Facebook today open-sourced a static analysis tool its software and security engineers use internally to find potentially dangerous security and privacy flaws in the company’s Android and Java applications.
This security-focused tool, dubbed Mariana Trench (MT), can analyze large codebases of tens of millions of lines of code to spot vulnerabilities before they’re introduced in the codebase.
Facebook revealed that its engineers found more than 50% of all security bugs across the company’s apps using automated tools similar to Mariana Trench.