Google introduces Android caller verification feature to reduce spoofed calls and phone scams
IBM and Red Hat have announced a major initiative called Project Lightwell, backed by a $5 billion investment, aimed at improving the security of open-source software supply chains.
The effort combines advanced AI capabilities with a global workforce of more than 20,000 engineers to detect, analyze, and fix vulnerabilities at scale.
According to the announcement, the initiative is designed to create a more structured and secure pipeline for open-source software used in enterprise environments.
At the core of Project Lightwell is a trusted enterprise “clearinghouse” that will function as a coordination and validation layer for security fixes.
This system will use AI-assisted tools to identify vulnerabilities, triage issues, validate patches, and ensure that fixes are properly tested before being deployed.
The goal is to reduce the risks associated with the complexity and scale of modern open-source ecosystems, which are widely used in critical industries such as finance and technology.
IBM and Red Hat also plan to offer these capabilities through commercial subscription services, allowing enterprises to integrate verified security updates directly into their software supply chains.
Early collaboration is already underway with major financial institutions including Bank of America, JPMorganChase, Visa, and Mastercard, among others.These partners are expected to provide real-world feedback that will shape how vulnerabilities are managed and remediated.
Overall, Project Lightwell represents a strategic push to professionalize and centralize open-source security management, leveraging AI and large-scale engineering resources to improve trust, speed, and reliability in software maintenance across global enterprise systems.