iOS is a mobile operating system distributed exclusively for Apple hardware and designed with security at its core; key security features including sandboxing, native language exploit mitigations or hardware supported encryption all offer a very effective environment for secure software development. The devil is however in the details – a programmer can still commit plenty of mistakes to make the resulting apps vulnerable. This course introduces the iOS security model and the usage of various components, but also deals with relevant vulnerabilities and attacks, focusing on the mitigation techniques and best practices for avoiding them.

Recommended for programmers developing apps who want to understand the security features of iOS as well as the typical mistakes one can commit on this platform.

Audience

iOS application developers, architects and testers

Course Objectives

Participants attending this course will:

§ Understand basic concepts of security, IT security and secure coding

§ Learn the security solutions on iPhone

§ Learn to use various security features of iOS

§ Get information about some recent vulnerabilities of iOS

§ Learn about typical coding mistakes and how to avoid them

§ Get practical knowledge in using security testing tools for iOS

§ Get sources and further readings on secure coding practices

Preparedness

Professional

Outline

§ IT security and secure coding

§ iOS security overview

§ Application security

§ Buffer overflow protection on iOS

§ Knowledge sources