Palo Alto Networks has teamed up with IBM and Red Hat to integrate its network-based virtual patching tech with Project Lightwell to secure enterprise open-source software supply chains from machine-speed AI exploits.
IBM, its Red Hat subsidiary, and Palo Alto Networks have announced a major cybersecurity partnership to protect enterprise infrastructure from rapidly accelerating threats targeting open-source software (OSS). The collaboration merges Palo Alto Networks’ proprietary Prisma network-based virtual patching technology with IBM and Red Hat’s recently launched Project Lightwell initiative.
Project Lightwell is a massive $5 billion infrastructure security project designed to serve as a trusted enterprise clearinghouse for open-source code. Backed by a global engineering force, the platform leverages advanced artificial intelligence capabilities to test, validate, and patch critical software vulnerabilities at scale across vast libraries of community code. The newly formed alliance aims to address a critical security challenge: advanced AI tools have compressed the window between a software bug’s discovery and active hacker exploitation from weeks to minutes, rendering traditional software patching pipelines obsolete.
By layering Palo Alto’s network security over Project Lightwell’s code remediation framework, the joint solution delivers same-day, automated virtual patches. This preemptive layer blocks exploits at the network level before official open-source software fixes are finalized. While offered to large enterprise buyers via a commercial subscription model, the initiative will securely share threat data across global vendors and push critical security patches back into upstream open-source projects, protecting the broader digital economy.
