Apple Launches Bug Bounty Program, Offers Up to $200,000 for Software Vulnerabilities Discovered

by

At today's Black Hat Conference, an annual event designed for the global InfoSec community, Apple's head of security engineering Ivan Krstic announced the launch of a bug bounty program that will see Apple paying money to individuals who discover major bugs and security flaws in the company's software.

Many major technology companies like Google and Microsoft offer bug bounty programs to encourage people to discover and report major vulnerabilities, but until now, Apple has declined to provide a similar program.

applebugbounty


According to TechCrunch, Apple's new bug bounty program is part of Apple's effort to open up to hackers, researchers, and cryptographers who want to help improve the company's security.

Apple will be offering bounties of up to $200,000 to researchers depending on the vulnerability that's discovered. Secure boot firmware components will earn $200,000 at the high end, while smaller vulnerabilities, like access from a sandboxed process to user data outside of the sandbox, will earn $25,000.

Although each category of vulnerability maxes out at the given rate, Apple will determine the exact reward amount based on several factors: the clarity of the vulnerability report; the novelty of the problem and the likelihood of user exposure; and the degree of user interaction necessary to exploit the vulnerability.

Apple plans to launch its new bug bounty program in September. To be eligible for a reward as part of the program, researchers will need to provide proof-of-concept on the latest versions of iOS and the company's newest hardware. Apple will also encourage researchers to donate their earnings to charity and will match all bug bounty donations.

The program will be invite only for the time being, limited to a few dozen researchers. Apple plans to make it more open as it grows, and if a non-member discovers a significant bug, they'll be invited to the program.

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
iphone 17 pro dark blue 1

iPhone 18 Pro Max Rumored to Deliver Next-Level Battery Life

Friday February 6, 2026 5:14 am PST by
The iPhone 18 Pro Max will feature a bigger battery for continued best-in-class battery life, according to a known Weibo leaker. Citing supply chain information, the Weibo user known as "Digital Chat Station" said that the iPhone 18 Pro Max will have a battery capacity of 5,100 to 5,200 mAh. Combined with the efficiency improvements of the A20 Pro chip, made with TSMC's 2nm process, the...
Read Full Article107 comments

Top Rated Comments

now i see it Avatar
now i see it
124 months ago
I discovered a bug in Apple's Mac update schedule. The Mac never seems to update. Can I collect $200,000?
Score: 27 Votes (Like | Disagree)
TheHorrorNerd Avatar
TheHorrorNerd
124 months ago
I discovered a bug in Apple's Mac update schedule. The Mac never seems to update. Can I collect $200,000?
And that's why its invite only...
Score: 18 Votes (Like | Disagree)
44267547 Avatar
44267547
124 months ago
$200,000 is a great incentive to help detect these issues. Hopefully it's successful.
Score: 16 Votes (Like | Disagree)
TheHorrorNerd Avatar
TheHorrorNerd
124 months ago
Can no longer do it in-house - going the OUTSOURCING route.
Oh come on... Most other companies "outsource" it... Its smart business.
Score: 14 Votes (Like | Disagree)
Twimfy Avatar
Twimfy
124 months ago
The incredibly buggy new OS releases shows that Apple is no longer capable of doing it in-house - going the OUTSOURCING route.
Not quite, doesn't matter how many gifted employees you have in-house you'll never catch everything. A familiar work environment breeds a familiar way of thinking, sometimes you need someone to take a look at code from a completely different perspective and it's amazing what can be spotted hiding in plain sight. Happens in all walks of life.

Increasing the number of eyes on their systems with a financial incentive is a really efficient and effective way of catching security flaws.
Score: 14 Votes (Like | Disagree)
ramsey aguilera Avatar
ramsey aguilera
124 months ago
RIP to the juicy jailbreak community
Score: 10 Votes (Like | Disagree)
Read All Comments