en.Wedoany.com Reported - IBM, Red Hat, and Palo Alto Networks have announced an expansion of their collaboration on the Project Lightwell vulnerability response initiative, aiming to enhance software security, particularly in open-source environments and critical enterprise systems. The three companies are integrating their technologies to facilitate early vulnerability detection and protection deployment, addressing the growing challenge of AI-driven threats.

At the core of this collaboration is the establishment of a defense model that combines real-time response with continuous remediation. Palo Alto Networks provides network-layer virtual patches that can block exploitation attempts in real time during an attack, while IBM and Red Hat are responsible for developing and deploying final structural software fixes. This coordinated mechanism unifies the entire defense lifecycle.

The three companies noted that artificial intelligence is reshaping the cybersecurity landscape, with AI-based tools enabling faster vulnerability detection while also facilitating exploitation by malicious actors. Palo Alto Networks CEO Nikesh Arora stated that AI has reduced the time from vulnerability discovery to exploitation from weeks to minutes, making traditional patching models inadequate. IBM Chairman and CEO Arvind Krishna pointed out that Project Lightwell was originally designed to protect the open-source software ecosystem, and this expansion extends protection to the network layer, achieving a unified defense lifecycle.

The specific workflow of the collaboration includes two key actions: immediate protection and structural remediation. The former involves Palo Alto Networks deploying virtual patches on the network to block exploitation at the source, while the latter involves IBM and Red Hat providing verified software patches for organizations to test and deploy. This approach leverages IBM and Red Hat's $5 billion investment in open-source security and integrates with Palo Alto Networks' security platform.

The joint solution's key capabilities span multiple areas: protection coverage includes open-source environments, commercial applications, operational technology (OT) systems, and connected devices (e.g., in healthcare settings); virtual patches can be deployed before official software updates are available, enabling preventive protection; network-layer protection can be activated on the same day a vulnerability is discovered, accelerating the response process. Additionally, the three companies plan to establish a secure vulnerability information-sharing mechanism, providing data on real exploitation attempts through anonymous telemetry to improve coordinated disclosure and accelerate mitigation development.

To help organizations adopt this strategy, IBM also offers support through its security consulting services. With IBM Security Services, customers can identify critical vulnerabilities, prioritize mitigation measures, and deploy and verify patches in complex environments. This service layer aims to help enterprises more efficiently manage the complete vulnerability lifecycle.

The expansion of Project Lightwell marks an evolution toward a more dynamic and collaborative security model. By combining intelligence, automation, and cross-vendor collaboration, IBM, Red Hat, and Palo Alto Networks aim to reduce exposure time to vulnerabilities, laying the foundation for adaptive network defenses capable of responding at the speed required by the AI era.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com