Categories: Security

Apple Launches £150,000 Bug Bounty Program

In a first for the company, Apple is now offering monetary rewards for hackers who can find bugs in its security, pledging up to $200,000 (£152,000) in a bug bounty program designed to entice researchers to find flaws in Apple’s products.

Announced at the annual Black Hat security conference, Apple has traditionally steered clear of bug bounty programs, unlike a majority of its Silicon Valley compatriots like Google or Facebook.

Firmware components

The program, which launches in September, has five categories for eager ethical hackers.
Vulnerabilities found in secure boot firmware components will be rewarded with a generous $200,000, according to Mashable.

Vulnerabilities that allow for the extraction of confidential material from a supposedly ‘secure’ enclave will be worth $100,000.

If researchers can gain access to iCloud account data on Apple servers, they will be rewarded with $50,000. Access from a sandboxed process to user data outside the sandbox is worth up to $25,000.

The bug bounty program will initially only be open to a handful of researchers who have previously identified bugs in Apple software and products.

Apple had no further comment for TechWeekEurope about the bug bounty program.

Security vendor Kaspersky also announced a bug bounty program at Black in Las Vegas, claiming to be  the first ever security company to offer its own bug bounty program. The development comes after the discovery of vulnerabilities with products from a number of leading security vendors.

The bug bounty program at Kaspersky Lab will officially begin on 2 August and last for a six-months. The firm will offer a total of $50,000 (£37,428) to security researchers for disclosing flaws.

Researchers will be tasked with analysing Kaspersky Internet Security and Kaspersky Endpoint Security for vulnerabilities.

In March, Google doubled its Chrome bug bounty from $50,000 to $100,000 for persistent compromise of a Chromebook in guest mode. Since launching its bug bounty program in 2010, Google has forked out more than $6m, including more than $2m in 2015 alone.

Take our security in 2016 quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

4 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

7 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

8 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

9 hours ago