Apple Publishes New Apple Platform Security Guide

Coinciding with the launch of its public bug bounty program, Apple today published its new Apple Platform Security guide, offering users details about the security technology and features that are implemented within Apple platforms – including sections on Mac for the first time.

apple platform security site
The documentation has been updated to reflect changes in iOS 13.3, iPadOS 13.3, macOS 10.15.2, tvOS 13.3, and watchOS 6.1.1. The Apple Platform Security site also covers hardware and services, providing comprehensive information in a readable format on the following topics:

  • Hardware Security and Biometrics: The hardware that forms the foundation for security on Apple devices, including the Secure Enclave, a dedicated AES crypto engine, Touch ID, and Face ID.
  • System Security: The integrated hardware and software functions that provide for the safe boot, update, and ongoing operation of Apple operating systems.
  • Encryption and Data Protection: The architecture and design that protects user data if the device is lost or stolen, or if an unauthorized person attempts to use or modify it.
  • App Security: The software and services that provide a safe app ecosystem and enable apps to run securely and without compromising platform integrity.
  • Services Security: Apple’s services for identification, password management, payments, communications, and finding lost devices.
  • Network Security: Industry-standard networking protocols that provide secure authentication and encryption of data in transmission.
  • Developer Kits: Frameworks for secure and private management of home and health, as well as extension of Apple device and service capabilities to third-party apps.
  • Secure Device Management: Methods that allow management of Apple devices, prevent unauthorized use, and enable remote wipe if a device is lost or stolen.
  • Security Certifications and Programs: Information on ISO certifications, Cryptographic validation, Common Criteria Certification, and the Commercial Solutions for Classified (CSfC) Program.

The site can be browsed from the Table of Contents at the top of the page, or a PDF of the documentation can be downloaded here.

Alongside its Platform Security site, Apple maintains a separate site covering the company's approach to privacy, privacy controls on Apple devices, and the Apple privacy policy.

If users believe they have discovered a security or privacy vulnerability that affects Apple devices, software, services, or web servers, Apple encourages them to report it by sending an email to product-security@apple.com along with any relevant videos, crash logs, and system diagnosis reports. More information on reporting a security or privacy vulnerability can be found here.

Top Rated Comments

bobob Avatar
20 months ago
Android/Windows users: Denial ain't just river in Eygpt.
Score: 4 Votes (Like | Disagree)
Puppuccino Avatar
20 months ago
It's great that it exists, but clear communications from Apple regarding bugs need to be established. I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.

Apple is great at marketing but their 'PR' is non-existent.

They need to talk more.
Score: 2 Votes (Like | Disagree)
Puppuccino Avatar
20 months ago

[...]

Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
DR then ?
Score: 2 Votes (Like | Disagree)
sdf Avatar
20 months ago

I don't expect a heartfelt letter of thanks when I submit bugs, but something more than them sitting in a list without any kind of status indication puts me off.
I totally agree with this. I've reported two vulnerabilities to them in the past. Both times they credited me, but neither time did they acknowledge receipt of the bug, the vulnerability, that they had figured it out, or that they were going to fix it until just before the public release of the fix when they asked me how I wanted to be credited.

That was several weeks (months in one case) of stress worrying if I'd really got it in front of them in a way that they understood it.


Apple is great at marketing but their 'PR' is non-existent.
Not sure what this is, but PR is definitely the wrong word for it. Maybe Developer Relations?
Score: 1 Votes (Like | Disagree)
madmin Avatar
20 months ago
This is very welcome, but unfortunately is an exception to the usual lack of decent, up to date documentation coming from Apple in recent years.
Score: 1 Votes (Like | Disagree)
Lalatoon Avatar
20 months ago
Good that they now include macOS.


Android/Windows users: Denial ain't just river in Eygpt.
Without even blinking you want this topic to be Android/Windows vs iOS/macOS. I pity you.
Score: 1 Votes (Like | Disagree)

