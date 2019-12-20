Now live!



🔺The new Apple Security Bounty! https://t.co/T4A2vTGSnM



🔺The new Apple Platform Security guide, featuring Mac for the first time!https://t.co/76qglenmif



(PDF version: https://t.co/8F4kb8izgD)



🔺My Black Hat 2019 talk: https://t.co/bqs6A3VAQ8



Happy holidays! 🎄 — Ivan Krstić (@radian) December 20, 2019

The company has also published an information page detailing the program's scope, rules and rewards -- as you can see, vulnerabilities that could lead to network attacks without user interaction have the highest possible payouts, ranging from $250,000 to $1 million. In order to be eligible for a reward, the issue must be found in the latest publicly available versions of the company's software and, if relevant, the latest hardware.

Researchers who find issues in developer and public betas could also get a 50 percent bonus, probably because discovering them will allow the company to conjure up a fix before they land on most users' devices. As ZDNet notes, though, Apple has pretty stringent requirements to be able to claim rewards, including the submission of functional exploits for the issues being reported.