Apple Publishes New Apple Platform Security Guide

Coinciding with the launch of its public bug bounty program, Apple today published its new Apple Platform Security guide, offering users details about the security technology and features that are implemented within Apple platforms – including sections on Mac for the first time.

apple platform security site
The documentation has been updated to reflect changes in iOS 13.3, iPadOS 13.3, macOS 10.15.2, tvOS 13.3, and watchOS 6.1.1. The Apple Platform Security site also covers hardware and services, providing comprehensive information in a readable format on the following topics:

  • Hardware Security and Biometrics: The hardware that forms the foundation for security on Apple devices, including the Secure Enclave, a dedicated AES crypto engine, Touch ID, and Face ID.
  • System Security: The integrated hardware and software functions that provide for the safe boot, update, and ongoing operation of Apple operating systems.
  • Encryption and Data Protection: The architecture and design that protects user data if the device is lost or stolen, or if an unauthorized person attempts to use or modify it.
  • App Security: The software and services that provide a safe app ecosystem and enable apps to run securely and without compromising platform integrity.
  • Services Security: Apple’s services for identification, password management, payments, communications, and finding lost devices.
  • Network Security: Industry-standard networking protocols that provide secure authentication and encryption of data in transmission.
  • Developer Kits: Frameworks for secure and private management of home and health, as well as extension of Apple device and service capabilities to third-party apps.
  • Secure Device Management: Methods that allow management of Apple devices, prevent unauthorized use, and enable remote wipe if a device is lost or stolen.
  • Security Certifications and Programs: Information on ISO certifications, Cryptographic validation, Common Criteria Certification, and the Commercial Solutions for Classified (CSfC) Program.

The site can be browsed from the Table of Contents at the top of the page, or a PDF of the documentation can be downloaded here.

Alongside its Platform Security site, Apple maintains a separate site covering the company's approach to privacy, privacy controls on Apple devices, and the Apple privacy policy.

If users believe they have discovered a security or privacy vulnerability that affects Apple devices, software, services, or web servers, Apple encourages them to report it by sending an email to product-security@apple.com along with any relevant videos, crash logs, and system diagnosis reports. More information on reporting a security or privacy vulnerability can be found here.

Top Rated Comments

bobob Avatar
52 months ago
Android/Windows users: Denial ain't just river in Eygpt.
Score: 4 Votes (Like | Disagree)
Puppuccino Avatar
52 months ago
It's great that it exists, but clear communications from Apple regarding bugs need to be established. I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.

Apple is great at marketing but their 'PR' is non-existent.

They need to talk more.
Score: 2 Votes (Like | Disagree)
Puppuccino Avatar
52 months ago

[...]

Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
DR then ?
Score: 2 Votes (Like | Disagree)
sdf Avatar
52 months ago

I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.
I totally agree with this. I've reported two vulnerabilities to them in the past. Both times they credited me, but neither time did they acknowledge receipt of the bug, the vulnerability, that they had figured it out, or that they were going to fix it until just before the public release of the fix when they asked me how I wanted to be credited.

That was several weeks (months in one case) of stress worrying if I'd really got it in front of them in a way that they understood it.


Apple is great at marketing but their 'PR' is non-existent.
Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
Score: 1 Votes (Like | Disagree)
madmin Avatar
52 months ago
This is very welcome, but unfortunately is an exception to the usual lack of decent, up to date documentation coming from Apple in recent years.
Score: 1 Votes (Like | Disagree)
Lalatoon Avatar
52 months ago
Good that they now include macOS.


Android/Windows users: Denial ain't just river in Eygpt.
Without even blinking you want this topic to be Android/Windows vs iOS/macOS. I pity you.
Score: 1 Votes (Like | Disagree)

Popular Stories

iOS 16 4 Web Push

Apple Confirms Governments Using Push Notifications to Surveil Users

Wednesday December 6, 2023 5:06 am PST by
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US senator warned on Wednesday (via Reuters). In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications...
best buy snowflakes

Best Buy's New Weekend Sale Has Record Low Prices on MacBook Pro and MacBook Air

Friday December 8, 2023 7:37 am PST by
Best Buy's month-long holiday sale continues this weekend with multiple all-time low prices on Apple's line of MacBook Pro and MacBook Air computers. In addition to Apple notebooks, Best Buy's event has discounts sitewide on home appliances, TVs, video games, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive...
iOS 17

iOS 17.2 Will Add These 12 New Features to Your iPhone

Friday December 1, 2023 12:19 pm PST by
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
beeper mini

Apple Puts a Stop to Beeper Mini's iMessage for Android Feature

Friday December 8, 2023 2:24 pm PST by
Apple appears to have closed the loophole that Beeper Mini used to bring iMessage to Android, putting a stop to blue bubbles from Android devices. Beeper Mini quit working earlier today, with users receiving "failed to lookup on server: lookup request timed out" error messages. Beeper said on Twitter that it is investigating the issue, but Beeper CEO Eric Migicovsky told TechCrunch that "all ...
apple watch black friday

Apple Watch Ultra 2 Hits New Record Low Price of $699, Alongside Series 9 and SE Sales

Friday December 8, 2023 8:55 am PST by
Amazon has a few big discounts on Apple Watch today, headlined by a new all-time low price on the Apple Watch Ultra 2. Many of these watches can be delivered by Christmas, with delivery dates around the middle of next week for most models. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site ...
maxresdefault

Review: Two Months With the iPhone 15 Pro Max

Thursday December 7, 2023 12:04 pm PST by
Apple's iPhone 15 lineup came out in September, and while most reviews are done shortly after a new device launches, we like to follow up with a longer term review that gives us an opportunity to provide a deeper dive into what it's like using these phones on a day to day basis for months. Subscribe to the MacRumors YouTube channel for more videos. MacRumors videographer Dan Barbera has been...
iphone se 4 modified flag edges

iPhone SE 4 May Reuse Existing iPhone 14 Battery

Wednesday December 6, 2023 1:17 pm PST by
Recently, MacRumors has received details on the battery currently being tested on the upcoming fourth-generation iPhone SE, and the information corroborates previous findings in relation to the device. The iPhone SE 4, known by its device identifier D59, is expected to use the exact same battery found in the base model iPhone 14. Partially assembled prototypes of the next iPhone SE have been ...
iOS 17

35 Things Your iPhone Can Do in iOS 17.2 Coming Next Week

Wednesday December 6, 2023 5:57 am PST by
Apple made the first beta of iOS 17.2 available to developers in October. Since then we've seen three more betas, and with each iteration Apple continues to add more new features and changes, many of which users have been anticipating for quite a while. Below, we've listed 35 new things that are coming to your iPhone when the finalized version is publicly released in mid-December. 1....