Top Stories

macbook air orange

Apple Developing a Whole New Kind of MacBook Air

Monday June 21, 2021 2:15 am PDT by
Apple is believed to be working on a completely new, high-end version of the MacBook Air, according to recent reports. Bloomberg's Mark Gurman, who often reveals accurate insights into Apple's plans, has repeatedly discussed the company's work on a high-end MacBook Air. Apple analyst Ming-Chi Kuo and leaker Jon Prosser have also referred to a similar MacBook Air model. The high-end...
ios wifi settings

iOS Bug Causes Specific Network Name to Disable Wi-Fi on iPhones

Sunday June 20, 2021 4:15 am PDT by
A wireless network naming bug has been discovered in iOS that effectively disables an iPhone's ability to connect to Wi-Fi. Security researcher Carl Schou found that after joining a Wi-Fi network with the name "%p%s%s%s%s%n" his iPhone's Wi-Fi functionality was left "permanently disabled." Changing a hotspot's SSID did nothing to correct the problem, with even a reboot failing to make a...
purple iphone 12 and 12 mini

iPhone 12 Mini Production Reportedly Ended Earlier Than Expected Due to Relatively Low Sales

Monday June 21, 2021 7:07 am PDT by
Following widespread reports that the iPhone 12 mini has experienced poor sales performance, at least relative to other iPhone 12 models, Taiwanese research firm TrendForce today claimed that production of the device has already ended. According to TrendForce, the iPhone 12 mini "reached End-of-Life ahead of time" during the second quarter of 2021, suggesting that Apple will focus on selling ...
iOS 15 Users Underwhelmed Feature

Users Underwhelmed by iOS 15 and iPadOS 15, Survey Suggests

Monday June 21, 2021 7:17 am PDT by
Users appear to be underwhelmed by Apple's upcoming iOS 15 and iPadOS 15 updates, according to the findings of a new survey by SellCell. The survey asked 3,000 iPhone and iPad users, evenly split between men and women, aged 18 or over in the United States, what they thought of iOS 15, iPadOS 15, and the naming of the upcoming iPhone 13 lineup. Over 50 percent of all of the survey's...
Top Stories 63 Feature

Top Stories: Beats Studio Buds Announced, Apple Watch Series 7 Rumors, and More

Saturday June 19, 2021 6:00 am PDT by
The Apple news cycle started to move beyond WWDC this week, but that doesn't mean there still wasn't a lot to talk about, led by the official debut of the much-leaked Beats Studio Buds that might give us a hint of what to expect for the second-generation AirPods Pro. With no hardware announcements at WWDC, we also took a look at when we might finally see the long-rumored redesigned MacBook...
primeday2020 feature3

Amazon Prime Day: The Best Apple Deals

Monday June 21, 2021 6:15 am PDT by
Amazon's annual Prime Day event has officially kicked off today, beginning 48 hours of discounts, offers, and tons of savings across Amazon's storefront. This includes everything from home electronics to clothing, jewelry, video games, movies, and much more. Note: MacRumors is an affiliate partner with these vendors. When you click a link and make a purchase, we may receive a small payment,...
iOS Spam Calendar Feature

iCloud Users Continue to Be Plagued by Calendar Spam

Monday June 21, 2021 8:51 am PDT by
Despite previous attempts to put the situation at rest, some iCloud users continue to experience spam calendar invitations, causing their calendars to be filled with random events. The situation received widespread coverage in 2016, where Apple said that it was "actively working to address this issue" by "identifying and blocking suspicious senders." Victims are targeted in various ways. The ...
iphone 13 yellow

TrendForce: iPhone 13 Lineup Will Remain Limited to Maximum 512GB of Storage

Monday June 21, 2021 6:33 am PDT by
Apple will likely unveil its next-generation "iPhone 12s" or "iPhone 13" lineup in around two and a half months from now, and ahead of time, Taiwanese research firm TrendForce has outlined its expectations for the devices. A summary of TrendForce's expectations:Apple will unveil four new iPhones in September, including a mini model, a standard model, and two Pro models. September is the...
16 inch macbook pro m2 render

When Can We Expect the Redesigned MacBook Pros Now?

Wednesday June 16, 2021 7:11 am PDT by
With no sign of redesigned MacBook Pro models at this year's WWDC, when can customers expect the much-anticipated new models to launch? A number of reports, including investor notes from Morgan Stanley and Wedbush analysts, claimed that new MacBook Pro models would be coming during this year's WWDC. This did not happen, much to the disappointment of MacBook Pro fans, who have been...
maxresdefault

Video: 20 Annoyances Apple Fixed in iOS 15 and macOS Monterey

Friday June 18, 2021 11:36 am PDT by
With iOS 15 and macOS Monterey, Apple is adding several quality of life improvements, which are designed to address some of the complaints that people have had with these operating systems for years now. Subscribe to the MacRumors YouTube channel for more videos. In our latest YouTube video, we're highlighting some of our favorite "fix" features that address long-running problems in iOS and...