LogoLogo
HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website
  • 👋Introduction
  • đŸ› ī¸Integration
    • 🤖Android
      • API
      • Troubleshooting
    • 🍎iOS
      • API
      • Troubleshooting
    • đŸĻFlutter
      • FlutterFlow
      • API
      • Troubleshooting
    • âš›ī¸React Native
      • Expo
      • API
      • Troubleshooting
    • 👾Cordova
      • API
      • Troubleshooting
    • đŸĒŊCapacitor
      • API
      • Troubleshooting
  • 🚀Features and Pricing plans
    • The Key Differences: freeRASP vs. RASP+
  • 🎤What's New and Changelog
  • 📊Security Report
  • âš–ī¸User Data Policies
  • 📄License
  • 🤝Fair Usage Policy (FUP)
  • â„šī¸Wiki
    • Getting Signing Certificate Hash
    • Callback Delay, Telemetry Impact, and Threat Scanning Completion Status
    • Threat detection
      • Detecting rooted or jailbroken devices
      • Emulator detection
      • Hook detection
      • App tampering detection
      • Debugger detection
      • Detecting unofficial installation
      • Device binding detection
      • Missing obfuscation detection [Android devices only]
      • Secure Hardware detection (Keystore/Keychain secure storage check)
      • Passcode
      • System VPN detection
      • Developer Mode detection [Android devices only]
      • ADB enabled detection [Android devices only]
      • Screen Capture
    • Source code obfuscation
    • isProd flag
  • đŸĻ‰FAQ
  • 🧑‍đŸ’ģAbout Us
  • 🤝Contribution
Powered by GitBook
On this page
  • đŸ“Ļ Add the dependency
  • âš™ī¸ Setup the Configuration for your App
  • 👷 Handle detected threats
  • 📱(Optionally) Add screenshot and screen capture blocking
  • đŸ›Ąī¸ Start freeRASP

Was this helpful?

Export as PDF
  1. Integration

iOS

PreviousTroubleshootingNextAPI

Last updated 15 days ago

Was this helpful?

Example:

đŸ“Ļ Add the dependency

  1. From GitHub, Copy into your Application folder.

  2. Drag & drop the Talsec folder to your .xcworkspace.

  3. Add TalsecRuntime framework to Target > Build Phases > Link Binary With Libraries.

  4. In the General > Frameworks, Libraries, and Embedded Content choose Embed & Sign.

Note: In case you are using Carthage, the zipped version of the framework is included in the .


âš™ī¸ Setup the Configuration for your App

To ensure freeRASP functions correctly, you need to provide the necessary configuration. All required values must be filled in for the plugin to operate properly. Use the following template to configure the plugin. Detailed descriptions of the configuration options are provided .

In the AppDelegate import TalsecRuntime and add the following code (e.g., in the didFinishLaunchingWithOptions method.:

AppDelegate.swift
let config = TalsecConfig(
    appBundleIds: ["YOUR_APP_BUNDLE_ID"], 
    appTeamId: "YOUR TEAM ID", 
    watcherMailAddress: "WATCHER EMAIL ADDRESS", 
    isProd: true
)

It does not have to be AppDelegate, it can be anywhere. However, the recommended approach is to start the SDK as soon as possible.


👷 Handle detected threats

  1. Anywhere in your project (e.g. in AppDelegate), add the following code as an extension:

    AppDelegate.swift
    import TalsecRuntime
    
    extension SecurityThreatCenter: SecurityThreatHandler {
        public func threatDetected(_ securityThreat: TalsecRuntime.SecurityThreat) {
            print("Found incident: \(securityThreat.rawValue)")
        }
    }

  2. Use the code above for handling these types of events:

    TalsecRuntime
    public enum SecurityThreat: String, Codable, CaseIterable, Equatable {
        /// app integrity / repackaging / tampering
        case  = "appIntegrity"
        /// jailbreak
        case  = "privilegedAccess"
        /// debugger
        case  = "debug"
        /// runtime manipulation / hooks
        case  = "hooks"
        /// disabled passcode
        case 
        /// [DEPRECATED] passcode change
        case passcodeChange
        /// simulator
        case 
        /// missing Secure Enclave
        case 
        /// device binding
        case  = "device binding"
        /// changed deviceID
        case 
        /// unofficial store or Xcode build
        case 
        /// Detected system VPN
        case 
        /// screenshot
        case 
        /// screen recording and screen mirroring
        case 
    }

📱(Optionally) Add screenshot and screen capture blocking

To utilize active screen shot and screen capture (e.g. mirroring, screen recording) protection, you can use Talsec.blockScreenCapture(enable: Bool, window: UIWindow) with specific UIWindow on which it should be blocked. To receive whether the screen capture is blocked in the specific UIWindow, you can use the Talsec.isScreenCaptureBlocked(in window: UIWindow). For more details about all these screen capture methods, see Screen Capture.

đŸ›Ąī¸ Start freeRASP

Invoke the following method right after setting up the TalsecConfig in previous steps.

AppDelegate.swift
...
let config = TalsecConfig(...)
Talsec.start(config: config)

You can handle the detected events using handlers. For example, you can log the event, show a window to the user or kill the application. See the to learn more details about the performed checks and their importance for app security.

For the version you’re integrating, you can find the specific dSYMs for debugging in .

đŸ› ī¸
🍎
https://github.com/talsec/Free-RASP-iOS
Talsec folder
GitHub Releases
on the API page
Threat detection
Releases

isProd is a boolean flag that determines whether the freeRASP integration is in the Dev or Release version. If you want to learn more about isProd, visit this .

wiki section