iOS Application Security Fundamentals
Are your app-users tired of the cheaters? Do you build commercial apps that involve user-data? Or finance? Then this 1-day training is for you! This 1-day training teaches you how to properly secure your connection and local data. More importantly, you will learn how to check the security of your application. This unique combination of building and validating will allow you to stand out as a professional! On top of that, we will introduce you to various tools and frameworks to help you out. The training is taught in English or Dutch. During the training, you will pair up with other attendees to maximize your learning experience. After this training, you will be able to pinpoint security issues within your app, prioritize them and know how to solve them.
Audience Profile: iOS application security fundamentals training
You will benefit from the iOS application security fundamentals training if:
- You are an iOS developer
- You want to learn about iOS security
- You want to be able to assess the security posture of an app
- You want to learn about the effectiveness of the security controls of an application.
Note: if you are not an iOS developer, then you can still follow the training, but basic programming skills are required (unless you come with another programmer).
Achievements Upon Completion
- The basics of the iOS security model
- How to analyze the security posture of an application
- How to prioritize the security issues that you found
- How to mitigate storage and traffic related issues
- How to verify your implementation
- The contents of the OWASP mobile Top 10 and the Mobile Application Security Verification Standard
You’ll gain hands-on experience in:
- Decrypting an iOS application and run it on your jailbroken device
- Doing analysis of the storage of an application
- Doing analysis of the traffic between your application and the backend
- Creating a secure storage using Realm
- How to use storage mechanisms like Coredata, UserDefaults, Plists and Keychain securely
You’ll have the skills to:
- Be a more secure app-developer
- Defeat script kiddie's that want to hack your app, cheat your game or capture your users’ data
- Execute basic penetration tests on iOS applications
- Embed security into your iOS application and verify the effectiveness of your security controls.
Please note that this training requires a jailbroken device running iOS 9 or 10 and an Apple machine with at least 8 GB RAM and a Core-i5 processor.
If you do not have one, please contact firstname.lastname@example.org for details.
Xebia recommends to only jailbreak a device for educational purposes.