Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple Releases iOS Security Specs SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Releases iOS Security Specs

Apple released a nice document with details about iOS 5 security features. The document is NOT a hardening guide. Instead, it provides more insight into the iOS architecture and sandboxing feature, as well as lists of available security features.

This document should be read by anybody working on an iOS hardening guide to better judge the risks associated with iOS and various settings within iOS. One problem with standard hardening guides is that some of them may be too restrictive for your environment, and you should always customize them to your needs. The Apple documents will allow you to make more intelligent choices as to what hardening features to apply.

[1] http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf
[2] http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml

(A google search for "iOS hardening guide" will lead to a large number of relevant hardening guides you can use as a starting point for your own).

 

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Spring 2020

Johannes

3693 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!