A week after Apple finally announced its first bug bounty program, promising to hand over up to $200,000 to hackers who find and alert Apple about security flaws, a private exploit trading firm is offering security researchers a better deal for their vulnerability intel on the tech giant: up to $500,000.
The Verge reports that Exodus Intelligence unveiled a new program for collecting vulnerabilities in tech company products, including the operating systems for Apple, Google, and others.
Exodus is specifically looking for vulnerabilities targeting iOS 9.3 and up, and promising to pay up to $500,000 for that intel.
While it’s not uncommon for private firms to pay so-called bug bounties for information about company’s security, Exodus’ program is noteworthy because it comes on the heels of Apple’s first ever program and offers more than double what the tech company does for information.
Last week, Apple announced it would provide specifically invited researchers up to $200,000 when the program officially launches in September.
Once companies like Exodus collect the vulnerability reports, it adds the information to a database that customers, like Apple or Microsoft, can pay a subscription to access.
The company also sells the information to security firms and antivirus vendors looking to defends users, The Verge reports, as well as to clients who want to find their way into protected systems, like government agencies.
After Apple offers $200,000 for iPhone hacks, a private firm offers $500,000 [The Verge]
by Ashlee Kieler via Consumerist
No comments:
Post a Comment