공시 • 1h
IBM and Red Hat Expand Lightwell with New Offerings to Build the Trust Infrastructure for AI-Era Open Source
IBM and Red Hat announced the commercial launch of Lightwell, delivering automated vulnerability remediation at scale through two offerings: Lightwell Network and Lightwell Clearinghouse Premier. Lightwell’s rollout scales a model built on decades of trust, in which Red Hat Inc. has secured critical systems for thousands of customers, with millions of core product downloads and an immeasurable number of patches, bug fixes, and community contributions. Lightwell now extends that proven enterprise protection to an organization's open source software portfolio. Lightwell leverages the high-throughput capability of a generative AI-powered remediation engine that is already live and operating at scale. This advanced, AI-driven automation pipeline combines frontier and open AI models with human engineering expertise to identify, validate, and remediate vulnerabilities across critical dependencies embedded deep within modern software architectures. Lightwell removes the friction between rapid innovation and enterprise compliance by securing the specific software packages organizations run in active production, while establishing a stable platform for future applications. To break the dependency remediation deadlock, Lightwell uses automation to backport critical fixes directly to specific, long-lived production software versions, helping address lengthy regression testing and breaking changes that often paralyze teams forced to adopt major upstream upgrades. Backed by its AI-powered remediation engine, Red Hat Inc. and International Business Machines Corporation expect Lightwell’s catalog of remediated packages to scale rapidly from thousands to millions. Red Hat Inc. and International Business Machines Corporation are delivering these capabilities through two offerings: Lightwell Network: Generally available now, providing immediate access to an active and growing library of content spanning latest to legacy libraries with high-value remediations. Members receive a continuous stream of digitally signed binaries, source code, and comprehensive compliance artifacts, including complete Software Bills of Materials (SBOMs), delivered directly into existing pipelines without code drift. Lightwell Clearinghouse Premier: Entering a limited-availability commercial onboarding phase, this tier is designed to serve as a trusted intermediary for deep industry collaboration, advanced vertical threat coordination, and secured patch embargoes. Participating organizations can submit vulnerabilities and request targeted version remediation under an embargo window. While the platform’s initial launch is limited to the financial services industry, Red Hat Inc. and International Business Machines Corporation plan to expand Lightwell Clearinghouse Premier to additional critical infrastructure verticals, including government, healthcare, and telecommunications, in future phases. Due to the highly specialized legal, geographic, and disclosure frameworks required to operate sector-specific clearinghouse networks, commercial entry remains gated to qualified participating organizations. Lightwell operates under Red Hat Inc.’s proven upstream-always model, in which security fixes are actively submitted back to the originating open source community for review and acceptance. This ensures commercial protections and community health continually reinforce one another, preventing project fragmentation without risking in-production zero days. Lightwell is extended by a robust and growing network of technology and deployment partners. By collaborating with these industry leaders, Lightwell delivers a true orchestrated defense, enabling network rules, cloud environments, and deployment pipelines to be updated simultaneously across the entire enterprise fabric when a fix is ready. Technology providers: Industry leaders like Amazon Web Services Inc., Advanced Micro Devices Inc., F5 Inc., GitLab Inc., Intel Corporation, JFrog Ltd., Microsoft Corporation, NVIDIA Corporation, Palo Alto Networks Inc., and ServiceNow Inc. are collaborating with International Business Machines Corporation and Red Hat Inc. on Lightwell. This growing ecosystem ensures that Lightwell’s security fixes extend across diverse environments, protecting a wide array of existing tools, applications, and services without disruption. Deployment & strategy services: To accelerate adoption, customers can leverage systems integration and strategic deployment services through engagements with International Business Machines Corporation Consulting, Red Hat Inc. Consulting, Accenture plc, Atos SE, Cognizant Technology Solutions Corporation, Deloitte, EY cyber and risk consulting teams, HCLTech, Infosys Limited, Kyndryl Holdings Inc., Larsen & Toubro Limited, NTT DATA, Tata Consultancy Services Limited, and Tech Mahindra Limited. These organizations help enterprise customers map SBOMs, manage version mapping, ingest Lightwell registries, and evaluate pipelines to enable preparedness for AI-velocity vulnerabilities.