Google On-line Safety Weblog: Introducing Safety By Design



Integrating safety into your app growth lifecycle can save numerous time, cash, and threat. That’s why we’ve launched Safety by Design on Google Play Academy to assist builders establish, mitigate, and proactively shield towards safety threats.

The Android ecosystem, together with Google Play, has many built-in safety features that assist shield builders and customers. The course Introduction to app safety finest practices takes these protections one step additional by serving to you benefit from extra safety features to construct into your app. For instance, Jetpack Safety helps builders correctly encrypt their information at relaxation and offers solely secure and well-known algorithms for encrypting Recordsdata and SharedPreferences. The SafetyNet Attestation API is an answer to assist establish doubtlessly harmful patterns in utilization. There are a number of widespread design vulnerabilities which are necessary to look out for, together with utilizing shared or improper file storage, utilizing insecure protocols, unprotected parts comparable to Actions, and extra. The course additionally offers strategies to check your app to be able to aid you hold it secure after launch. Lastly, you may arrange a Vulnerability Disclosure Program (VDP) to interact safety researchers to assist.

Within the subsequent course, you may learn to combine safety at each stage of the event course of by adopting the Safety Growth Lifecycle (SDL). The SDL is an trade customary course of and on this course you’ll be taught the basics of establishing a program, getting govt sponsorship and integration into your growth lifecycle.

Menace modeling is a part of the Safety Growth Lifecycle, and on this course you’ll be taught to assume like an attacker to establish, categorize, and deal with threats. By doing so early within the design section of growth, you may establish potential threats and begin planning for easy methods to mitigate them at a a lot decrease value and create a safer product on your customers.

Enhancing your app’s safety is a by no means ending course of. Join the Safety by Design module the place in a couple of brief programs, you’ll learn to combine safety into your app growth lifecycle, mannequin potential threats, and app safety finest practices into your app, in addition to keep away from potential design pitfalls.