Deloitte Touche Tohmatsu Ltd. is joining an initiative that IBM Corp. and its Red Hat unit launched in May to repair open-source software vulnerabilities.
The businesses announced the move today.
U.K.-based Deloitte launched in the course of the 18th century as an accounting firm. Today, it’s the world’s largest provider of skilled services with $70.5 billion in revenue as of fiscal 2025. The corporate has a large cybersecurity business that helps enterprises scan their infrastructure for vulnerabilities, detect breaches and perform related tasks.
The open-source security initiative at the middle of today’s partnership known as Lightwell. IBM and Red Hat launched it last month with a $5 billion initial commitment. Moreover, the businesses committed 20,000 engineers to the hassle. Lightwell is designed to assist enterprises detect and patch exploits within the open-source projects that underpin their software.
Deloitte will work with IBM to assist joint customers map out what open-source components their developers use. Moreover, the consulting giant will constantly update that component inventory as firms’ software changes. The goal is to avoid situations where an enterprise is unaware that certainly one of its applications accommodates a vulnerable open-source module.
The patches that open-source project maintainers issue for vulnerabilities don’t at all times work out of the box. For instance, an update might only be compatible with the newest version of a project or require extensive configuration changes. IBM and Red Hat will provide automated patch validation to assist Lightwell clients make sure that security updates work as intended. Deloitte, in turn, will manage the technique of installing patches and validating their effectiveness.
The consulting giant will assign a team of forward-deployed engineers, or FDEs, to support the hassle. An FDE is a developer who works at a client organization’s offices. Deloitte says that the participating employees will help customers with not only vulnerability remediation but in addition ongoing software maintenance.
The corporate and IBM stated that the partnership will concentrate on “regulated software supply chains.” That indicates they plan to prioritize organizations in highly regulated sectors. Deloitte’s cybersecurity business helps customers with, amongst other tasks, ensuring that their systems adhere to industry-specific cybersecurity laws.
The partnership can even encompass certain other tasks. IBM, Red Hat and Deloitte will help firms report breaches to regulators. Moreover, they’ll notify open-source project maintainers about vulnerabilities before publicly disclosing them. That permits maintainers to release patches before hackers grow to be aware of a brand new security flaw.
“Lightwell was created to deal with the growing challenge of securing open source software in an AI-driven threat landscape,” said Savio Rodrigues, IBM’s vice chairman of service partners. “It brings together the engineering, automation and ecosystem partnerships needed to tackle this risk at scale.”
Photo: IBM
Support our mission to maintain content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with greater than 11,400 tech and business leaders shaping the long run through a singular trusted-based network.
About SiliconANGLE Media
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our recent proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to assist technology firms make data-driven decisions and stay on the forefront of industry conversations.