Apple on Friday announced its first-ever bug bounty programme in which cash up to $200,000 will be handed over to researchers who discover
vulnerabilities in Apple products.
Announcing this at the Black Hat cyber-security conference in Las Vegas, Apple’s Head of Security Engineering and Architecture, Ivan Krstic, said the programme will offer cash rewards for working exploits that target the latest version of iOS or the most recent generation of hardware Set for launch in September.
The invitation-only bug bounty programme will be open to researchers who have previously made valuable vulnerability disclosures to Apple.
However, Apple won’t turn away new researchers if they provide useful disclosures.Ivan Krstic, Head of Security Engineering and Architecture, Apple
The programme is limited to five bugs categories – the most valuable category is worth up to $200,000 for vulnerabilities that compromise the secure boot firmware components.
To be eligible, researchers will need to provide a proof-of-concept on the latest iOS and hardware.
Bug bounty programmes are increasingly becoming popular with tech companies. Google, Microsoft, and Facebook have bug bounty programmes in place for years.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)