Developer.com content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
At the Black Hat security conference, Apple announced that it is launching a bug bounty program. However, only invited security researchers will be able to participate.
Relative to other bug bounty programs, the payouts could be quite high—up to $200,000. By comparison, Google’s top payout is $20,000 and Microsoft’s is $100,000. Here’s what Apple will pay for various categories of exploits:
- Secure boot firmware components ($200,000 cap)
- Extraction of confidential material protected by the Secure Enclave Processor ($100,000 cap)
- Execution of arbitrary code with kernel privileges ($50,000 cap)
- Unauthorized access to iCloud account data on Apple servers ($50,000 cap)
- Access from a sandboxed process to user data outside of that sandbox ($25,000 cap)
