Our research is focused on methods to help automate and scale techniques for recognizing weaknesses or malware in mobile applications. We will present a variety of algorithms and how we use algorithms to automate mobile application scanning. Starting from a topology defined by a directed graph, we will outline methods that work well and compliment each other to answer questions such as, "What does this app do?" and "What is the app's surface area?". We take the viewpoint that not all tools and methods are suitable for successfully solving certain problems in an automated fashion. From these general questions we will move into using machine learning for classification tools on static data to gather composition details and seed dynamic investigations. Thus, we are interested in optimizing over the set of possible tools/techniques to solve the various smaller problems of a larger picture challenge. We will look at a couple of examples as to how tools best fit or could be substituted based on the results of an upstream result. This overall architecture is an automated platform that we continuously try to upgrade, looking for the optimal solution. Jared Carlson is a Sr. Security Researcher at Veracode focusing on the creation of scalable, automated security analysis algorithms for mobile systems. He holds a M.Sc. in Mechanical Engineering from Yale University. Andrew Reiter is a Principal Researcher at Veracode focusing on both static analysis of Android apps and web frameworks, as well as the design of automated security analysis algorithms for Android. He holds a M.Sc. in Applied Mathematics from UMASS-Amherst.