IBM, Red Hat Launch $5 Bn Project Lightwell to Secure Open Source Software With AI
The companies said the initiative will establish a new model for enterprise open-source security.
IBM and Red Hat have announced Project Lightwell, a $5 billion initiative to help enterprises secure open-source software using frontier AI technologies and a global engineering workforce of more than 20,000 people.
Introducing Project Lightwell from @IBM and Red Hat: a $5 billion, AI-powered, 20,000 engineer-strong, first-of-its-kind force to identify and fix open source vulnerabilities at scale.
— Red Hat (@RedHat) May 28, 2026
Read about our commitment to the future of open source in the AI era. https://t.co/Xh3lLMNpmz pic.twitter.com/1m0ToNiCQq
The companies said the initiative will establish a new model for enterprise open-source security by combining AI-powered vulnerability detection with a centralised “trusted clearinghouse” designed to coordinate fixes across large-scale software supply chains.
Project Lightwell comes as enterprises face mounting security risks tied to open source software, which underpins much of modern digital infrastructure.
According to IBM and Red Hat, more than 90% of Fortune 500 companies rely on open source technologies, while advances in AI are accelerating the discovery and exploitation of vulnerabilities.
The new clearinghouse will act as a coordination layer for identifying, validating and testing fixes across a vast volume of open-source code. Enterprises will be able to access these capabilities through commercial subscriptions that integrate secure patches into existing software supply chains with enterprise-grade lifecycle management.
IBM and Red Hat said they are already working with early adopters including Bank of America, BNY, Citi, Goldman Sachs, JPMorganChase, Mastercard, Morgan Stanley, Royal Bank of Canada, State Street, Visa and Wells Fargo.
“With Project Lightwell, IBM and Red Hat are helping define a new industry model, one that brings together AI, engineering expertise, and trusted collaboration, to secure open source software at its source and across the entire supply chain. This is about strengthening trust in the systems that power business, government, and society,” said Arvind Krishna, IBM Chairman and CEO.
"I believe it will define the next chapter of Red Hat's engineering mission. We are applying the same discipline, upstream-always commitment, and engineering rigor across all active application layers that modern enterprise environments depend on," Matt Hicks, Red Hat CEO, added.
The companies said Project Lightwell will extend beyond their traditional platforms to cover independent libraries, AI frameworks, data streaming platforms and language toolchains.
As part of the initiative, IBM and Red Hat will deploy AI-assisted vulnerability review, secure patch development and upstream maintenance efforts in collaboration with open-source communities.
