- Apple is launching an invite-only bug bounty program with prizes up to $200,000, the company announced at the Black Hat conference last week.
- The program will launch next month.
- Apple wants researchers to focus on finding exploits in the latest version of iOS or the most recent version of its hardware.
Apple was one of the last big tech companies without a bug bounty program. Organizations such as Western Union, Tesla Motors, Fiat Chrysler Automobiles and United Airlines have all conducted bug bounty programs. This year, the Pentagon conducted the first-ever federal government bug bounty program.
Apple’s program will initially be open to just two dozen as-yet-unnamed researchers, said Ivan Krstic, the company's head of security engineering and architecture, though the program may eventually become open to more people.
The new program is also limited to five distinct categories of bugs. The maximum reward of $200,000 will be reserved for vulnerabilities found in secure boot firmware components.
"We’ve had great help from researchers like you in improving iOS security all along," Krstic said. "The Apple bounty program will reward researchers who share critical vulnerabilities with Apple and we will make it a top priority to resolve those and provide public recognition."