Introduced at this time, the venture will commit $5 billion and 20,000 IBM and Pink Hat engineers to construct a brand new ‘enterprise clearinghouse’ to speed up discovery and remediation of vulnerabilities in open supply software program. The businesses say the clearinghouse will function an AI-powered “safety coordination layer,” giving enterprises the flexibility to combine patches straight into their present software program provide chains.
Now within the design part with a gaggle of 11 monetary companions, Undertaking Lightwell will ultimately be provided as a industrial subscription.
“The development in AI instruments has damaged the patching map, which is the flexibility to find vulnerabilities in software program with out shedding the velocity of remediation,” Ashesh Badani, Pink Hat SVP and CPO, instructed CSOonline. “Everybody’s working open supply software program, and the problem shouldn’t be with the ability to repair vulnerabilities rapidly sufficient.”
Open supply safety points have been effectively documented: Virtually 50,000 frequent vulnerabilities and exposures (CVEs) had been printed in 2025, and Anthropic’s Undertaking Glasswing, powered by its Mythos Preview mannequin, discovered roughly 3,900 beforehand undiscovered excessive or essential severity vulnerabilities in open supply software program shortly after launch.
