In an effort to cut back the variety of vulnerabilities in Android apps, Google is introducing the Android Software Safety Data Base (AAKB).
The AAKB features a database of widespread code points, full with examples on tips on how to remediate them and explanations on tips on how to implement particular code patterns.
Google already does scan Android apps for vulnerabilities, and informs builders to allow them to remediate the difficulty or it removes the app if the difficulty isn’t mounted.
“We all know that it isn’t all the time sufficient to simply inform you a couple of vulnerability in your app; you want to know tips on how to repair the difficulty and tips on how to stop related points from cropping up sooner or later,” the Android staff wrote in a weblog submit.
In response to Google, the AAKB is aligned with the OWASP Cellular Software Safety Verification Normal (MASVS). Additionally it is vetted by technical consultants from completely different organizations, together with Microsoft.
“This helps make sure the content material will not be biased to at least one celebration and represents state-of-the-art requirements. This additionally gives an academic place so that you can proactively remediate safety dangers in your functions utilizing industry-wide requirements, with direct entry to data from subject-matter consultants,” the Android staff wrote.
The repository will be accessed via the AAKB homepage or in Android Studio, the place remediation steerage now exhibits up in lint checks, with a hyperlink to the related AAKB article.
You may additionally like…
The evolution and way forward for AI-driven testing: Guaranteeing high quality and addressing bias
