Apple Launches New Security Research Website

by

Apple today introduced Apple Security Research, a new website that is dedicated to improving the methods available to security researchers for reporting issues to Apple. The site offers up tools for sending Apple security reports, getting real-time status updates, and communicating with Apple engineers.

apple security research
In addition to housing information on the Apple Security Bounty program, the website is a blog that will allow the Apple engineering teams to share the latest advances in Apple security. The first post delves into XNU memory safety.

Apple today also shared progress that it has made with the Apple Security Bounty program. In the last two and a half years, Apple has awarded close to $20 million in payments to researchers. Average payouts are around $40,000 in the Product category, and Apple has paid 20 separate rewards over $100,000 for high-impact issues.

Apple says that it is now responding to issues more quickly than before, and has made it easier to report issues and communicate with Apple's teams through the launch of the new website. All bug report status changes are reflected in a new tracker available on the website, which also makes it easier for Apple to collect more information on bugs.

Transparency has been improved as well, with the site offering detailed Apple Security Bounty information and evaluation criteria so researchers have a better idea of what will earn a reward.

Today through November 30, 2022, Apple is accepting applications for the 2023 Apple Security Research Device Program, which provides qualified individuals with an iPhone that is designed specifically to make finding bugs easier.

Tag: Apple Security

Top Rated Comments

BGPL Avatar
BGPL
5 weeks ago
Wonder if this means their VPN is gonna get fixed.
Score: 10 Votes (Like | Disagree)
ProfessionalFan Avatar
ProfessionalFan
5 weeks ago
I would like to think nobody can find a negative about this program. Seems good and useful.
Score: 8 Votes (Like | Disagree)
Spaceboi Scaphandre Avatar
Spaceboi Scaphandre
5 weeks ago
Bet you $5 this is to get ready for sideloading. Since the Digital Markets Act goes live next month they're gonna get forced to enable it and alternative app stores by March 2024 just like how they're now having to move the iPhone to USB-C.

They're gonna have to open up eventually so this new bounty program and the SRD is gonna be used to close as many vulnerabilities as possible before that time comes.
Score: 6 Votes (Like | Disagree)
frou Avatar
frou
5 weeks ago
Looks like it's committing the sin of many homegrown blog systems: Not having an RSS feed!
Score: 6 Votes (Like | Disagree)
ghanwani Avatar
ghanwani
5 weeks ago
The best security is when you are disconnected. AI/ML decides when there’s a security threat and drops the WiFi connection. Folks think the connectivity loss is a bug, but it's actually a feature.
Score: 5 Votes (Like | Disagree)
antiprotest Avatar
antiprotest
5 weeks ago
I like security.
Score: 5 Votes (Like | Disagree)
Read All Comments

Related Stories

ios 16 2 security response update

Apple Releases Rapid Security Response Update for iOS 16.2 Beta Users [Updated]

Wednesday November 16, 2022 1:43 pm PST by
One of the new features in iOS 16 is Rapid Security Response, which lets Apple push out important security fixes to users without requiring a full iOS update. For users running the iOS 16.2 beta, Apple today released one of those updates to deliver unspecified bug fixes affecting the software. iOS Security Response 16.2 (a) arrives via the standard Software Update mechanism in the Settings...
Read Full Article53 comments
rapid security response

Apple Releases Another Rapid Security Response Update for iOS 16.2 Beta Users

Monday November 28, 2022 10:16 am PST by
Apple today released a Rapid Security Response update that is available for those running the iOS 16.2 beta, marking the launch of the second RSR update since the feature was released in iOS 16. The Rapid Security Response Update is designed to provide iOS 16.2 beta users with bug fixes without the need to install a full update. The initial RSR release for iOS 16.2 beta users was a test with ...
Read Full Article34 comments
eufy camera

Anker's Eufy Cameras Caught Uploading Content to the Cloud Without User Consent [Updated]

