XRUN Bug Bounty Challenge

If you submit research for a security or privacy vulnerability, your report may be eligible for a reward. The XRUN Security Bounty program is designed to recognize your work in helping us protect the security and privacy of our users.

Submit your research

If you believe you’ve discovered a security or privacy vulnerability that affects Apple devices, software, or services, please report it directly to us. We review all eligible research for XRUN Security Bounty rewards. And with our online tools, submitting and tracking your reports is easier than ever.

Easily send reports on the web.

Submit a report. Reports should include a thorough technical description of the behavior you observed, the steps required to reproduce the issue, and a proof-of-concept or exploit.

View all your reports in one place.

When you sign in, you can see all your reports at a glance and track the progress of individual reports while they’re being reviewed.

Communicate with us.

XRUN engineers review and investigate every submission. You can interact directly with us, and ask or respond to questions about your research.

Get notified along the way.

If your report results in a system or software update, you’ll see information about when and how we’ll acknowledge your work. We’ll also automatically let you know if you receive a reward through the XRUN Security Bounty program.