Apple announces invitation-only bug bounty program at Black Hat conference

An Apple security chief unexpectedly announced the company will pay for vulnerabilities found in certain aspects of iOS and iCloud. The program is invitation only, and payouts will be based on severity and category. The top fees across five areas range from $25,000 to $200,000, but could be much lower. The announcement came during a presentation by Ivan Krstić, Apple’s head of security engineering and architecture, at the Black Hat security research conference in Las Vegas.

An Apple security chief unexpectedly announced the company will pay for vulnerabilities found in certain aspects of iOS and iCloud. The program is invitation only, and payouts will be based on severity and category. The top fees across five areas range from $25,000 to $200,000, but could be much lower. The announcement came during a presentation by Ivan Krstić, Apple’s head of security engineering and architecture, at the Black Hat security research conference in Las Vegas.


  • Megosztom