Переглядів 4,793
In this session we will discuss iOS security guidelines and best practices for iOS app. We will be taking about various guidelines of security for the iOS app development to ensure that attackers are not able to sniff out sensitive information about the user
Given are the chapters in the video
0:00 introduction
0:17 sensitive and non-sensitive user data
2:00 encrypt everything is bad
2:26 mobile dev assumptions on data security
5:10 mobile dev is not responsible for
5:52 guideline 1: avoid storing sensitive data in plain text or has format
6:35 codecat15 opinion: against storing sensitive information in keychain
8:02 codecat15 recommendation to store sensitive data
9:41 guideline 2: implement face id and passcode
10:30 guideline 3: encrypting the mobile database
11:52 is core data encrypted by default
13:23 guideline 4: apis must implement OAuth flow
14:25 encrypt request body only if it contains sensitive data
14:39 guideline 5: SSL pinning
17:01 guideline 6: testing security implementation
17:37 key take away
18:06 thank you for watching
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
✅ Subscribe to the channel and stay ahead of everyone by following the right way for writing clean code in swift. 🔥🔥🔥🔥🔥
🔗Click on the link to subscribe: ukposts.info?sub...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----------------------------------------------------------------------------------------------------------------------
Documentation link mentioned in the video are as follows:
Encrypting your app's file:
developer.apple.com/documenta...
Apple on jailbroken device:
support.apple.com/en-us/HT201954
OWASP guideline on jail broken device:
owasp.org/www-project-mobile-...
Implementing face id and touch id in your app:
developer.apple.com/documenta...
Keychain dumper:
github.com/ptoomey3/Keychain-...
SSL kill switch 2:
github.com/nabla-c0d3/ssl-kil...
Core data is encrypted by default from iOS 5 onwards:
developer.apple.com/library/a...
SSL pinning code examples:
Configure server certificates: developer.apple.com/news/?id=...
Implementing ssl pinning: www.kodeco.com/1484288-preven...
Store private keys in Secure Enclave:
developer.apple.com/documenta...
############################################
Connect with me on social media
Instagram: codecat15
📧: codecat15@gmail.com
🐦: / codecat15
Facebook: / code.cat.792
Github: github.com/codecat15
###########################################
#iosSecurity #mobilesecurity #iosSecurityGuideline