From GitHub, Copy Talsec
folder into your Application folder.
Drag & drop the Talsec folder to your .xcworkspace
.
Add TalsecRuntime framework to Target > Build Phases > Link Binary With Libraries.
In the General > Frameworks, Libraries, and Embedded Content choose Embed & Sign.
Note: In case you are using Carthage, the zipped version of the framework is included in the GitHub Releases.
To ensure freeRASP functions correctly, you need to provide the necessary configuration. All required values must be filled in for the plugin to operate properly. Use the following template to configure the plugin. Detailed descriptions of the configuration options are provided on the API page.
In the AppDelegate
import TalsecRuntime
and add the following code (e.g., in the didFinishLaunchingWithOptions
method.:
It does not have to be AppDelegate, it can be anywhere. However, the recommended approach is to start the SDK as soon as possible.
You can handle the detected events using handlers. For example, you can log the event, show a window to the user or kill the application. See the Threat detection to learn more details about the performed checks and their importance for app security.
Anywhere in your project (e.g. in AppDelegate), add the following code as an extension:
Use the code above for handling these types of events:
Invoke the following method right after setting up the TalsecConfig
in previous steps.
See the most frequent issues occurring during integration.
Currently, there are no commonly present issues solely for the Native iOS development platform. For more general issues or questions, visit FAQ page. You can also check out the Issues section of our GitHub repository, where you can report issues and view existing reports.
Description of the freeRASP API
TalsecConfig
Specifies configuration for your app. See the table below for detailed description of the attributes.
public class Talsec
public static func start(config: TalsecRuntime.TalsecConfig)
The method used to start freeRASP's audit.
public protocol SecurityThreatHandler
func threatDetected(_ securityThreat: TalsecRuntime.SecurityThreat)
Notifier about detected threats.
public enum SecurityThreat : String, Codable, CaseIterable, Equatable
signature
jailbreak
debugger
runtimeManipulation
passcode
simulator
missingSecureEnclave
systemVPN
deviceChange
deviceID
unofficialStore
field | type | description | sample value |
---|---|---|---|
Provides all types of threats detected by freeRASP. Read more about the meaning of the threats in the .
appBundleIds
[String]
List of Bundle IDs for the app
["com.talsec.freerasp.demoapp"]
appTeamId
String
Apple Team ID for the signing of the app
"M8AK35..."
watcherMail
String?
The value is automatically used as the target address for your security reports. Mail has a strict form 'name@domain.com'
.
"john@example.com"
isProd
Bool?
Defaults to true
when undefined. If you want to use the Dev version to make the development process easier, set the parameter to false
. Make sure that you have the Release version in the production (i.e. isProd set to true)!
true