IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell”
IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell”
Publish Date: 2026-05-28 08:41:45
Source Domain: www.securityweek.com
IBM and Red Hat Announce Project Lightwell
IBM and its subsidiary Red Hat have launched Project Lightwell, a bold initiative that will require a $5 billion investment and place over 20,000 engineers to bolster corporate digital infrastructure security. This project focuses on addressing the escalating operational risks linked to enterprise-level reliance on open-source software by employing advanced AI techniques to secure and manage vulnerabilities across open-source code. This involves the creation of an “enterprise clearinghouse” that uses AI to manage vulnerability identification, triage, and validation processes, facilitating robust patch development for real-time implementation.
The collaboration between IBM, Red Hat, and leading banking institutions like JPMorgan Chase, Citi, Goldman Sachs, and others signifies the initiative’s comprehensive scale and industry-wide impact. The project, which extends IBM’s existing open source ecosystem covering platforms like Linux and Kubernetes, aims to deliver secure, validated patches and robust lifecycle management features via commercial software subscriptions.
Key Points:
- Project Lightwell is a $5 billion joint initiative by IBM and Red Hat to secure open-source software used in corporate digital infrastructure.
- The initiative focuses on creating an AI-driven “enterprise clearinghouse” for scaling software security across open source supplies.
- It involves active maintenance and AI-assisted vulnerability reviewing, offering secure patches and release engineering.
- The program extends to major enterprise platforms such as Linux and Kubernetes, and aims to build trust in digital systems.
- Initial participants include major financial firms like Bank of America, Citi, Goldman Sachs, and others.
