Apple will start loaning special research iPhones with unprecedented access to skilled and vetted researchers, enabling them to find and report security vulnerabilities in which Apple can address through its iOS Security Research Device program.
Apple launches Security Research Device Program to help researchers find security vulnerabilities in its devices https://t.co/a7sC5u1HIB by @bzamayo
— 9to5Mac (@9to5mac) July 22, 2020
The iOS Security Research Device program is a step in the right direction for Apple, as they are a high-priority target for nation-state-backed attackers. By looping in more researchers to perform a greater volume of testing, Apple should achieve better security as a result.
To proactively identify and close vulnerabilities in their products before they can be exploited by bad actors, both before and after products are brought to market, organizations should take a page out of Apple’s playbook and work with outside researchers. Speed is the natural enemy of security in software development, and no organization is safe, even companies with in-house security teams.
The news is dampened by their legal battle with Corellium over copyright infringement, since Corellium developed and sold software that allows researchers to hunt for potential iPhone vulnerabilities, but is ultimately a good and exciting move by Apple.