home.aspx
 
. https://www.bankinfosecurity.com/apple-expands-bug-bounty-raises-max-reward-to-1-million-a-12904
blog article
APPLE EXPANDS BUG BOUNTY; RAISES MAX REWARD TO $1 MILLION
Apple is opening up its bug bounty program to more researchers, increasing the potential rewards and expanding the pool of qualifying products in a bid to attract tips on critical software flaws. Ivan Krstić, head of Apple's security engineering and architecture, announced the changes last week at the Black Hat security conference in Las Vegas. Due to launch next year, the program will give vetted researchers special iOS devices that allow them to hunt for hard-to-find vulnerabilities. Security industry veterans praised the move because Apple had been criticized for being somewhat aloof to outside researchers. "Dear Apple PR: @radian did a fantastic job representing your brand today," writes Alex Stamos, former chief security officer at Facebook and Yahoo, on Twitter. "Apple has a reputation of not allowing their security team interact with the community, hopefully this is a fresh start." The maximum reward has been upped to $1 million for one of the most dangerous kinds of software flaws: a kernel-level vulnerability that requires no interaction on behalf of the victim and persists. There's also a menu of increased awards for various other problems. READ MORE