In an effort to streamline security research on its various platforms, Apple on Thursday published a new Apple Security Research web page targeting novice and seasoned hackers and security researchers who want to work with the Cupertino-based tech company to patch bugs and vulnerabilities in its software.
Apple says that there are more than 1.8 billion active Apple devices around the globe, and obviously, keeping each of those as secure as possible is an important goal of the company.
The website invites hackers and security researchers alike to share their research with Apple and to work with the company’s engineering teams to reproduce and fix issues promptly. Those participants who assist Apple with fixing major security problems in the company’s products can be both recognized and rewarded for their efforts.
Apple’s security bounty program first launched to a limited subset of individuals in 2016, and it pays lump sums of cash for information that improves device security. The program opened to all security researchers in 2019, and since then, Apple says they’ve paid out more than $20 million in bounties with an average payout of $40,000 each. At least 20 security researchers received payouts of up to $100,000 each because their research resulted in higher impact bug fixes.
The new Apple Security Research web page explains Apple’s goal of improving the user experience for avid security researchers. Engineers will be responding more quickly thanks to a larger team, and issues will be easier to report thanks to a way to report issues and receive real-time updates in the company’s new tracker.
All these changes come as Apple attempts to be more transparent in how it deals with security-related issues. Apple sees this as an opportunity to further expand the scope of the company’s complex security mechanisms that prominent hackers and security researchers like CoolStar and Luca Todesco claim are already making it tougher to produce jailbreaks and other hacks for iPhones and other Apple devices.
With the launch of Apple’s new Security Research website, the company will also begin accepting applications for the 2023 Apple Security Research Device Program, which gives participants an iOS device exclusively for use during the course of their security research.
As Apple’s Tim Cook continues to promote coding skills in schools around the country, this move to refine the company’s security research program appears to be a push to make security research more approachable to general public as well. This is something that the company hopes will open doors to new opportunities for talented individuals around the globe.
You can check out Apple’s new Security Research web page and learn more about the Apple Security Research Device Program on the company’s website.