Apple Publishes New Apple Platform Security Guide - MacRumors
Skip to Content

Apple Publishes New Apple Platform Security Guide

Coinciding with the launch of its public bug bounty program, Apple today published its new Apple Platform Security guide, offering users details about the security technology and features that are implemented within Apple platforms – including sections on Mac for the first time.

apple platform security site
The documentation has been updated to reflect changes in iOS 13.3, iPadOS 13.3, macOS 10.15.2, tvOS 13.3, and watchOS 6.1.1. The Apple Platform Security site also covers hardware and services, providing comprehensive information in a readable format on the following topics:

  • Hardware Security and Biometrics: The hardware that forms the foundation for security on Apple devices, including the Secure Enclave, a dedicated AES crypto engine, Touch ID, and Face ID.
  • System Security: The integrated hardware and software functions that provide for the safe boot, update, and ongoing operation of Apple operating systems.
  • Encryption and Data Protection: The architecture and design that protects user data if the device is lost or stolen, or if an unauthorized person attempts to use or modify it.
  • App Security: The software and services that provide a safe app ecosystem and enable apps to run securely and without compromising platform integrity.
  • Services Security: Apple’s services for identification, password management, payments, communications, and finding lost devices.
  • Network Security: Industry-standard networking protocols that provide secure authentication and encryption of data in transmission.
  • Developer Kits: Frameworks for secure and private management of home and health, as well as extension of Apple device and service capabilities to third-party apps.
  • Secure Device Management: Methods that allow management of Apple devices, prevent unauthorized use, and enable remote wipe if a device is lost or stolen.
  • Security Certifications and Programs: Information on ISO certifications, Cryptographic validation, Common Criteria Certification, and the Commercial Solutions for Classified (CSfC) Program.

The site can be browsed from the Table of Contents at the top of the page, or a PDF of the documentation can be downloaded here.

Alongside its Platform Security site, Apple maintains a separate site covering the company's approach to privacy, privacy controls on Apple devices, and the Apple privacy policy.

If users believe they have discovered a security or privacy vulnerability that affects Apple devices, software, services, or web servers, Apple encourages them to report it by sending an email to product-security@apple.com along with any relevant videos, crash logs, and system diagnosis reports. More information on reporting a security or privacy vulnerability can be found here.

Popular Stories

iPhone 11 Pro Feature Green

Apple's A12 and A13 Chips Facing New Unpatchable Exploit

Thursday June 18, 2026 9:17 am PDT by
Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 chips, along with a working proof-of-concept exploit named "usbliter8." The BootROM, or SecureROM, is the first code an iPhone runs when it powers on. Because it is baked directly into the chip at manufacture, any vulnerability found there cannot be fixed with a software ...
iphone 16e usb c feature

Apple Begins Selling a $419 iPhone

Monday July 6, 2026 6:29 am PDT by
Apple recently added the iPhone 16e to its refurbished store, with U.S. pricing starting as low as $419 for a model with 128GB of storage. Originally released in February 2025, the iPhone 16e is a lower-end device with a 6.1-inch OLED display, an A18 chip with 8GB of RAM for Apple Intelligence support, a single 48-megapixel rear camera, a 12-megapixel front camera, a USB-C port, an Action...
iphone 17 ceramic shield

iPhone 18 With 9GB RAM Still Won't Support Two New iOS 27 Features

Friday July 3, 2026 12:10 pm PDT by
The lower-end iPhone 18 and iPhone 18e will be equipped with 9GB of RAM, up from 8GB in the iPhone 17 and iPhone 17e, according to supply chain analyst Ming-Chi Kuo. In a social media post, Kuo said the 1GB increase in RAM will ensure that Apple Intelligence features continue to run smoothly on the pair of devices. The higher-end iPhone 18 Pro, iPhone 18 Pro Max, and foldable "iPhone Ultra...

Top Rated Comments

bobob Avatar
86 months ago
Android/Windows users: Denial ain't just river in Eygpt.
Score: 4 Votes (Like | Disagree)
Puppuccino Avatar
86 months ago

[...]

Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
DR then 😏
Score: 2 Votes (Like | Disagree)
Puppuccino Avatar
86 months ago
It's great that it exists, but clear communications from Apple regarding bugs need to be established. I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.

Apple is great at marketing but their 'PR' is non-existent.

They need to talk more.
Score: 2 Votes (Like | Disagree)
86 months ago
Good that they now include macOS.


Android/Windows users: Denial ain't just river in Eygpt.
Without even blinking you want this topic to be Android/Windows vs iOS/macOS. I pity you.
Score: 1 Votes (Like | Disagree)
86 months ago
Shame the T2 ship has caused so many stability and audio problems for MacBook Pro users. The chip should have been a security chip only instead of trying to do everything.
Score: 1 Votes (Like | Disagree)
86 months ago

I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.
I totally agree with this. I've reported two vulnerabilities to them in the past. Both times they credited me, but neither time did they acknowledge receipt of the bug, the vulnerability, that they had figured it out, or that they were going to fix it until just before the public release of the fix when they asked me how I wanted to be credited.

That was several weeks (months in one case) of stress worrying if I'd really got it in front of them in a way that they understood it.


Apple is great at marketing but their 'PR' is non-existent.
Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
Score: 1 Votes (Like | Disagree)