From f1a713cdbf04617b79e9ce2f1fe13469c16d8942 Mon Sep 17 00:00:00 2001
From: Thomas Cannon <thomascannon@users.noreply.github.com>
Date: Tue, 7 May 2024 13:41:58 +0100
Subject: [PATCH] Update test.md Overview with Carlos' suggestion

Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
---
 .../android-data-in-sandbox/test.md                         | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md b/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
index 2cb8378dd3..291ac8f602 100644
--- a/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
+++ b/risks/MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
@@ -9,6 +9,12 @@ prerequisites:
 - identify-sensitive-data
 ---
 
+## Overview
+
+Android apps use a variety of APIs to write data to internal storage. If you only need to inspect the list of created/modified files and their contents, the most effective approach is a snapshot-based approach like the one used in this test.
+
+This has the limitation that you won't know the APIs and locations in your code that are responsible; if you need to know, you should rather follow a dynamic analysis approach based on method tracing. 
+
 ## Steps
 
 1. Start the device.