I’m hiring an engineering manager for the Secure Enclave OS to lead a strong team that sets a higher bar each year for software/hardware security. If you want to help evolve a key security component trusted by a billion users, please reach out! jobs.apple.com/en-us/details/…

The Security Research Device Program (SRDP) is currently taking applications for its second cohort. This is the last week to apply for an  Apple Security Research Device 🔐📲— apply today!: developer.apple.com/programs/secur…

Passionate about fuzzing? Want to help securing devices by the billion? We’re looking for a security engineer to join our Fuzzing team in Security Engineering & Architecture at Apple. DMs are open. :) jobs.apple.com/en-us/details/…

The steps Apple is taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those who seek to make the world a better place. apple.com/newsroom/2021/…

Never seen anything like this. Apple sues Israeli spy firm NSO Group for hacking Apple devices. "seeks to ban NSO...from further harming individuals by using Apple’s products....also seeks redress for...flagrant violations of US federal and state law" apple.com/newsroom/2021/…

The Security Tools team at Apple is seeking engineers to work on improve security of programming languages, details below ⬇️ jobs.apple.com/en-us/details/…

While the vast majority of users will never be the victims of highly targeted cyberattacks, Apple will work tirelessly to protect the small number of users who are. I’m deeply proud of our next steps, including a groundbreaking feature: Lockdown Mode. apple.com/newsroom/2022/…

LIVE: Apple Security Research, our new blog and website at security.apple.com! We launch with an update on Apple Security Bounty (security.apple.com/blog/apple-sec…), and a deep dive into some fundamental XNU memory safety improvements with kalloc_type (security.apple.com/blog/towards-t…). Enjoy!

I have been beta testing the new ASB submission portal for over a year. Apple did an awesome job with this! You can: ✅see the status of your report ✅typically get more frequent updates ✅see the CVE, bounty, advisory for each case ✅export all to CSV security.apple.com/bounty/

🔺New on the Apple Security Research blog: we pit our hardened kalloc_type XNU allocator against SockPuppet, a powerful vulnerability from the past: security.apple.com/blog/what-if-w…

🔺New on the Apple Security Research blog: a brief technical overview of iMessage Contact Key Verification! security.apple.com/blog/imessage-…

If you are interested in uArch Security, we just opened an internship position at Apple! The position is focused on offensive research, and you will be contributing to the security of some of our most advanced CPUs in one of the coolest teams. Apply at: jobs.apple.com/en-us/details/…

🔺My new op-ed in Lawfare: Personal Data in the Cloud is Under Siege. End-to-end Encryption Is Our Most Powerful Defense. lawfaremedia.org/article/person…

With iOS 17.2 and macOS 14.2 now released, Contact Key Verification 🔐 is available for everybody to enable. Very proud of the work the team has done to ship this groundbreaking feature and advance the state of iMessage security! security.apple.com/blog/imessage-…

🔺New on the Apple Security Research blog: introducing PQ3, a groundbreaking post-quantum cryptographic protocol for iMessage. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world. security.apple.com/blog/imessage-…

🔺Now live: the May 2024 update to the Apple Platform Security Guide! support.apple.com/guide/security…

Are you excited to use the power of safe modern programming languages like Swift to make software more secure? My SPEAR team at Apple is hiring a Swift Software Engineer to do exactly that! jobs.apple.com/en-us/details/…

🔺New on the Apple Security Research blog: introducing Private Cloud Compute! We believe this is the most advanced security architecture ever deployed for cloud AI compute at scale. security.apple.com/blog/private-c…

🔺New on Apple Security Research blog: a deeply comprehensive Private Cloud Compute security guide, and an unprecedented Virtual Research Environment allowing you to run production PCC software right on your Mac with Apple silicon. And up to a $1M bounty! security.apple.com/blog/pcc-secur…