VOOZH about

URL: https://www.coursera.org/learn/secure-coding-input-validation-ios

⇱ Introduction to Secure Coding and Input Validation in iOS | Coursera

Introduction to Secure Coding and Input Validation in iOS

Keep adding new skills with 10,000+ programs for $239 (usually $399). Save now.

Introduction to Secure Coding and Input Validation in iOS

Included with

β€’

Learn more

Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

8 hours to complete
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

8 hours to complete
Flexible schedule
Learn at your own pace

Build your subject-matter expertise

This course is part of the Writing Secure Code in iOS Specialization
When you enroll in this course, you'll also be enrolled in this Specialization.
  • Learn new concepts from industry experts
  • Gain a foundational understanding of a subject or tool
  • Develop job-relevant skills with hands-on projects
  • Earn a shareable career certificate

There are 2 modules in this course

Before you begin to write code, you need to understand why security is so essential in today's modern mobile app. In this course, you will learn about the most common security mistakes developers make when creating apps. You will learn which mobile app vulnerabilities are considered the most dangerous, and what can be done to defend against those dangers. You will explore iOS security architecture, and learn what controls Apple implements at the hardware and software level to protect its platforms. You will also be introduced to Swift, Apple's programming language. You will be introduced to the security features Swift brings to iOS development. You will then wind up this course with an overview of iOS development security best practices.

After developing an understanding of the need for mobile app security, you should learn how to implement the most fundamental security mechanism of all: input validation. Lack of input validation is the single most commonly cited mistake that mobile app developers make. Corrupt or manipulated input lies at the root of most malicious hacking exploits. As a mobile app developer, you need to know how to defend your app and the user's data from attack. In this course you will learn which characters can be misinterpreted as commands, and how to render those characters harmless. You will practice using a number of input sanitization and techniques including regular expressions and Swift functions. You'll defend against SQL injection, understand the larger scope of cross-site scripting and cross-site request forgeries, and validate the identity of a website API whose content your app consumes. You will also learn how to defend against unexpected attack vectors such as QR codes and deserialized JSON objects.

In this module, you'll dive into the essentials of secure coding. We'll explore why secure coding is crucial, provide an overview of iOS security, and engage with activities related to the OWASP Top 10 Mobile Vulnerabilities. This foundation will set the stage for more advanced topics.

What's included

10 videos2 readings1 assignment

10 videosβ€’Total 98 minutes
  • Introduction to secure codingβ€’2 minutes
  • The need for secure codingβ€’11 minutes
  • OWASP Top 10 mobile vulnerabilities, part 1β€’10 minutes
  • OWASP Top 10 mobile vulnerabilities, part 2β€’15 minutes
  • OWASP Top 10 mobile vulnerabilities, part 3β€’15 minutes
  • iOS security overview, part 1β€’14 minutes
  • iOS security overview, part 2β€’7 minutes
  • ios Swift secure app development, part 1β€’14 minutes
  • ios Swift secure app development, part 2β€’8 minutes
  • iOS development best practicesβ€’2 minutes
2 readingsβ€’Total 20 minutes
  • Lab guideβ€’10 minutes
  • Lab filesβ€’10 minutes
1 assignmentβ€’Total 30 minutes
  • Intro to secure coding in iOS quizβ€’30 minutes

This module is all about mastering input validation techniques. You'll learn to identify and mitigate input risks, understand format string attacks, and implement input sanitization to protect against various injection attacks. These skills are vital for ensuring the security of your iOS applications.

What's included

35 videos1 assignment

35 videosβ€’Total 326 minutes
  • Understanding input risksβ€’14 minutes
  • AutoCorrect and AutoFillβ€’11 minutes
  • Disabling AutoCorrectionβ€’11 minutes
  • Special characters, part 1β€’14 minutes
  • Special characters, part 2β€’7 minutes
  • Format string attack, part 1β€’8 minutes
  • Format string attack, part 2β€’9 minutes
  • Format string attack, part 3β€’7 minutes
  • Playing with format stringsβ€’10 minutes
  • Input sanitizationβ€’13 minutes
  • Input sanitization techniques, regular expressions β€’8 minutes
  • Input sanitization techniques, regular expressions, part 2β€’7 minutes
  • Activity: Regular expressions, part 1β€’8 minutes
  • Activity: Regular expressions, part 2β€’7 minutes
  • Activity: Regular expressions, part 3β€’8 minutes
  • Activity: Sanitizing inputβ€’14 minutes
  • Activity: Sanitizing input, part 2β€’14 minutes
  • Property wrappersβ€’9 minutes
  • Activity: Trimming whitespace and newlines with a property wrapperβ€’7 minutes
  • Activity: Value clamping with a property wrapperβ€’7 minutes
  • Activity: Sanitizing input with a property wrapperβ€’7 minutes
  • Null bytesβ€’7 minutes
  • Cross-site attacksβ€’12 minutes
  • Activity: Exploring XSS attacksβ€’10 minutes
  • Code injectionβ€’15 minutes
  • Activity: Filtering a malicious QR code, part 1β€’12 minutes
  • Activity: Filtering a malicious QR code, part 2β€’6 minutes
  • SQL injection, part 1β€’11 minutes
  • SQL injection, part 2β€’4 minutes
  • Object deserializationβ€’7 minutes
  • Activity: Installing Alamofire and SwiftyJSON Podsβ€’4 minutes
  • Activity: Securely working with JSON, part 1β€’13 minutes
  • Activity: Securely Working with JSON, part 2β€’9 minutes
  • WebView protectionβ€’5 minutes
  • Activity: Protecting users against insecure UIWebViewβ€’11 minutes
1 assignmentβ€’Total 30 minutes
  • Input validation quizβ€’30 minutes

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructor

Infosec
6 Coursesβ€’221 learners

Explore more from Software Development

Why people choose Coursera for their career

πŸ‘ Image

Felipe M.

Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
πŸ‘ Image

Jennifer J.

Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
πŸ‘ Image

Larry W.

Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
πŸ‘ Image

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Frequently asked questions

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

Financial aid available,