Tuesday November 29, 2022 1:01 pm PST by
Anker's popular Eufy-branded security cameras appear to be sending some data to the cloud, even when cloud storage is disabled and local only storage settings are turned on. The information comes from security consultant Paul Moore, who last week published a video outlining the issue. According to Moore, he purchased a Eufy Doorbell Dual, which was meant to be a device that stored video...
Read Full Article150 comments
appleprivacyad cleaned

Apple Hit With Class Action Alleging It Tracks Users Despite Privacy Assurances

Monday November 14, 2022 4:56 am PST by
Apple is facing a proposed federal class action alleging that it records users' mobile activity without their consent and despite privacy assurances, in violation of the California Invasion of Privacy Act, reports Bloomberg. In a lawsuit filed by New York citizen and iPhone 13 owner Elliot Libman, Apple is accused of "utterly false" assurances that users are in control of what information...
Read Full Article178 comments
automatic security updates ios 16

Apple Will Let You Remove Rapid Security Response Updates in iOS 16

Monday September 12, 2022 1:50 pm PDT by
Apple in iOS 16 added a new Rapid Security Response feature that's meant to make it quicker and easier for the company to deploy security improvements to iPhone users without a full iOS update. By default, Rapid Security Responses are installed automatically, but Apple has implemented a way to remove them. In an updated support document shared today, Apple says that you can remove a Rapid...
Read Full Article22 comments
appleprivacyad cleaned

Apple Device Analytics Contain Identifying iCloud User Data, Claim Security Researchers

Monday November 21, 2022 1:22 am PST by
A new analysis has claimed that Apple's device analytics contain information that can directly link information about how a device is used, its performance, features, and more, directly to a specific user, despite Apple's claims otherwise. On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple's device analytics data includes an ID called "dsId," which stands...
Read Full Article111 comments
paypal passkey

PayPal Announces Support for Safari Passkeys Feature

Monday October 24, 2022 9:21 am PDT by
Popular payments service PayPal today announced that it is introducing support for passkeys, providing an easier and more secure login method for PayPal accounts. Apple integrated passkeys into iOS with the launch of iOS 16, and it is also available in iPadOS 16.1 and macOS Ventura, coming today. Passkeys are an industry standard developed by the FIDO Alliance and the World Wide Web...
Read Full Article43 comments
General iOS 16 Feature Yellow

Apple Says iOS 16 Update Coming Soon With Fix for Advertising-Related Issue

Monday November 7, 2022 10:21 am PST by
Apple is working on an iOS 16 update with a fix for an issue related to its advertising framework SKAdNetwork, according to the company's system status page. Apple says the issue began on November 3, but it did not provide any additional details. "There is an issue impacting SKAdNetwork for users on iOS 16.1," says Apple. "We are working to quickly resolve this issue in a software update." ...
Read Full Article63 comments

Popular Stories

applefifthavenue

Man Robbed After Buying 300 iPhones From Apple Fifth Avenue

Tuesday November 29, 2022 11:54 am PST by
An unnamed 27-year-old man who purchased 300 iPhones from Apple Fifth Avenue on Monday morning was robbed shortly after leaving the store, according to 1010Wins Radio in New York. He was carrying 300 iPhone 13s in three bags and walking to his car at 1:45 a.m. when another car pulled up next to him. Two men jumped out and demanded that he hand over the bags. Not wanting to hand over 300...
Read Full Article376 comments
iOS 16

Apple Releases iOS 16.1.2 With Carrier Improvements and Crash Detection Optimizations

Wednesday November 30, 2022 10:09 am PST by
Apple today released iOS 16.1.2, another minor bug fix update that comes one week after the release of iOS 16.1.1 and three weeks after the launch of iOS 16.1, an update that added support for iCloud Shared Photo Library, Matter, Live Activities, and more. The iOS 16.1.2 update can be downloaded on eligible iPhones over-the-air by going to Settings > General > Software Update. According...
Read Full Article130 comments
app store awards 2021

Apple Announces 2022 App Store Award Winners, Highlighting Best Apps of the Year

Tuesday November 29, 2022 3:10 am PST by
Apple today announced its 2022 App Store Award winners, highlighting the 16 best apps and games selected by Apple's global App Store editorial team. The top apps were chosen by Apple for their quality, innovative technology, creative design, positive cultural impact, and ability to deliver "exceptional experiences." Apple CEO Tim Cook said: This year's App Store Award winners reimagined...
Read Full Article43 comments
14 vs 16 inch mbp m2 pro and max feature 1

