{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreib63cyxxpsugrgdqmr434sfxad552rcjmzlqvj62kaehxzehfjgvu",
    "uri": "at://did:plc:qzjwstutqk2cy7df7jbzd2hx/app.bsky.feed.post/3mp4cnfueqis2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreifm7rifl4qnpeuassjxvi4a2d2wons7cw75hgcnesqiq6zyj5w3ya"
    },
    "mimeType": "image/jpeg",
    "size": 2035259
  },
  "path": "/article/4189077/ibm-red-hat-palo-alto-team-to-secure-open-source-software.html",
  "publishedAt": "2026-06-24T19:21:01.000Z",
  "site": "https://www.networkworld.com",
  "tags": [
    "Artificial Intelligence, Intrusion Detection Software, Network Security, Security",
    "Palo Alto Networks",
    "AI",
    "Prisma security software",
    "Project Lighthouse",
    "Worldmetric",
    "Quantum-Safe Readiness",
    "quantum-computing",
    "earlier this year"
  ],
  "textContent": "IBM, its RedHat subsidiary, and Palo Alto Networks are teaming up to help enterprises identify vulnerabilities in open-source software and deploy safeguards against threats, particularly those generated by AI.\n\nThe joint effort will rely on Palo Alto’s network-based virtual patching technology, which is found in its Prisma security software, and IBM/Red Hat’s Project Lightwell, a software remediation initiative designed to help enterprises secure open-source software. Vulnerability intelligence from both vendors will also contribute to threat detection and remediation, the companies stated.\n\nAnnounced in May, Project Lighthouse is IBM and Red Hat’s $5 billion project to develop what IBM calls a “trusted enterprise clearinghouse combined with a global force of engineers to identify and fix vulnerabilities at scale.”\n\n“The clearinghouse will serve as a security coordination layer, using advanced AI capabilities to validate and test fixes across an unprecedented volume of open source code,” IBM stated in May. “These capabilities will be offered through commercial subscriptions, allowing enterprises to integrate secure patches directly into their existing software supply chains with enterprise-grade validation and lifecycle management.”\n\nOpen-source software (OSS) underpins modern enterprise infrastructure, with more than 90% of Fortune 500 companies relying on OSS, IBM stated, citing a Worldmetric study.\n\nIBM and Red Hat said they are working with a variety of early adopters on Project Lightwell, including Bank of America, BNY, Citi, Goldman Sachs, JPMorgan Chase, Mastercard, Morgan Stanley, RBC, State Street, Visa and Wells Fargo.\n\nKey elements of the Palo Alto/IBM/Red Hat initiative include:\n\n  * **Vulnerability coverage:** Protection across open-source software, commercial applications, operational technology environments, and connected devices.\n  * **Preemptive coverage:** Organizations can receive virtual patch protections before official software patches become available, helping reduce exposure while remediation is underway.\n  * **Rapid protection** : When a new vulnerability is discovered, network-level protections can be deployed the same day, with a long-term goal of reducing the time from validated discovery to protection.\n\n\n\nThe companies said they also plan to establish secure processes for sharing vulnerability information across participating software vendors, technology providers, and security teams. The idea is to accelerate protection development and provide anonymized telemetry on real-world exploitation attempts, the companies stated.\n\n“AI has compressed the window between vulnerability discovery and exploit from weeks to minutes. Traditional patching cannot keep pace,” said Nikesh Arora, CEO and chairman of Palo Alto Networks, in a statement. “By collaborating with IBM and Red Hat, we are shifting the advantage back to defenders. This powerful combination allows us to neutralize threats in the network while providing uninterrupted business continuity for our global clients.”\n\nIBM and Palo Alto have a long-running relationship of integrating security and enterprise-class networks. Recently, IBM and Palo Alto said they would combine to offer a service, Quantum-Safe Readiness, that would let enterprise customers identify cryptographic exposure, understand quantum-computing related risks, and accelerate their use of quantum-safe security technology.\n\nIn addition, the companies earlier this year said they would combine to offer a service designed to help enterprises discover, assess, and prioritize security and compliance risks for their artificial intelligence implementations in the cloud.",
  "title": "IBM, Red Hat, Palo Alto team to secure open-source software"
}