Apple has formally opened its bug bounty program today to all security researchers, after announcing the move earlier this year in August at the Black Hat security conference in Las Vegas.
Until today, Apple ran an invitation-based bug bounty program for selected security researchers only and was accepting only iOS security bugs.
Starting today, the company will accept vulnerability reports for a much wider spectrum of products that also includes as iPadOS, macOS, tvOS, watchOS, and iCloud.
In addition, the company has also increased its maximum bug bounty reward from $200,000 to $1,500,000, depending on the exploit chain’s complexity and severity.
MacDailyNews Take: We’re happy to see Apple’s greatly-expanded bug bounty program is now officially open for business!
Loosen the purse strings, Apple. Extend your bug bounty program to include macOS (and all other operating systems not currently covered). — MacDailyNews, February 6, 2019
[Thanks to MacDailyNews Reader “Fred Mertz” for the heads up.]