Particle.news
Get it on Google Play
Download on the App Store
3 ARTICLES
·
7h ago

IBM and Red Hat Launch $5 Billion Project Lightwell to Secure Open Source

It aims to scale vetted fixes into enterprise software supply chains using AI-augmented engineering, a global team of more than 20,000, a trusted clearinghouse, a confidential reporting path, a commercial subscription model

The logo of IBM is displayed over a booth at the Web Summit digital trade show in Vancouver, British Columbia, Canada, May 12, 2026. REUTERS/Chris Helgren
Image

Overview

  • IBM and Red Hat announced Project Lightwell on Thursday and committed $5 billion to build a clearinghouse that validates, tests, and delivers production-ready fixes for open source software.
  • The service combines advanced AI tools with a global engineering force of more than 20,000 to speed vulnerability review, triage, patch development, and upstream maintenance for libraries and AI frameworks.
  • The project has been piloted with major financial and payments firms and, according to Reuters, is expected to launch as a commercial subscription within roughly 30 days with pricing likely tied to the number of packages used.
  • IBM and Red Hat say the effort responds to a surge in AI-enabled vulnerability discovery, citing research that found thousands of high-severity open source flaws, and offers confidential reporting plus coordinated disclosure to upstream projects.
  • Project Lightwell builds on Red Hat’s existing lifecycle and patching practices to provide enterprises a single trusted layer for supply-chain security, a shift that could speed fixes for regulated firms but also raises questions about commercializing community-maintained code.