Home Articles Community Products Premium Products GitHub Talsec Website

iOS

PreviousTroubleshooting NextAPI

Last updated 15 days ago

Was this helpful?

iOS

Example:

📦 Add the dependency

From GitHub, Copy into your Application folder.
Drag & drop the Talsec folder to your .xcworkspace.
Add TalsecRuntime framework to Target > Build Phases > Link Binary With Libraries.
In the General > Frameworks, Libraries, and Embedded Content choose Embed & Sign.

Note: In case you are using Carthage, the zipped version of the framework is included in the .

⚙️ Setup the Configuration for your App

To ensure freeRASP functions correctly, you need to provide the necessary configuration. All required values must be filled in for the plugin to operate properly. Use the following template to configure the plugin. Detailed descriptions of the configuration options are provided .

In the AppDelegate import TalsecRuntime and add the following code (e.g., in the didFinishLaunchingWithOptions method.:

AppDelegate.swift

let config = TalsecConfig(
    appBundleIds: ["YOUR_APP_BUNDLE_ID"], 
    appTeamId: "YOUR TEAM ID", 
    watcherMailAddress: "WATCHER EMAIL ADDRESS", 
    isProd: true
)

It does not have to be AppDelegate, it can be anywhere. However, the recommended approach is to start the SDK as soon as possible.

👷 Handle detected threats

Anywhere in your project (e.g. in AppDelegate), add the following code as an extension:

AppDelegate.swift

import TalsecRuntime

extension SecurityThreatCenter: SecurityThreatHandler {
    public func threatDetected(_ securityThreat: TalsecRuntime.SecurityThreat) {
        print("Found incident: \(securityThreat.rawValue)")
    }
}

Use the code above for handling these types of events:

TalsecRuntime

public enum SecurityThreat: String, Codable, CaseIterable, Equatable {
    /// app integrity / repackaging / tampering
    case  = "appIntegrity"
    /// jailbreak
    case  = "privilegedAccess"
    /// debugger
    case  = "debug"
    /// runtime manipulation / hooks
    case  = "hooks"
    /// disabled passcode
    case 
    /// [DEPRECATED] passcode change
    case passcodeChange
    /// simulator
    case 
    /// missing Secure Enclave
    case 
    /// device binding
    case  = "device binding"
    /// changed deviceID
    case 
    /// unofficial store or Xcode build
    case 
    /// Detected system VPN
    case 
    /// screenshot
    case 
    /// screen recording and screen mirroring
    case 
}

📱(Optionally) Add screenshot and screen capture blocking

To utilize active screen shot and screen capture (e.g. mirroring, screen recording) protection, you can use Talsec.blockScreenCapture(enable: Bool, window: UIWindow) with specific UIWindow on which it should be blocked. To receive whether the screen capture is blocked in the specific UIWindow, you can use the Talsec.isScreenCaptureBlocked(in window: UIWindow). For more details about all these screen capture methods, see Screen Capture.

🛡️ Start freeRASP

Invoke the following method right after setting up the TalsecConfig in previous steps.

AppDelegate.swift

...
let config = TalsecConfig(...)
Talsec.start(config: config)

PreviousTroubleshooting NextAPI

Last updated 15 days ago

Was this helpful?

Example:

📦 Add the dependency

From GitHub, Copy into your Application folder.
Drag & drop the Talsec folder to your .xcworkspace.
Add TalsecRuntime framework to Target > Build Phases > Link Binary With Libraries.
In the General > Frameworks, Libraries, and Embedded Content choose Embed & Sign.

Note: In case you are using Carthage, the zipped version of the framework is included in the .

⚙️ Setup the Configuration for your App

In the AppDelegate import TalsecRuntime and add the following code (e.g., in the didFinishLaunchingWithOptions method.:

AppDelegate.swift

let config = TalsecConfig(
    appBundleIds: ["YOUR_APP_BUNDLE_ID"], 
    appTeamId: "YOUR TEAM ID", 
    watcherMailAddress: "WATCHER EMAIL ADDRESS", 
    isProd: true
)

It does not have to be AppDelegate, it can be anywhere. However, the recommended approach is to start the SDK as soon as possible.

isProd is a boolean flag that determines whether the freeRASP integration is in the Dev or Release version. If you want to learn more about isProd, visit this .

👷 Handle detected threats

You can handle the detected events using handlers. For example, you can log the event, show a window to the user or kill the application. See the to learn more details about the performed checks and their importance for app security.

Anywhere in your project (e.g. in AppDelegate), add the following code as an extension:

AppDelegate.swift

import TalsecRuntime

extension SecurityThreatCenter: SecurityThreatHandler {
    public func threatDetected(_ securityThreat: TalsecRuntime.SecurityThreat) {
        print("Found incident: \(securityThreat.rawValue)")
    }
}

Use the code above for handling these types of events:

TalsecRuntime

public enum SecurityThreat: String, Codable, CaseIterable, Equatable {
    /// app integrity / repackaging / tampering
    case  = "appIntegrity"
    /// jailbreak
    case  = "privilegedAccess"
    /// debugger
    case  = "debug"
    /// runtime manipulation / hooks
    case  = "hooks"
    /// disabled passcode
    case 
    /// [DEPRECATED] passcode change
    case passcodeChange
    /// simulator
    case 
    /// missing Secure Enclave
    case 
    /// device binding
    case  = "device binding"
    /// changed deviceID
    case 
    /// unofficial store or Xcode build
    case 
    /// Detected system VPN
    case 
    /// screenshot
    case 
    /// screen recording and screen mirroring
    case 
}

📱(Optionally) Add screenshot and screen capture blocking

🛡️ Start freeRASP

Invoke the following method right after setting up the TalsecConfig in previous steps.

AppDelegate.swift

...
let config = TalsecConfig(...)
Talsec.start(config: config)

For the version you’re integrating, you can find the specific dSYMs for debugging in .