Apple is finally giving security researchers something they’ve wanted for years: a macOS bug bounty.
The technology giant said Thursday it will roll out the bug bounty program to include Macs and MacBooks, as well as Apple TV and Apple Watch, almost exactly three years after it debuted its bug bounty program for iOS.
The idea is simple: you find a vulnerability, you disclose it to Apple, they fix it — and in return you get a cash payout.
These programs are wildly popular in the tech industry as it helps to fund security researchers in exchange for serious security flaws that could otherwise be used by malicious actors, and also helps fill the void of bug finders selling their vulnerabilities to exploit brokers, and on the black market, who might abuse the flaws to conduct surveillance.
Some security researchers had flat-out refused to report security flaws to Apple in absence of a bug bounty.
At the Black Hat conference in Las Vegas, head of security engineering and architecture Ivan Krstić announced the program to run alongside its existing iOS bug bounty.