July 16, 2026

IBM and Red Hat launch Lightwell to defend open-source code from AI attacks

In brief

IBM and Red Hat have moved Lightwell from a broad security initiative into commercial offerings aimed at protecting enterprise use of open-source software. The launch includes Lightwell Network, now generally available, with access to more than 6,500 remediated, digitally signed and certified application-layer dependencies, and Lightwell Clearinghouse Premier, now in limited availability as a trusted channel for vulnerability reporting, embargoed patches and sector-level coordination. The initiative builds on IBM and Red Hat’s earlier $5 billion commitment and involves more than 20,000 engineers working with AI-driven remediation systems.

The core idea is to reduce the pain of patching open-source dependencies in regulated enterprises, where normal upgrades can create compatibility, certification, audit or production risks. Instead of forcing organizations to adopt major upstream upgrades, Lightwell aims to backport and validate fixes for the versions companies already run, while also feeding fixes back upstream. The initial focus is financial services, with future expansion planned for other critical-infrastructure sectors such as government, healthcare and telecommunications.

Source: ZDNet

Explore More Insightful Articles: