Overview

Over 7 courses, this specialization will teach you to incorporate security in iOS application development for mobile devices. Each course explores a major iOS security category. The first course will provide an introduction to secure coding and how to validate your input. The next course will discuss memory corruption and then focus on securing your data via encryption while addressing common risks and how to avoid them. The last course will cover access control and protecting software and system integrity. You will work with many examples, directly seeing the impact of missing or poor security in the code snippet. You will then apply what you have learned to improve the security of those apps. You will then test the app to ensure that the security risk has been mitigated.

Syllabus

Course 1: Introduction to Secure Coding and Input Validation in iOS
Course 2: Memory, Encryption, and Protecting Data in iOS
Course 3: iOS Access Control & Protecting Software & System Integrity

Courses

0 reviews
8 hours 23 minutes
View details

Before you begin to write code, you need to understand why security is so essential in today's modern mobile app. In this course, you will learn about the most common security mistakes developers make when creating apps. You will learn which mobile app vulnerabilities are considered the most dangerous, and what can be done to defend against those dangers. You will explore iOS security architecture, and learn what controls Apple implements at the hardware and software level to protect its platforms. You will also be introduced to Swift, Apple's programming language. You will be introduced to the security features Swift brings to iOS development. You will then wind up this course with an overview of iOS development security best practices. After developing an understanding of the need for mobile app security, you should learn how to implement the most fundamental security mechanism of all: input validation. Lack of input validation is the single most commonly cited mistake that mobile app developers make. Corrupt or manipulated input lies at the root of most malicious hacking exploits. As a mobile app developer, you need to know how to defend your app and the user's data from attack. In this course you will learn which characters can be misinterpreted as commands, and how to render those characters harmless. You will practice using a number of input sanitization and techniques including regular expressions and Swift functions. You'll defend against SQL injection, understand the larger scope of cross-site scripting and cross-site request forgeries, and validate the identity of a website API whose content your app consumes. You will also learn how to defend against unexpected attack vectors such as QR codes and deserialized JSON objects.
0 reviews
7 hours 37 minutes
View details

This course on iOS Security is designed for intermediate to advanced learners who have a background in iOS development or security. Participants will delve into the intricacies of managing iOS memory effectively, gaining a solid understanding of Swift pointers and techniques to prevent overflows. The course will also cover the implementation and verification of encryption techniques in iOS applications, including the use of keychain and data persistence strategies. Additionally, learners will identify common data risks in iOS applications and explore strategies to mitigate these risks, with a focus on file protection and network security.
0 reviews
4 hours 26 minutes
View details

This course is designed for intermediate learners with prior knowledge of iOS app development and security. Participants will explore essential techniques for implementing robust access control mechanisms, including Apple ID authentication and biometric authentication. The course will also cover role-based access control and the use of one-time passwords to enhance security. In addition to access control, learners will evaluate software and system integrity by identifying potential vulnerabilities and implementing necessary security measures. The course will address the risks associated with using external code, error handling, and logging. Participants will engage in unit, integration, and system testing to ensure application reliability and performance, as well as learn how to detect jailbroken devices.