Facebook has released a tool named the Mariana Trench that it has adopted internally to discover security and privacy flaws in its Android and Java apps. This new open-source tool has previously found 50% of all security bugs in the company’s mobile apps. Unlike web apps, which can be updated instantly to fix a bug, patching Android apps requires the help of users, adding a costly time delay, which can be exploited by attackers to exploit the vulnerabilities. This is why tools like MT help detect security gaffes during development before they land in the finalized app. It is designed to be able to scan large mobile codebases and flag potential issues on pull requests before they make it into production. MT was the result of a collaboration between security and software engineers at Facebook.
Last Updated on 10/20/2021 by Emmanuel Motelin