Corellium, an iOS virtualization company, has just announced a new plan to promote independent security research. The inspiration for the first project came from Apple’s CSAM scanning project. Through the so-called open security program, Corellium will grant research funding to eligible submitters and gain access to the company’s iOS virtualization platform.
Corellium pointed out that the first phase of the open security program will focus on verifying vendor security or privacy statements. Previously Apple has encouraged third-party researchers to prove their statements in privacy and security features of its CSAM scanning system.
Corellium Says:
- Any single defect in the system may cause damage to the whole, thus violating everyone’s expectations for its privacy and security.
- We appreciate Apple’s commitment to third-party researchers and believe that our platform can provide unique support to researchers.
- In addition, Corellium’s management program does not rely on and exploit vulnerabilities at the technical level, and allows dynamic security analysis after iOS update deployment.
- Finally, Corellium hopes that more companies can use Apple as an example to promote independent verification of security and privacy statements.
In the first phase of the Corellium Open Security Program, the company will provide researchers with a reward of $5,000 (up to three submissions), supplemented by a year of free access to the iOS virtualization platform.
Even if you don’t have senior industry experience, Corellium promises to open it to any researchers who are interested in seeking specific solutions. The deadline for this round of submission is October 15, 2021.
Finally, Corellium will review the applicants according to a number of criteria, including whether the relevant proposals will help improve mobile security or privacy, the technical advantages of the research, and the possibility of actual completion of the project.