Apple launches updated security research site and bounty program
Apple launched the Apple Security Research site on Thursday, intended to improve the way people can learn about and monitor security issues. Users can also report security issues to Apple engineers through the Apple Security Bounty program.
The first article on the site discusses XNU memory security. XNU is the Apple-developed kernel that powers, and .
The second article covers the progress made in the Apple Security Bounty program since its launch in 2016 and its opening to all researchers in 2019. Apple said it has awarded approximately $20 million in payments to security researchers, with an average payout of around $40,000. in the Product category. The company also said it gave out 20 separate awards of over $100,000 for high-impact issues.
Apple also reports that it responds more quickly to reported security issues.
“We’ve grown our team and worked hard to be able to complete an initial assessment of nearly all reports we receive within two weeks, and most within six days,” Apple wrote.
The site also displays detailed reward and category information so people have a clearer idea of what to look for and what kind of reward they might receive. Some rewards might net you $5,000 while one or two might be worth over a million dollars. If your report receives an award, Apple will notify you via email as well as in a new tracker on the site.
Until November 30, Apple is also accepting applications for the 2023 Apple Security Research Device Program. Those selected for the program will receive an iPhone that will make it easier for them to find bugs in iOS.
For more Apple news, find out how, and .