Notebookcheck

Apple Security Bounty revamped: now invitation-free, with bigger rewards

The revamped bounty is open to all, with bigger rewards (Image source: Panda Security)
The revamped bounty is open to all, with bigger rewards (Image source: Panda Security)
Apple recently revamped its Apple Security Bounty program. The new Bounty program is open to all researchers and substantially ups the reward ceiling. Is this enough to help Apple find critical iOS and macOS vulnerabilities in time?

Apple recently introduced substantial changes to its bug bounty program. Under the new terms, the Apple Security Bounty encourages all researchers-not just an invited few-to find and report bugs and vulnerabilities on Apple systems. The bug bounty applies to the entire range of Apple platforms.

While Apple has had a bug bounty program since 2016, participation was on an invite-only basis. Moreover, rewards were relatively low. The bounty has now been increased to a maximum of $1 million. A conditional 50% bonus applies, too, if vulnerabilities are reported during betas (so that they can be fixed before a public release).

As a corporate social responsibility gesture, Apple also says that if the discoverer of a bug decides to donate the money to a qualifying charity, they will match the amount.

All in all, the revised bounty terms are a step forward. They allow a wider range of researchers to approach Apple with potential vulnerabilities. Also, the rewards are now in line with the rates that Google and Microsoft offer.

Enhancing the bug bounty program is a smart move right now as new security vulnerabilities, such as checkm8, pose a significant risk to Apple owners. A wider range of researchers, including those involved with the jailbreak community, could provide Apple with much-needed security insights.

Source(s)

Read all 1 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2019 12 > Apple Security Bounty revamped: now invitation-free, with bigger rewards
Arjun Krishna Lal, 2019-12-21 (Update: 2019-12-21)
Arjun Krishna Lal
Arjun Krishna Lal - News Editor
I've had a passion for PC gaming since 1996, when I watched my dad score frags in Quake as a 1 year-old. I've gone on to become a Penguin-published author and tech journalist. When I'm not traveling the world, gathering stories for my next book, you can find me tinkering with my PC.