Google is forming an Android security team to find bugs in sensitive apps
In a bid to quash vulnerabilities in sensitive apps on the Google Play Store, Google is reportedly creating a new Android security team. The company recently posted a new job listing for a Security Engineering Manager, who will be responsible for forming a team to conduct security assessments of “highly sensitive, third party Android apps on Google Play”. As per a recent report from ZDNet on the matter, the new Android security team will focus on apps like the COVID-19 contact tracing app and election-related apps that handle sensitive user data.
The job listing further reveals that the new Android security team will not only work to find vulnerabilities in sensitive apps, but also provide remediation guidance to impacted application developers. Furthermore, the team will be responsible for working with other Android security teams “to find new and creative ways to reduce the occurrence of Android application vulnerabilities at scale.”
We reached out to a Google spokesperson for comment, who confirmed that the job listing was indeed for a new team that would be responsible for continuing the work done by the Android Security Improvement and Google Play Security Rewards program. Since the Google Play Security Rewards program is limited to apps that have more than 100 million users, the decision to bring in a new team to handle sensitive apps that aren’t covered by the program is definitely a good move.