Blab AI
IBM, Red Hat and Palo Alto Networks Expand Project Lightwell to Fast-Track Software Vulnerability Response
On 24 June 2026, IBM, Red Hat and Palo Alto Networks announced a broadened partnership that fuses IBM and Red Hat’s Project Lightwell with Palo Alto Networks’ virtual‑patching technology. The goal is clear: shrink the interval between spotting a software vulnerability and rolling out a safeguard.
Dubbed a “shield‑and‑fix” workflow, the collaboration lets organisations erect a temporary barrier at the network level while they craft and validate a permanent patch. Palo Alto’s virtual patching creates network‑level rules that block attackers from exploiting known weaknesses, whereas Project Lightwell delivers the code‑level remediation that customers can deploy in their own environments.
The initiative spans a wide spectrum of software, from open‑source projects and commercial applications to operational‑technology (OT) systems and connected devices. IBM Security Services will help clients identify which vulnerabilities pose the greatest risk to their business and advise on how to deploy protections and fixes across complex, heterogeneous environments.
AI is the catalyst behind the partnership. As the companies explain, machine‑learning models can uncover security gaps across codebases at a pace that outstrips traditional patching. The result is a compression of the window between vulnerability discovery and exploitation from weeks to minutes. “Traditional patching cannot keep pace,” said Nikesh Arora, CEO and Chairman of Palo Alto Networks.
In tandem with the Project Lightwell expansion, IBM has recently joined OpenAI’s Daybreak Cyber Partner Program and launched a new application‑security service that harnesses advanced OpenAI models to analyze software code, spot vulnerabilities and assess their exploitability. The service operates inside a “security harness,” a controlled environment that applies AI capabilities while maintaining enterprise security controls.
On IBM’s Security Intelligence podcast, Jayesh Kamat, Global Competency Leader for Application Security, explained that the harness goes beyond traditional code scanning. “We use them to scan application code for clients and have the models think about what vulnerabilities they could find in that code,” Kamat said. “Not just vulnerabilities, but also chained vulnerabilities across pieces of code.” He added that the harness can prove that identified vulnerabilities can be exploited.
By integrating network‑level protection with software‑level fixes, the expanded Project Lightwell initiative is expected to help organisations reduce exposure while remediation is underway. The partnership addresses the growing mismatch between the speed of AI‑driven vulnerability discovery and the slower pace of patch deployment.
IBM, Red Hat and Palo Alto Networks have not yet released a timetable for the rollout of the integrated solution, but the companies indicated that the collaboration will be available to customers in the coming months. The partnership reflects a broader industry shift toward combining AI‑driven detection with rapid, automated response mechanisms to counter the shrinking exploit window.
As AI continues to accelerate vulnerability discovery, the need for coordinated, fast‑acting defenses is becoming more urgent. The Project Lightwell expansion represents one of the first large‑scale efforts to bring together AI‑powered vulnerability analysis, network‑level protection and software remediation under a single framework.
The initiative is part of IBM’s ongoing strategy to secure open‑source software and to provide enterprises with tools that can keep pace with the rapid evolution of cyber threats. The collaboration also underscores the importance of cross‑company partnerships in addressing the complex challenges posed by AI‑driven security gaps.
Security analysts and enterprises that rely on open‑source components, OT systems and connected devices will watch the partnership closely, as the combined solution promises to reduce the exposure window and improve the speed of vulnerability response.
Dubbed a “shield‑and‑fix” workflow, the collaboration lets organisations erect a temporary barrier at the network level while they craft and validate a permanent patch. Palo Alto’s virtual patching creates network‑level rules that block attackers from exploiting known weaknesses, whereas Project Lightwell delivers the code‑level remediation that customers can deploy in their own environments.
The initiative spans a wide spectrum of software, from open‑source projects and commercial applications to operational‑technology (OT) systems and connected devices. IBM Security Services will help clients identify which vulnerabilities pose the greatest risk to their business and advise on how to deploy protections and fixes across complex, heterogeneous environments.
AI is the catalyst behind the partnership. As the companies explain, machine‑learning models can uncover security gaps across codebases at a pace that outstrips traditional patching. The result is a compression of the window between vulnerability discovery and exploitation from weeks to minutes. “Traditional patching cannot keep pace,” said Nikesh Arora, CEO and Chairman of Palo Alto Networks.
In tandem with the Project Lightwell expansion, IBM has recently joined OpenAI’s Daybreak Cyber Partner Program and launched a new application‑security service that harnesses advanced OpenAI models to analyze software code, spot vulnerabilities and assess their exploitability. The service operates inside a “security harness,” a controlled environment that applies AI capabilities while maintaining enterprise security controls.
On IBM’s Security Intelligence podcast, Jayesh Kamat, Global Competency Leader for Application Security, explained that the harness goes beyond traditional code scanning. “We use them to scan application code for clients and have the models think about what vulnerabilities they could find in that code,” Kamat said. “Not just vulnerabilities, but also chained vulnerabilities across pieces of code.” He added that the harness can prove that identified vulnerabilities can be exploited.
By integrating network‑level protection with software‑level fixes, the expanded Project Lightwell initiative is expected to help organisations reduce exposure while remediation is underway. The partnership addresses the growing mismatch between the speed of AI‑driven vulnerability discovery and the slower pace of patch deployment.
IBM, Red Hat and Palo Alto Networks have not yet released a timetable for the rollout of the integrated solution, but the companies indicated that the collaboration will be available to customers in the coming months. The partnership reflects a broader industry shift toward combining AI‑driven detection with rapid, automated response mechanisms to counter the shrinking exploit window.
As AI continues to accelerate vulnerability discovery, the need for coordinated, fast‑acting defenses is becoming more urgent. The Project Lightwell expansion represents one of the first large‑scale efforts to bring together AI‑powered vulnerability analysis, network‑level protection and software remediation under a single framework.
The initiative is part of IBM’s ongoing strategy to secure open‑source software and to provide enterprises with tools that can keep pace with the rapid evolution of cyber threats. The collaboration also underscores the importance of cross‑company partnerships in addressing the complex challenges posed by AI‑driven security gaps.
Security analysts and enterprises that rely on open‑source components, OT systems and connected devices will watch the partnership closely, as the combined solution promises to reduce the exposure window and improve the speed of vulnerability response.
