A collaboration among Palo Alto Networks, IBM, and Red Hat has been initiated for faster detection and deployment of defensive measures against any kind of vulnerabilities. This industry-wide collaboration will be focused on securing open-source software, commercial enterprise software applications, operational technology (OT), and health care software.
With the help of incorporating the Virtual Patching from Palo Alto Networks within the Project Lightwell from IBM and Red Hat, network-level protection and code-level protection will come together. The aim is to reduce the period between identifying any sort of vulnerability and complete defense of the organization against the identified vulnerability.
The adoption of artificial intelligence has changed the threat environment in such a way that threat actors can discover and exploit vulnerabilities in software in large numbers due to the availability of AI-based tools. These tools allow them to scan the software codes to detect vulnerabilities in much less time than writing and deploying patches manually.
Also Read: Exabeam Unveils Open-Source ‘Praxen’ to Establish Agent Behavior Verification for Enterprise AI Workers
Nikesh Arora, CEO and Chairman of Palo Alto Networks “AI has compressed the window between vulnerability discovery and exploit from weeks to minutes. Traditional patching cannot keep pace. By collaborating with IBM and Red Hat, we are shifting the advantage back to defenders. This powerful combination allows us to neutralize threats in the network while providing uninterrupted business continuity for our global clients.”
Arvind Krishna, Chairman and CEO of IBM “IBM established Project Lightwell to secure the open-source software foundation that enterprises rely on every day. By collaborating with Palo Alto Networks, we are extending that security from the source code directly to the network front lines. This joint solution gives our clients exactly what they need to thrive in the AI era: immediate, automated resilience against emerging threats, combined with the rigorous validation required to safely update their core systems.”
Optimizing the “Shield-and-Fix” Security Lifecycle
This updated alliance bridges IBM and Red Hat’s ongoing $5 billion investment in open-source security through Project Lightwell with Palo Alto Networks’ comprehensive enterprise security architecture.
The resulting “shield-and-fix” model operates in two synchronized stages:
- Immediate Shielding: Palo Alto Networks dynamically executes a virtual patch at the network boundary, neutralizing potential exploit traffic.
- Permanent Fixing: Concurrently, Project Lightwell surfaces vetted software remediation blueprints for open-source components, enabling enterprise IT teams to test and deploy permanent updates securely within their unique infrastructures.
The technical synergy across vulnerability data streams, code remediation, and active network mitigation provides distinct enterprise advantages:
- Comprehensive Surface Protection: Extends robust defensive capabilities beyond standard IT setups to encompass commercial applications, legacy OT networks, and connected medical devices.
- Preemptive Threat Neutralization: Empowers organizations to block exploits using automated network rules before software developers release official source-code patches.
- Faster Time-to-Protection: Allows for same day deployment of network protection following validation of any vulnerabilities found, offering a long-term plan for reducing the gap between zero-day identification and protective measures.
In order to strengthen the whole software community, these three companies plan to develop secure data exchange platforms. This network will include software vendors, security researchers, and technology firms in order to encourage Coordinated Vulnerability Disclosure (CVD), faster defensive telemetry development, and the collection of threat intelligence from attacks.
Enterprise Deployment via IBM Consulting
Recognizing that technology requires expert orchestration, IBM Security Services is launching dedicated advisory and implementation frameworks. These consulting services are designed to help global enterprises evaluate threat severity, rank risk prioritization, and map optimal remediation pathways. Operating in tandem with Palo Alto Networks‘ virtual patching tools and Project Lightwell’s engineering resources, IBM’s consultants aim to assist enterprise clients in deploying and validating critical fixes across highly complex, multi-cloud architectures.
