COD 817: Creating Secure Code - iOS

Live Training English
Duration: 2 days | Course is offered in English

Course Overview

In this course, participants will learn to develop and deploy secure iPhone applications by leveraging Apple's security libraries and frameworks. Participants will also learn secure coding best practices for iOS and how to properly deploy iOS and Xcode security features.

Upon completion of this course, participants will be able to:

  • Apply mobile development best practices in coding
  • Use the security features in iOS to improve the security of mobile applications
  • Be able to identify and remediate common mobile security vulnerabilities
  • Apply iOS security best practices in development
  • Deploy security services available in iOS
  • Identify iPhone application security risks
  • Understand the role of Apple iOS and SDK tools in providing security to iPhone applications

Mobile Application Development Best Practices

This module presents proven best practices and tools for improving the security and privacy posture of their
mobile applications.

Introduction to iOS Devices and System Security

This module describes the iOS Generic Security Services (GSS) framework and it's numerous security features, and how developers can leverage it to produce more secure code.

Common iOS Application Vulnerabilities, Threats and Mitigations

iPhone attack vectors include web-based malware, SQL injection, session hijacking, theft of data at rest and in transit, and jailbreaking. This module helps you understand iPhone security vulnerabilities and attack vectors so that you are able to implement key mitigation techniques during development.

Secure iOS Mobile Application Best Practices

This module provides language- and tool-specific instructions on how to integrate Apple security services into your own secure coding best practices to protect against critical vulnerabilities. It includes multiple hands-on labs that demonstrate defensive coding techniques to harden your iPhone applications. Topics covered:

  • Deploying iOS and Xcode security features
  • Build hardening
  • Enabling Automatic Reference Counting (ARC)
  • Enabling Position Independent Executable (PIE)
  • Enabling Stack Protector
  • Hands-on Lab: Creating Unit Tests