IBM, Red Hat, and Palo Alto Networks announced a collaboration to help enterprises respond more quickly to software vulnerabilities by combining vulnerability discovery, virtual patching, and software remediation into a coordinated workflow. The initiative expands Project Lightwell, an IBM and Red Hat effort backed by a $5 billion commitment to open source security, by integrating Palo Alto Networks’ Virtual Patching capabilities to provide immediate network-level protection while software fixes are developed, tested, and deployed.
The companies said the partnership addresses a growing challenge in cybersecurity: the shrinking time between vulnerability discovery and active exploitation. As AI accelerates both vulnerability research and attack development, organizations often face exposure windows before software vendors can release and customers can deploy permanent patches. Under the collaboration, Palo Alto Networks can deploy virtual patches at the network layer to block exploitation attempts while IBM and Red Hat provide validated remediation options through Project Lightwell.
The integrated approach targets vulnerabilities across open source software, commercial applications, operational technology (OT) environments, healthcare systems, and connected devices. The companies also plan to establish secure information-sharing processes among software vendors, security teams, and technology providers to support coordinated vulnerability disclosure, accelerate protection development, and provide anonymized telemetry on real-world exploitation attempts. IBM Consulting and IBM Security Services will offer advisory and deployment support to help customers prioritize risks, validate fixes, and implement protections across complex enterprise environments.
• Integrates Palo Alto Networks Virtual Patching with IBM and Red Hat’s Project Lightwell initiative
• Provides immediate network-level protections while permanent software patches are prepared and tested
• Targets open source software, commercial applications, OT environments, healthcare technologies, and connected devices
• Supports preemptive protection before official software patches become available
• Aims to reduce the time between validated vulnerability discovery and deployed protections
• Includes plans for coordinated vulnerability disclosure and secure threat intelligence sharing
• IBM Security Services and IBM Consulting will assist customers with prioritization, deployment, and validation of protections
Nikesh Arora, Chairman and CEO of Palo Alto Networks, said: “AI has compressed the window between vulnerability discovery and exploit from weeks to minutes. Traditional patching cannot keep pace. By collaborating with IBM and Red Hat, we are shifting the advantage back to defenders. This powerful combination allows us to neutralize threats in the network while providing uninterrupted business continuity for our global clients.”
🌐 Analysis: The announcement reflects a broader industry shift toward compensating controls and virtual patching as AI accelerates vulnerability discovery and exploitation cycles. Security teams increasingly require layered protection strategies that can provide immediate defenses while software updates move through testing and deployment processes.
🌐 Analysis: Project Lightwell also highlights IBM’s growing emphasis on software supply-chain security and open source assurance. By integrating network-based controls from Palo Alto Networks with software remediation workflows from IBM and Red Hat, the initiative aims to bridge a longstanding gap between vulnerability identification and operational protection.