Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday.
One of the most attractive updates is…
Apple has enormously increased the maximum reward for its bug bounty program from $200,000 to $1 million—that’s by far the biggest bug bounty offered by any major tech company for reporting vulnerabilities in its products.
The $1 million payouts will be rewarded for a severe deadly exploit—a zero-click kernel code execution vulnerability that enables complete, persistent control of a device’s kernel. Less severe exploits will qualify for smaller payouts.
From now onwards, Apple’s bug bounty program is not just applicable for finding security vulnerabilities in the iOS mobile operating system, but also covers all of its operating systems, including macOS, watchOS, tvOS, iPadOS, and iCloud.
images from Hacker News