Deloitte, IBM, and Red Hat Launch Lightwell Initiative to Secure Software Supply Chains
2026-07-08 16:11
Favorite

en.Wedoany.com Reported - Deloitte, IBM, and Red Hat have announced a deepened collaboration to launch the Lightwell initiative, aimed at helping enterprises protect software supply chain security amid the accelerating evolution of AI-driven cyber threats. Deloitte joins as an integration partner for Lightwell, integrating its protected software supply chain architecture and cyber risk services with the enterprise-grade open source security model deployed by IBM and Red Hat.

Currently, most organizations' business applications consist of a mix of first-party code, open source software, and third-party commercial software. Unpatched vulnerabilities can rapidly spread across an enterprise's entire asset base, while cutting-edge AI models enable attackers to discover and exploit zero-day vulnerabilities within minutes, further exacerbating this risk. Lightwell aims to address this challenge by decoupling open source security fixes from traditional software upgrade cycles, coordinating upstream threat disclosures with independent maintainers, and delivering verified patches directly to specific software versions running in production environments, thereby protecting critical systems without requiring disruptive upgrades.

This collaboration will revolve around a closed-loop system. The system first achieves continuous visibility and discovery of software assets through ongoing mapping and scanning; it then separates active threats from noise by analyzing severity, exploitability, and threat chains for contextualized prioritization. In the remediation phase, Red Hat and IBM's automated patch verification capabilities will combine with Deloitte's orchestration services to rapidly coordinate and deploy verified fixes. Deloitte will maintain a dedicated team of Frontline Deployment Engineers (FDEs) to support continuous remediation and maintenance of client applications. Additionally, the initiative will help enterprises manage upstream open source and vendor relationships, and provide ongoing compliance reporting.

Adnan Amjad, US Cyber Leader at Deloitte, stated that vulnerability exploitation will not wait for manual patching processes, and enterprise responses must keep pace. This collaboration aims to build operational resilience to maintain trust in an increasingly complex software ecosystem. Savio Rodrigues, Vice President of Services Partner Ecosystem at IBM, noted that Lightwell was created to address the challenge of protecting open source software in an AI-driven threat environment, and expressed excitement about working with Deloitte to scale its model. Kevin Kennedy, Vice President of Global Partner Ecosystem at Red Hat, emphasized that the partnership with Deloitte will bring development capabilities directly into enterprise application environments, isolating, patching, and delivering fixes to support the open source ecosystem and protect the specific versions that customers rely on.

As the speed of vulnerability discovery accelerates, organizations urgently need to reduce exposure and increase accountability across the entire software lifecycle. This collaboration aims to transform software supply chain security from a fragmented, reactive process into a coordinated, evidence-based operational model. The partnership builds on the long-standing strategic relationships between Deloitte, IBM, and Red Hat, combining complementary strengths in cyber risk management, hybrid cloud management, and IT automation.

This bulletin is compiled and reposted from information of global Internet and strategic partners, aiming to provide communication for readers. If there is any infringement or other issues, please inform us in time. We will make modifications or deletions accordingly. Unauthorized reproduction of this article is strictly prohibited. Email: news@wedoany.com