'M2 Max' Geekbench Scores Leak Online, Revealing Rumored Specs and Performance

Wednesday November 30, 2022 2:39 am PST by
Geekbench scores allegedly for the upcoming "M2 Max" chip have surfaced online, offering a closer look at the performance levels and specific details of the forthcoming Apple silicon processor. The Geekbench results, first spotted on Twitter, are for a Mac configuration of with the M2 Max chip, a 12-core CPU, and 96GB of memory. The Mac listed has an identifier "Mac14,6," which could be...
Read Full Article278 comments
eufy camera

Anker's Eufy Cameras Caught Uploading Content to the Cloud Without User Consent [Updated]

Tuesday November 29, 2022 1:01 pm PST by
Anker's popular Eufy-branded security cameras appear to be sending some data to the cloud, even when cloud storage is disabled and local only storage settings are turned on. The information comes from security consultant Paul Moore, who last week published a video outlining the issue. According to Moore, he purchased a Eufy Doorbell Dual, which was meant to be a device that stored video...
Read Full Article150 comments
Apple Park View

Elon Musk Meets With Apple CEO Tim Cook Amid Claims of Twitter App Store Dispute [Updated]

Wednesday November 30, 2022 12:43 pm PST by
Twitter CEO Elon Musk today met with Apple CEO Tim Cook at the Apple Park campus in Cupertino, California, according to a tweet shared by Musk this afternoon. Musk thanked Cook for taking him around Apple's headquarters, with no mention of what the two might have discussed. The meeting comes just after Musk on Monday claimed that Apple has "mostly stopped" offering ads on Twitter, and that...
Read Full Article360 comments
iphone 11 tesla cybertruck close up

Elon Musk Pledges to Build iPhone Rival If Apple Ousts Twitter

Tuesday November 29, 2022 2:48 am PST by
Elon Musk has pledged to offer an "alternative phone" if Apple and Google remove Twitter from their app stores, adding to long-standing rumors about an iPhone rival from Tesla. Modified iPhone 11 Pro in the style of the Tesla Cybertruck, by Caviar. Musk's remark came after being asked about the potential scenario of Twitter being removed from app stores, which could conceivably happen if the...
Read Full Article
Cyber Monday Deals Feature 2022

Best Cyber Monday Apple Deals Still Available for AirPods, Apple TV, iPad, and More

Monday November 28, 2022 5:24 am PST by
The Black Friday and Cyber Monday holiday shopping rush is drawing to a close, but there are still some good deals to be had out there. For Apple products, many of the deals you've seen since last week are still available, though some have expired. So for anyone who missed out on Black Friday deals, there's still an opportunity to get some of the year's best prices on many Apple devices. Note: ...
Read Full Article12 comments
apple music replay 2022 highlight reel cropped

Apple Music Replay 2022 Revamped With 'Highlight Reel' [Updated]

Tuesday November 29, 2022 4:02 am PST by
Apple today rolled out an updated Apple Music Replay experience for 2022, showcasing a new "highlight reel" feature. Subscribe to the MacRumors YouTube channel for more videos. The overhauled experience, which started to be noticed by Apple Music subcribers on Twitter earlier today, puts the new highlight reel feature at the forefront of the Replay webpage, which users are encouraged to...
Read Full Article81 comments
iPhone 14 Pro Rear Camera

iPhone 15 to Use 'State-of-the-Art' Image Sensor From Sony for Better Low-Light Performance

Monday November 28, 2022 11:00 am PST by
Apple's upcoming iPhone 15 models will be equipped with Sony's newest "state of the art" image sensors, according to a report from Nikkei. Compared to standard sensors, Sony's image sensor doubles the saturation signal in each pixel, allowing it to capture more light to cut down on underexposure and overexposure. Nikkei says that it is able to better photograph a person's face even with...
Read Full Article159 comments