Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

Apple announced its first-ever bug bounty program, offering computer security researchers up to $200,000 for each software bug they find that makes Apple products less secure.

The bounty program will begin as invite-only on Sept. 1, including only a few dozen researchers. Apple said the program will become more open as it grows, and if a non-member approaches Apple with a significant bug, they’ll be invited into the program to work it through. The program offers payments of $50,000 to $200,000 depending on the severity of the bug discovered.

In addition, for now, the new program is also limited to five distinct categories of bugs. The most valuable category — worth up to $200,000 — is vulnerabilities that compromise the secure boot firmware components, cutting at the heart of Apple’s hardware protections.  Smaller rewards are available for the extraction of data from the Secure Enclave, extraction of arbitrary code, escaping a sandboxed process, and obtaining unauthorized access to iCloud account data.

Source

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone
  • Learn more about eGRC Strategy, Products and Services click here
  • Learn more about Threat & Vulnerability Management Platforms click here
  • Learn more about Advanced End Point Protection click here
  • Learn more about NextGen Identity & Access Management Solutions click here