Apple Bug Bounty Program

Apple Bug Bounty Program

Apple Bug Bounty Program- As promised by Apple in August this year, the company today finally opened its bug bounty program to all security researchers, offering monetary rewards to anyone for reporting vulnerabilities in the iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the company.

Since its launch three years ago, Apple’s bug bounty program was open only for selected security researchers based on invitation and was only rewarded for reporting vulnerabilities in the iOS mobile operating system.

However, speaking at a hacking conference in August this year, Ivan Krstić, head of Apple Security Engineering and Architecture at Apple, announced the company’s upcoming extended bug bounty program which included three main highlights:

  • an enormous increase in the maximum reward from $200,000 to $1.5 million,
  • accepting bug reports for all of its operating systems and latest hardware,
  • opening the program for all researchers.

Now starting from today, all security researchers and hackers are eligible to receive a cash payout for finding and responsibly disclosing a valid security vulnerability in the “latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration,” as was first announced by Krstić on Twitter.

Apple bug bounty program

Even after submitting a valid security bug, researchers need to follow some basic eligibility rules for receiving rewards, which includes reporting details directly to the Apple security team without revealing anything to the public until the company releases a patch and providing a clear report with a working exploit.

Read More Here

Article Credit: The Hacker News

Leave a Reply

Your email address will not be published.