Ładowanie...
Szczegóły ebooka
Zaloguj się, jeśli jesteś zainteresowany treścią pozycji.
iOS Security Through Defensive Techniques. A practical guide to building resilient, tamper-proof, and secure iOS applications
Deya Elkhawaldeh, Dave Poirier
Ładowanie...
EBOOK
Ładowanie...
If you build iOS apps, you also manage risk, from insecure data storage to reverse engineering and runtime tampering. This book treats security as part of the development workflow, not an afterthought, and focuses on practical techniques you can apply without needing deep cryptography or penetration testing expertise.
You will start by defining what needs protection: sensitive data, how it is categorized, how long it should be retained, and how privacy expectations and legal requirements shape design decisions. From there, you will study common attack techniques such as network interception, injection, configuration mistakes, URL scheme abuse, code tampering, repackaging, and runtime manipulation.
The book then moves into defenses: platform and language safety, code signing and entitlements, secure error and execution handling, data validation, transport security with TLS pinning, and runtime protections against debuggers and emulation. On the data side, you will use Keychain, file protection classes, and Secure Enclave features to protect secrets and keys, and you will evaluate clipboard and backup related risks. Finally, you will build a repeatable security program across the app lifecycle, from static and dynamic analysis to incident response planning and bug bounty triage, so you can ship trustworthy iOS apps at scale.
You will start by defining what needs protection: sensitive data, how it is categorized, how long it should be retained, and how privacy expectations and legal requirements shape design decisions. From there, you will study common attack techniques such as network interception, injection, configuration mistakes, URL scheme abuse, code tampering, repackaging, and runtime manipulation.
The book then moves into defenses: platform and language safety, code signing and entitlements, secure error and execution handling, data validation, transport security with TLS pinning, and runtime protections against debuggers and emulation. On the data side, you will use Keychain, file protection classes, and Secure Enclave features to protect secrets and keys, and you will evaluate clipboard and backup related risks. Finally, you will build a repeatable security program across the app lifecycle, from static and dynamic analysis to incident response planning and bug bounty triage, so you can ship trustworthy iOS apps at scale.
- 1. The Importance of Secure Applications
- 2. Understanding Sensitive Data
- 3. Compliance and Legal Landscape
- 4. Common Attack Techniques
- 5. Platform and Language Safety
- 6. Error and Execution Handling
- 7. Secure Coding Practices
- 8. Data Protection Techniques
- 9. Security Assurance and Response
- 10. System Integrity and Boot Security
- 11. Runtime Defences and Debug Protection
- 12. Secure Storage and Data Handling
- Tytuł:iOS Security Through Defensive Techniques. A practical guide to building resilient, tamper-proof, and secure iOS applications
- Autor:Deya Elkhawaldeh, Dave Poirier
- Tytuł oryginału:iOS Security Through Defensive Techniques. A practical guide to building resilient, tamper-proof, and secure iOS applications
- ISBN:9781806383160, 9781806383160
- Data wydania:2026-04-27
- Format:Ebook
- Identyfikator pozycji: e_4vli
- Wydawca: Packt Publishing
Ładowanie...
Ładowanie...