Weak points in iPhone and iPad apps can be avoided if the issue of security is fully taken into account during development. A two-day online workshop by Mac & i explains, using specific scenarios and code examples, how the on-board security resources of the operating system can be used correctly when writing your own app.
The event is intended for iOS developers who are still new to the topic of security, but is also aimed at experienced developers who want to refresh their knowledge in this area.
Security requirements for apps
Of the Online-Workshop Fortgeschrittene Security Best Practices uses the OWASP Mobile Application Security Verification Standard (MASVS) to convey how the important security requirements for apps can be implemented in practice. The subject area covers, among other things, encryption, the secure storage of files as well as defense-in-depth measures such as jailbreak detection and anti-debugging.
Participants in the workshop set up a modern test environment using open source software for their development iPhone under the guidance of the speaker Sven Faßbender, specialist in information security. The handling of tools from the Frida framework and the use of an HTTP interception proxy are also on the agenda, which enables the inspection of HTTP connections secured by TLS. A design and feature review with regard to security as well as a code review including the possibilities and limits of automation are part of the two-day workshop.
For iOS developers
Prerequisites for participation are knowledge of Swift and Objective-C, an existing current iOS development environment and an iPhone with the latest iOS version are required. Developer Mac and iPhone require WLAN, alternatively LAN access and shared WLAN can be used via the MacBook.
The two-day online event will take place on November 25th and 26th, 2021, from 9 a.m. to 5 p.m. The ticket costs 990 euros. Participants receive workshop documents and a certificate of attendance.
(lbe)
Article Source
Disclaimer: This article is generated from the feed and not edited by our team.