Find a Flaw, Get $200,000 from Apple
Apple’s bug bounty program is offering hackers a reward of up to $200,000 for finding security loopholes and flaws in their products. The reward sum will depend on the severity of the loophole detected by the hacker, CNBC reports.
Apple, on Tuesday, announced that they will be offering hackers a reward sum of up to $200,000 for finding security loopholes and flaws in their products. The company is one of many others to take such an initiative under their bug bounty program, which seeks to help the company resolve issues in their products highlighted by hackers.
The reward sum, which starts from $25,000 and goes up to $200,000, is the largest ever. For instance, Google offers a maximum reward of $25,000 while Uber offers $10,000.
Finding the flaws, however, is something not everyone can do. This is not because of the required skills but that the reward program is invite-only. Select hackers will be invited to take part in this program. The hackers will be those who have previously notified Apple about issues in their products. The hackers will also have to provide a proof-of-concept as a basis for their reward request.
This announcement was made by Apple’s head of security engineering and architecture Ivan Krstic at the recent Black Hat conference in Las Vegas, Nevada. Krstic also talked about the security details of Apple products like iCloud Keychain, AutoUnlock, and HomeKit.
Bug bounty programs have proved to be effective more than once in the past. This is because they provide companies and security researchers with an opportunity to test their system through a different perspective. It is quite impossible for a security team to know each and every type of loophole that might affect their system, so having an expert who does not work with the company look at the system is definitely a huge plus.
It is because of this that Apple has made such a generous offer to hackers. This is especially important in today’s times, where zero-day exploits are sold on the dark web before the authorities can even catch wind of it.