IBM and OpenAI partner to deploy frontier AI models in enterprise security operations

IBM joins OpenAI's cyber program to bring frontier AI into enterprise security

The company is putting OpenAI's models to work hunting software flaws, and pairing the effort with a $5bn open-source security push. IBM has signed up to OpenAI's Daybreak Cyber Partner Program, a tie-up the company says will put frontier AI models to work inside corporate security operations. The partnership comes with a concrete first product: a new application-security service that uses the cyber capabilities of OpenAI's models to find and confirm software vulnerabilities faster than conventional tools manage. The pitch, according to IBM, is that the service goes beyond traditional code scanning. Rather than flagging patterns that might be flaws, it uses the AI to reason about an application and then validate whether a suspected weakness is genuinely exploitable, which is the slow and expensive part of security work that human teams usually shoulder. IBM said the aim is to help enterprises keep pace with threats that now move at machine speed. The promise of validation, in particular, is aimed at a chronic complaint among security teams, that conventional scanners bury them in alerts, most of which turn out to be harmless and few of which can be triaged quickly. How the AI gets near sensitive code matters, and IBM was specific about it. The service is delivered through IBM Consulting Advantage, the company's AI consulting-delivery platform, which connects a client's application environment to the models in what IBM describes as a controlled, governed way. That means operating inside the client's own environment, with read-only access to code repositories and bounded execution, so the AI can examine software without being handed the keys to change it. The service is available now, with further integrations planned under the Daybreak program. The launch sits alongside a larger and more expensive effort. IBM is also backing Project Lightwell, supported by a $5bn commitment from IBM and Red Hat, which the company describes as an enterprise security clearinghouse staffed by engineers to patch, validate, and manage open-source code across the software supply chain. Lightwell draws on OpenAI's cyber capabilities along with other frontier models, and targets the open-source dependencies that sit, often unexamined, beneath most modern software. The timing fits a year in which AI has become a weapon as much as a shield. Google researchers recently used an AI system to surface a previously unknown zero-day, and Anthropic has reported on models capable of finding bank-grade vulnerabilities. The same reasoning that lets a model spot a flaw for a defender can, in other hands, help an attacker find it first, which is the logic IBM is selling against. Vendors and governments alike have been knitting together alliances to keep up. Recent months have brought NATO-aligned cyber partnerships involving the likes of Microsoft and Palo Alto Networks, and consolidation among the tooling makers, including Databricks' purchase of Panther Labs. IBM's move plants one of the oldest names in enterprise computing firmly on the defensive side of that buildout, with OpenAI's models as the engine. What comes next is more integration. IBM said additional capabilities will roll out under the Daybreak program over time, which positions the application-security service as the opening move rather than the whole hand. The Lightwell effort, with its larger budget and supply-chain focus, suggests the company sees the open-source layer as the harder and more consequential problem to solve. For now, IBM has staked a claim that the AI built to write software can also be turned, at scale, to securing it.

IBM partners with OpenAI on enterprise security AI

IBM joined the OpenAI Daybreak Cyber Partner Program and is collaborating with the startup to integrate protective AI tools directly into business operations, helping companies identify and minimize their security risks. IBM on Monday said it has partnered with OpenAI to integrate frontier AI capabilities into enterprise security workflows, aiming to counter rapidly evolving cyber threats. Shares of the company rose 3.6% in trading after the bell. Here are a few ⁠details ⁠on the partnership: IBM joined the OpenAI Daybreak Cyber Partner Program and is collaborating with the startup to integrate protective AI tools directly into business operations, helping companies identify and minimize their security risks. As part of the partnership, the company launched ⁠a new application security service that uses OpenAI's cyber capabilities to help organizations identify and ⁠validate software vulnerabilities with greater speed and precision. The new service is built on Project Lightwell, an initiative launched last month to deploy engineers and AI tools to help companies better secure open source software and is backed by a $5 billion commitment from IBM and Red Hat. Project Lightwell will use OpenAI's cyber capabilities alongside other frontier AI models for code review and remediation. "The OpenAI ⁠Daybreak Cyber Partner Program expands our access to a broader set of advanced AI capabilities, which we deploy within our clients' environments to help surface the most relevant risks faster and help them act with confidence," said Mark Hughes, global managing partner, cybersecurity services, IBM Consulting.