Expert Commentary: Apple iOS Security Research Device Program

Apple will start loaning special research iPhones with unprecedented access to skilled and vetted researchers, enabling them to find and report security vulnerabilities in which Apple can address through its iOS Security Research Device program.

Experts Comments

July 23, 2020
Casey Ellis
CTO and Founder
Bugcrowd
The iOS Security Research Device program is a step in the right direction for Apple, as they are a high-priority target for nation-state-backed attackers. By looping in more researchers to perform a greater volume of testing, Apple should achieve better security as a result. To proactively identify and close vulnerabilities in their products before they can be exploited by bad actors, both before and after products are brought to market, organizations should take a page out of Apple’s.....Read More
The iOS Security Research Device program is a step in the right direction for Apple, as they are a high-priority target for nation-state-backed attackers. By looping in more researchers to perform a greater volume of testing, Apple should achieve better security as a result. To proactively identify and close vulnerabilities in their products before they can be exploited by bad actors, both before and after products are brought to market, organizations should take a page out of Apple’s playbook and work with outside researchers. Speed is the natural enemy of security in software development, and no organization is safe, even companies with in-house security teams. The news is dampened by their legal battle with Corellium over copyright infringement, since Corellium developed and sold software that allows researchers to hunt for potential iPhone vulnerabilities, but is ultimately a good and exciting move by Apple.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts