In an effort to scale back the variety of vulnerabilities in Android apps, Google is introducing the Android Utility Safety Data Base (AAKB).
The AAKB features a database of widespread code points, full with examples on how one can remediate them and explanations on how one can implement particular code patterns.
Google already does scan Android apps for vulnerabilities, and informs builders to allow them to remediate the difficulty or it removes the app if the difficulty isn’t mounted.
“We all know that it isn’t all the time sufficient to simply let you know a couple of vulnerability in your app; it’s good to know how one can repair the difficulty and how one can stop related points from cropping up sooner or later,” the Android staff wrote in a weblog put up.
In keeping with Google, the AAKB is aligned with the OWASP Cell Utility Safety Verification Customary (MASVS). It is usually vetted by technical specialists from completely different organizations, together with Microsoft.
“This helps make sure the content material shouldn’t be biased to 1 social gathering and represents state-of-the-art requirements. This additionally gives an academic place so that you can proactively remediate safety dangers in your purposes utilizing industry-wide requirements, with direct entry to information from subject-matter specialists,” the Android staff wrote.
The repository will be accessed by way of the AAKB homepage or in Android Studio, the place remediation steering now reveals up in lint checks, with a hyperlink to the related AAKB article.
You may additionally like…
The evolution and way forward for AI-driven testing: Making certain high quality and addressing bias