Android: Google wants to form a new security team dedicated to sensitive applications

play store android google - Android: Google wants to form a new security team dedicated to sensitive applications

Image: Mika Baumeister.

Google is recruiting to create a special Android security team that will be tasked with finding vulnerabilities in highly sensitive apps on the Google Play store.

A new team that will focus on sensitive applications

“As the Security Engineering Manager for Android Security (…), your team will conduct security assessments of highly sensitive third-party Android applications to identify vulnerabilities and provide guidance to application developers concerned so that they correct them ”, we can read in a new Google job posting published Wednesday.

The applications this new team will focus on include contact tracing applications for Covid-19, or those related to elections. And more will follow, according to Sebastian Porst, director of software engineering for Google Play Protect.

The new team will complement the work of independent security researchers who operate under the Google Play Security Reward Program (GPSRP).

GPSRP

GPSRP is the bug bounty program for Android apps from the Play Store. Google collects vulnerability reports from security researchers and pays for them on behalf of app owners. However, this program is only limited to applications that have more than 100 million users.

Applications that manipulate sensitive data or perform critical tasks are not always eligible for GPSRP rewards, and therefore are less likely to be mass tested by bug hunters.

"This is clearly a good thing," told ZDNet on Friday. Lukáš Štefanko, a mobile malware analyst with Slovak security firm ESET, when asked to describe Google's latest efforts. “Finding security issues with serious impact is not that easy, and takes a lot of time and experience,” he added.

The creation of this dedicated team shows Google's desire to ensure that every effort is made, and that some of the most experienced talent in the world will be looking into reviewing these apps, whose security holes might otherwise have gone unnoticed. and have far-reaching consequences.

Source: ZDNet.com

(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)(0); if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "http://connect.facebook.net/fr_FR/all.js#appId=243265768935&xfbml=1"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));



Categories Tech

Leave a Comment