Apple has unveiled a new security hub (opens in new tab) and an upgraded bounty hunting program as it looks to improve the way it discovers, and remedies, different flaws and vulnerabilities in its ecosystem.
“Our groundbreaking security technologies protect the users of over 1.8 billion active devices around the world. Hear about the latest advances in Apple security from our engineering teams, send us your own research, and work directly with us to be recognized and rewarded for helping keep our users safe,” the new website reads.
The company’s bounty system has been upgraded, Apple said, claiming it improved its response time, and simplified issue reporting and communication.
“First, we’re responding much more quickly. At times we received many more submissions than we anticipated, so we’ve grown our team and worked hard to be able to complete an initial evaluation of nearly every report we receive within two weeks, and most within six days,” the company explained (opens in new tab).
“Our Apple Security Research site includes a new way to send us research on the web and get real-time status updates. Just sign in with your Apple ID and follow the prompts to send us a detailed report. You can then track the progress of your report and communicate securely with Apple engineers as we investigate.”
The program will also be more transparent, Apple claims. The site includes detailed Apple Security Bounty information, as well as evaluation criteria. Bounty categories include ranges and examples, helping bounty hunters determine where they want to focus their research, and determine what kind of reward they can expect. “We’ve provided ranges for submissions that impact Apple services and infrastructure, as well as our products,” it explains.
More details on the bounty hunting program, the Security Research Device applications, which are now open, and additional knowledge blogs, can be found on this link (opens in new tab).
Via: 9to5Mac (opens in new tab)