Since launching its bug bounty program nearly a decade ago, Apple has always touted notable maximum payouts—$200,000 in 2016 and $1 million in 2019. Taken together, the maximum award for what would otherwise be a potentially catastrophic exploit chain will now be $5 million. The company's bug bounty was originally an invite-only program for prominent researchers, but since opening to the public in 2020, Apple says that it has awarded more than $35 million to more than 800 security researchers. Top-dollar payouts are very rare, but Krstić says that the company has made multiple $500,000 payouts in recent years. Apple's bug bounty is just one of many long-term investments aimed at reducing the prevalence of dangerous vulnerabilities or blocking their exploitation.