IBM and Red Hat commit $5 billion to Project Lightwell, a patching service for open-source vulnerabilities
By
Jeffrey Schwartz
Summary
IBM and Red Hat have committed $5 billion to Project Lightwell, a subscription-based patching service designed to help enterprises secure open-source software vulnerabilities without disrupting production systems. The initiative is partly driven by the rapid pace of AI-driven vulnerability discovery, specifically citing Anthropic's Claude Mythos Preview model. This represents the largest known investment targeting open-source software supply chain security, addressing the growing gap between AI's ability to find bugs and organizations' ability to patch them safely.
Source
Key quotes
· 3 pulledIt is the largest known commitment specifically targeting open-source software supply chain security — dwarfed only by Google's broader $10 billion cybersecurity pledge in 2021, which also covered zero-trust and workforce training.
IBM pointed to the initial April release of Anthropic's Claude Mythos Preview model as a driver for Lightwell
Red Hat and its parent IBM have committed an eye-popping $5 billion to Project Lightwell, a new subscription-based patching service for enterprises running business-critical systems that can't risk the disruption of updating open-source software in production.
You might also wanna read
IBM, Red Hat and Palo Alto Networks Expand Project Lightwell to Help Organizations Respond to Software Vulnerabilities
IBM, Red Hat, and Deloitte Announce Lightwell Collaboration to Help Strengthen Open Source Software Supply Chain Trust
Major Tech Companies Launch Project Glasswing to Secure Critical Software Against AI Cybersecurity Threats
Project Glasswing is a new cybersecurity initiative announced by Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google
Major Tech Companies Launch Project Glasswing to Secure Critical Software Against AI Cybersecurity Threats
Project Glasswing is a new cybersecurity initiative announced by Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google
Project Glasswing: AI-assisted vulnerability detection finds over 10,000 critical software flaws
Project Glasswing is a collaborative effort launched to secure critical software against potential threats from increasingly capable AI mode
Project Glasswing: AI-assisted vulnerability detection finds over 10,000 critical software flaws
Project Glasswing is a collaborative effort launched to secure critical software against potential threats from increasingly capable AI mode
Project Glasswing: Testing Anthropic's Mythos Preview LLM for Security Vulnerability Detection
The article details Project Glasswing, a security initiative where the author's team tested Anthropic's Mythos Preview LLM against their own

GitHub patches critical remote code execution vulnerability in under six hours after AI-assisted discovery
GitHub patched a critical remote code execution vulnerability in under six hours last month. The flaw, discovered by Wiz Research using AI m

Comments
Sign in to join the conversation.
No comments yet. Be the first.