placeholder

Open-sourcing Mariana Trench: Analyzing Android and Java app security in depth

Mariana Trench is an open source static analyzer that we wrote to detect and prevent security issues in Android and Java applications.

Click to view the original at engineering.fb.com

Hasnain says:

This is some really cool work done by folks in my org.

"MT is designed to be able to scan large mobile codebases and flag potential issues on pull requests before they make it into production. It was built as a result of close collaboration between security and software engineers at Facebook who train MT to look at code and analyze how data flows through it. Analyzing data flows is useful because many security and privacy issues can be modeled as data flowing into a place it shouldn’t."

Posted on 2021-09-29T18:24:47+0000