Android Vulnerability Test Suite
#Threat Defense#Vulnerability Management
A tool to capture all the git secrets by leveraging multiple open source git searching tools.
This tool is designed to enhance security awareness
This tool is designed to identify the attack surface that a specific device may be vulnerable to. By implementing these checks, we aim to minimize or eliminate both false positives and false negatives, while ensuring that system stability remains unaffected.
Rationale for necessity: When a vulnerability is discovered, Google is notified and quickly applies a patch to Android.
The Nexus Devices are Typically the First to Receive Updates
The Nexus devices are usually the first to get these patches because they are the closest (in fact, identical) to AOSP (Android Open Source Project) - the core of Android, where Google establishes its commitments.
For example, the futex bug and its implications
For instance, the futex bug (CVE-2014-3153/Towelroot) was identified in late May to early June.
This bug took several months to resolve
This bug took several months to be patched on the flagship device of that time, the Nexus 5.
This leaves users highly exposed
This leaves users highly exposed to attacks from applications. Most users are unaware that their devices are at risk.
