Deloitte joins IBM and Red Hat’s initiative to secure open-source software

As reported by Silicon Angle, Deloitte Touche Tohmatsu Ltd. is partnering with IBM Corp. and its Red Hat unit on Project Lightwell, an initiative launched to address vulnerabilities in open-source software. This collaboration aims to enhance the security and trustworthiness of the open-source software supply chain.

The partnership focuses on strengthening the security of open-source components used in enterprise software. Deloitte will assist joint customers in mapping and continuously updating their inventory of open-source components, ensuring they are aware of any vulnerable modules within their applications. IBM and Red Hat will provide automated patch validation to confirm that security updates function correctly, while Deloitte will manage the installation and validation of these patches.

The initiative, initially backed by a $5 billion commitment and 20,000 engineers from IBM and Red Hat, will prioritize organizations in highly regulated sectors, helping them comply with cybersecurity laws. The collaboration also includes assisting companies with breach reporting to regulators and notifying open-source project maintainers of vulnerabilities before public disclosure, allowing for timely patching.

Source: Silicon Angle