The IBM-Red Hat-Palo Alto Alliance: A Virtual Patching Shield Against Open Source Vulnerabilities

The IBM-Red Hat-Palo Alto Alliance: A Virtual Patching Shield Against Open Source Vulnerabilities

In a move that redefines enterprise security, IBM, Red Hat, and Palo Alto Networks have joined forces to address one of the biggest weaknesses of modern infrastructure: open source software. The collaboration aims to proactively identify vulnerabilities and deploy protections before attackers can exploit them, especially in a context where artificial intelligence accelerates the attack cycle.

ibm-red-hat-y-palo-alto-se-unen-para-asegurar-el-s-0.jpg

The Core of the Initiative: Virtual Patching and Project Lightwell

The alliance rests on two technological pillars. On one hand, Palo Alto Networks' network-based virtual patching technology, integrated into its Prisma platform, allows blocking threats at the network level without needing to apply patches on each system. On the other hand, Project Lightwell from IBM and Red Hat, a $5 billion enterprise trust center announced in May, uses artificial intelligence to validate and test security solutions at scale in the open source ecosystem.

According to IBM, the Lightwell center will act as a security coordination layer, offering advanced AI capabilities to analyze an unprecedented volume of open source code. These capabilities will be commercialized through subscriptions, allowing companies to integrate secure patches directly into their software supply chains with enterprise-level validation and lifecycle management. This approach recalls how server virtualization with Proxmox allowed an SME to reduce costs by 40%, demonstrating that standardization and automation are key to operational efficiency.

Collaboration with the Financial Sector

IBM and Red Hat are already working with early adopters of Project Lightwell, including financial giants such as Bank of America, BNY, Citi, Goldman Sachs, JPMorgan Chase, Mastercard, Morgan Stanley, RBC, State Street, Visa, and Wells Fargo. This underscores the sector's confidence in the initiative and its relevance for protecting critical infrastructures.

ibm-red-hat-y-palo-alto-se-unen-para-asegurar-el-s-1.jpg

Key Elements of the Alliance

The collaboration is structured around three fundamental areas:

  • Vulnerability Coverage: Protection for open source software, commercial applications, operational technology environments, and connected devices.
  • Preventive Coverage: Organizations can receive virtual patching protections before official patches are available, reducing exposure during the remediation period.
  • Rapid Protection: When a new vulnerability is discovered, network-level protections can be deployed the same day, with the long-term goal of reducing the time from validated discovery to protection.

Additionally, the companies plan to establish secure processes for sharing vulnerability information among software vendors, technology providers, and security teams, accelerating the development of protections and providing anonymized telemetry on actual exploitation attempts.

The Context of AI and the Urgency of Patching

Nikesh Arora, CEO and President of Palo Alto Networks, highlighted in a statement that “AI has compressed the time between vulnerability discovery and exploitation from weeks to minutes. Traditional patching cannot keep up.” This statement resonates with the reality of many companies, as reflected in the article on SAP under siege, where 88% of companies admit to being unprotected against new threats in their ERP. The alliance seeks to return the advantage to defenders through a combination of virtual patching and automation.

ibm-red-hat-y-palo-alto-se-unen-para-asegurar-el-s-2.jpg

A Long-Standing Relationship

IBM and Palo Alto Networks have a historical collaboration in security and networking. Recently, they launched Quantum-Safe Readiness, a service to identify cryptographic exposure and risks related to quantum computing. Earlier this year, they also combined efforts to help companies discover, assess, and prioritize security and compliance risks in cloud AI deployments. This alliance is part of a broader trend where business process automation with n8n and AI becomes a pillar for efficiency and security.

Impact for Businesses and IT Professionals

For IT professionals, this alliance represents an opportunity to reduce the burden of manual patching and improve security posture. The combination of vulnerability intelligence from IBM and Palo Alto, along with Prisma's virtual patching capability, allows companies to focus on business continuity while mitigating risks. The initiative also reflects how the CEO-CIO alliance becomes crucial for adopting advanced security technologies.

In a world where more than 90% of Fortune 500 companies rely on OSS, according to a Worldmetric study cited by IBM, this collaboration is not only timely but necessary. Open source software underpins modern enterprise infrastructure, but its security has been a constant challenge. With this alliance, IBM, Red Hat, and Palo Alto Networks seek to close the gap between vulnerability discovery and remediation, offering a proactive defense layer.


Original source: ComputerWorld. Analysis and adaptation by ForgeNEX.

Share: