IBM, Red Hat and Deloitte Partner on Project Lightwell

By Ridhika Basnet · AIM Media House

IBM, Red Hat, and Deloitte announced on June 26, 2026, a collaboration to expand Project Lightwell, an initiative designed to help organizations secure open source software supply chains against increasingly automated cyber threats.

“Lightwell was created to address the growing challenge of securing open source software in an AI-driven threat landscape,” said Savio Rodrigues, Vice President, Service Partners at IBM.

According to IBM, most enterprise applications combine first-party code, open source components, and commercial software, allowing a single unpatched vulnerability to create risk across multiple systems.

Inside Project Lightwell Project Lightwell was introduced by IBM and Red Hat in May as an enterprise clearinghouse that combines artificial intelligence with human engineering experts to identify, validate, and remediate vulnerabilities in open source software.

According to the companies, the platform is designed to help organizations integrate validated security patches into existing software supply chains while maintaining enterprise governance and compliance. Deloitte joins the initiative as an integration collaborator.

The company will contribute its secured software supply chain architecture and cyber risk services to help customers integrate Project Lightwell into existing development and security workflows.

The companies said that Project Lightwell uses AI to identify software vulnerabilities, validate potential fixes, and coordinate remediation before patches are deployed into production environments.

The company also added that it will maintain a bench of Forward Deployed Engineers (FDEs) to support ongoing remediation and maintenance of client applications as part of its role in the collaboration.

Read the full story

Continue on AIM Media House

Read article →