench," Facebook Software Engineer Dominik Gabi said.

It's open source and designed to detect and prevent security bugs in #Android and #Java applications, more here: https://t.

Facebook Security September 29, 2021 Third code analysis tool open-sourced since 2019.

You can find the Mariana Trench code analysis tool on GitHub and its own dedicated website, a binary distribution on PyPI, and a short tutorial to help get started.

"While server-side code can be updated almost instantaneously for web apps, mitigating a security bug in an Android application relies on each user updating the application on the device they own in a timely way."


News URL

https://www.bleepingcomputer.com/news/security/facebook-open-sources-tool-to-find-android-app-security-flaws/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Facebook 29 0 11 46 54 111