IBM: IBM, Red Hat, and Palo Alto Networks expand Project Lightwell for instant software vulnerability response
IBM, Red Hat, and Palo Alto Networks expanded Project Lightwell — a security framework combining virtual patching and open-source protection — entering a partnership covering 70,000+ clients in 175+ countries and shrinking the exploitation window from weeks to minutes.
This article was generated using artificial intelligence from primary sources.
IBM, Red Hat, and Palo Alto Networks announced an expansion of their collaboration on Project Lightwell — a security framework enabling organizations to respond instantly to discovered software vulnerabilities. The initiative entered a new phase with the integration of Palo Alto Virtual Patching technology into IBM and Red Hat infrastructure.
What is virtual patching?
Virtual patching is a security technique that blocks exploitation of a known vulnerability at the network or application layer — without installing a classic software patch on the affected system. Unlike traditional patching that requires testing, approvals, and system restarts, virtual patching becomes active the same day a vulnerability is discovered. Project Lightwell extends this technique beyond the enterprise network perimeter: it covers open-source applications, commercial software, OT (operational technology), and IoT devices.
How large is the partnership?
Palo Alto Networks brings a network of 70,000+ clients in 175+ countries to this alliance, while IBM and Red Hat back the partnership with a $5 billion investment in open-source security. The coverage scope makes Project Lightwell one of the largest coordinated open-software protection initiatives to date — compared with previous, fragmented responses from individual vendors that acted in isolation and more slowly.
Why is speed critical?
Palo Alto Networks CEO Nikesh Arora highlighted the key change: AI has shortened the window between vulnerability discovery and active exploitation from weeks to just a few minutes. The traditional cycle — discovery, CVE publication, vendor patch, testing, deploy — took weeks and left organizations exposed. Virtual patching closes that vulnerability window almost instantly while the classic patch is being prepared and tested.
What this means for users
Organizations applying Project Lightwell gain a protective layer active immediately upon threat discovery, regardless of whether they have initiated a formal patch process. This is especially significant for OT and IoT environments where classic patching is not always possible without interrupting critical systems.
Frequently Asked Questions
- What is virtual patching and why does it matter?
- Virtual patching is a security measure that blocks exploitation of a known vulnerability at the network level — without installing a classic software patch on the affected system, giving organizations protection immediately upon threat discovery.
- Which systems are protected by Project Lightwell?
- The framework covers open-source applications, commercial software, OT (operational technology), and IoT — all connected devices that previously lacked a standardized rapid patching mechanism.