Defense for your iOS App

iMAS helps developers encrypt app data, prompt for passwords, prevent app tampering, and enforce enterprise policies on iOS devices.

Download, compile in, and secure more.

Open Source on GitHub

Security at the app level.

Currently, iOS has limited app-level security controls. iMAS gives you common components to authenticate users, encrypt your app SQLite data, and use a secure keychain—all at the app level.

AppPassword demo

iOS Jailbreak

Safeguard your app runtime.

Whether you need to check for jailbreaks or debuggers, mitigate against binary patching, or secure sensitive information in memory iMAS helps your app protect itself in a hostile environment.

Enterprise-ready, Startup fast.

Mobile apps are increasingly being trusted with sensitive data, so it's important to keep them secure. iMAS has been used to secure healthcare data and has demonstrated a cost-effective way to add security controls to existing apps.

Security Components

With lots of stars and many forks, iMAS thanks GitHub developers for helping spread the word!

Encrypted Core Data

Encrypt your app's Core Data persistence store using SQLCipher.

App Password

Prevent unauthorized users with a password or scrambled keypad prompt.

Security Check

Register callbacks if the device is jailbroken or if a debugger is attached.

Secure Foundation

Secure components enabling application authentication, secure file storage, and app level file-based keychain to your app.

Passcode Check

Ensure that the device passcode is set and is sufficiently complex.

Forced Inlining

Mitigate against memory editing by forcing functions to be inlined instead of referenced.

Memory Security

Encrypt memory at run-time, encrypted memory manager, anti-tamper checksum, and scrub on exit.

Single Sign On

Simple MDM Single Sign On solution for application level logins.

Coming Soon...

  • Application Integrity Checker - ensure the binary has not been tampered
  • Encrypted Code Modules - prevent code disassembly
  • iMAS Sentry App - Simple security app that incorporates iMAS security controls

Stretch Goals ...

  • File Scrub on Delete - Removes app file after scrubing contents


OWASP AppSec USA 2014, Sept 2014, Denver Colorado, Defener Track

BlackHat USA 2014, August 2014, Las Vegas NV, Arsenal Talk