Palo Alto Networks, IBM and Red Hat announced a collaboration to help organizations identify vulnerabilities early and deploy protections fast across open source software, commercial applications, operational technology (OT) and healthcare technologies. By integrating Palo Alto Networks Virtual Patching capability with Project Lightwell from IBM and Red Hat, the collaboration combines rapid network-level protection with software remediation to help organizations reduce exposure to emerging threats.
AI has supercharged vulnerability discovery, enabling flaws to be identified at unprecedented speed and scale. AI-driven threats can uncover security gaps across codebases far faster than defenders can patch them, exposing organizations to systemic supply-chain risks.
Nikesh Arora, CEO and Chairman of Palo Alto Networks
"AI has compressed the window between vulnerability discovery and exploit from weeks to minutes. Traditional patching cannot keep pace. By collaborating with IBM and Red Hat, we are shifting the advantage back to defenders. This powerful combination allows us to neutralize threats in the network while providing uninterrupted business continuity for our global clients."
Arvind Krishna, Chairman and CEO of IBM
"IBM established Project Lightwell to secure the open-source software foundation that enterprises rely on every day. By collaborating with Palo Alto Networks, we are extending that security from the source code directly to the network front lines. This joint solution gives our clients exactly what they need to thrive in the AI era: immediate, automated resilience against emerging threats, combined with the rigorous validation required to safely update their core systems."
A Seamless "Shield-and-Fix" Workflow
The collaboration connects IBM and Red Hat’s $5 billion commitment to open source security via Project Lightwell with Palo Alto Networks’ security platform. This creates a dual-action defense: Palo Alto Networks rapidly deploys a virtual patch at the network layer to block exploit attempts, while IBM and Red Hat’s Project Lightwell offers software remediation for open source software that customers can test and deploy in their environments.
The collaboration combines vulnerability intelligence, software remediation and network-based protections to help organizations respond quickly to newly discovered vulnerabilities. Key capabilities include:
- Broader Vulnerability Coverage: Protection across open source software, commercial applications, operational technology (OT) environments and connected devices.
- Preemptive Coverage: Organizations can receive virtual patch protections before official software patches become available, helping reduce exposure while remediation is underway.
- Rapid Protection: When a new vulnerability is discovered, network-level protections can be deployed the same day, with a long-term goal of reducing the time from validated discovery to protection.
The companies also plan to establish secure processes for sharing vulnerability information across participating software vendors, technology providers and security teams. This collaboration is expected to support coordinated vulnerability disclosure, accelerate protection development and provide anonymized telemetry on real-world exploitation attempts.
Expert Deployment via IBM Consulting
To help organizations respond more effectively to newly discovered vulnerabilities, IBM Security Services can also provide advisory and deployment services that help customers identify which vulnerabilities pose the greatest risk to their business and determine the best path to remediation. Working alongside Palo Alto Networks' virtual patching capabilities and Project Lightwell's software remediation capabilities, IBM Security Services can help customers prioritize, deploy and validate protections and fixes across complex environments.
