Introduction to Secure Coding and Input Validation in iOS

Before you begin to write code, you need to understand why security is so essential in today's modern mobile app. In this course, you will learn about the most common security mistakes developers make when creating apps. You will learn which mobile app vulnerabilities are considered the most dangerous, and what can be done to defend against those dangers. You will explore iOS security architecture, and learn what controls Apple implements at the hardware and software level to protect its platforms. You will also be introduced to Swift, Apple's programming language. You will be introduced to the security features Swift brings to iOS development. You will then wind up this course with an overview of iOS development security best practices. After developing an understanding of the need for mobile app security, you should learn how to implement the most fundamental security mechanism of all: input validation. Lack of input validation is the single most commonly cited mistake that mobile app developers make. Corrupt or manipulated input lies at the root of most malicious hacking exploits. As a mobile app developer, you need to know how to defend your app and the user's data from attack. In this course you will learn which characters can be misinterpreted as commands, and how to render those characters harmless. You will practice using a number of input sanitization and techniques including regular expressions and Swift functions. You'll defend against SQL injection, understand the larger scope of cross-site scripting and cross-site request forgeries, and validate the identity of a website API whose content your app consumes. You will also learn how to defend against unexpected attack vectors such as QR codes and deserialized JSON objects.