IBM and Red Hat launch Project Lightwell security program
Commercial Activity
Summary
Hide ▲
Show ▼
IBM and Red Hat launched Project Lightwell, a cybersecurity-focused commercial initiative backed by $5 billion and designed to secure open source software across enterprise supply chains. The program matters because it will package validated patches and lifecycle features for delivery through commercial subscriptions. The rollout also uses AI and a large engineering workforce to scale vulnerability review and patch validation across widely used enterprise software.
Timeline
-
28.05.2026 15:41 1 articles · 13d ago
IBM and Red Hat launch Project Lightwell for open source supply-chain security
Initial DisclosureIBM and Red Hat announced Project Lightwell, a joint security initiative backed by a $5 billion investment and a workforce of more than 20,000 engineers to secure open source software across enterprise supply chains. The program centers on an enterprise clearinghouse that uses AI to identify, triage, prioritize, and validate vulnerabilities and fixes across open source code bases, while engineers focus on upstream maintenance, AI-assisted vulnerability reviews, secure patch development, and release engineering. Validated patches and lifecycle management features are intended for delivery to enterprises through commercial subscriptions, and initial participants include Bank of America, BNY, Citi, Goldman Sachs, JPMorganChase, Mastercard, Morgan Stanley, Royal Bank of Canada, State Street, Visa, and Wells Fargo.
Show sources
- IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell” — www.securityweek.com — 28.05.2026 15:41