While there seems to be a limitless supply of vulnerable mobile apps, defensive measures to actually easily validate and identify mobile vulnerabilities have not been as plentiful.
That’s a situation that Parth Patel, vulnerability signature engineer for Qualys, is aiming to help correct. Patel is releasing a new open-source mobile vulnerability framework called the Android Security Evaluation Framework (ASEF) to enable individuals and researchers to more easily identify the security risks associated with any given Android mobile application.