COD 817: Creating Secure Code - iOS
In this course, participants will learn to develop and deploy secure iPhone applications by leveraging Apple's security libraries and frameworks. Participants will also learn secure coding best practices for iOS and how to properly deploy iOS and Xcode security features.
Upon completion of this course, participants will be able to:
- Apply mobile development best practices in coding
- Use the security features in iOS to improve the security of mobile applications
- Be able to identify and remediate common mobile security vulnerabilities
- Apply iOS security best practices in development
- Deploy security services available in iOS
- Identify iPhone application security risks
- Understand the role of Apple iOS and SDK tools in providing security to iPhone applications
Mobile Application Development Best Practices
This module presents proven best practices and tools for improving the security and privacy posture of their
Introduction to iOS Devices and System Security
This module describes the iOS Generic Security Services (GSS) framework and it's numerous security features, and how developers can leverage it to produce more secure code.
Common iOS Application Vulnerabilities, Threats and Mitigations
iPhone attack vectors include web-based malware, SQL injection, session hijacking, theft of data at rest and in transit, and jailbreaking. This module helps you understand iPhone security vulnerabilities and attack vectors so that you are able to implement key mitigation techniques during development.
Secure iOS Mobile Application Best Practices
This module provides language- and tool-specific instructions on how to integrate Apple security services into your own secure coding best practices to protect against critical vulnerabilities. It includes multiple hands-on labs that demonstrate defensive coding techniques to harden your iPhone applications. Topics covered:
- Deploying iOS and Xcode security features
- Build hardening
- Enabling Automatic Reference Counting (ARC)
- Enabling Position Independent Executable (PIE)
- Enabling Stack Protector
- Hands-on Lab: Creating Unit Tests