Anthropic Launches Claude Security for AI Vulnerability Scanning
▼ Summary
– Anthropic launched Claude Security in public beta for Enterprise customers to scan and patch code vulnerabilities using Claude Opus 4.7.
– The tool requires no API integration or custom agent build and is accessible from the Claude.ai sidebar or at claude.ai/security.
– Claude Security analyzes code by understanding component interactions and data flows, then provides detailed findings with confidence ratings, severity, and patch instructions.
– Features added during testing include a multi-stage validation pipeline to reduce false positives, scheduled scans, targeted directory scans, and export to CSV, Markdown, Slack, Jira, or webhooks.
– Opus 4.7 is being integrated into cybersecurity tools from CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI, and Wiz.
Anthropic has officially launched Claude Security in public beta, now available to all Claude Enterprise customers. Formerly known as Claude Code Security, this cybersecurity tool leverages Anthropic’s latest flagship model, Claude Opus 4.7, to scan codebases and identify and patch software vulnerabilities.
The tool introduces several key features: scheduled and targeted scans, seamless integration with existing audit systems, and improved tracking of triaged findings. According to the AI company, no API integration or custom agent build is required to get started. “If your organization uses Claude, you can start scanning today,” a company statement confirmed. Access for Claude Team and Max customers is expected to roll out soon.
Users can access Claude Security directly from the Claude.ai sidebar or by visiting claude.ai/security. Anthropic described the scanning process as fundamentally different from conventional tools: “While scanning, Claude reasons about code much like a security researcher. Rather than finding vulnerabilities by searching for known patterns, Claude seeks to understand how components interact across files and modules, traces data flows, and reads the source code.”
After analysis, Claude delivers a detailed explanation for each finding, including its confidence level that the vulnerability is genuine, its severity, likely impact, and step-by-step reproduction instructions. It also generates targeted patch instructions.
Claude Security has already undergone testing by hundreds of organizations of various sizes during a limited research preview. Based on feedback from the past two months, Anthropic has added several enhancements:
- A multi-stage validation pipeline that independently reviews each finding before it reaches an analyst, significantly reducing false positives. Each result includes a confidence rating.Opus 4.7’s capabilities are also being integrated into cybersecurity tools already widely used by enterprises, including CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI, and Wiz.This launch follows Anthropic’s recent unveiling of Project Glasswing and its frontier AI model Claude Mythos Preview. Currently, Mythos is limited to a select group of partners. During testing, Anthropic reported that the Mythos model discovered thousands of previously unidentified zero-day vulnerabilities.Meanwhile, competitor OpenAI has introduced GPT-5.4-Cyber and expanded its Trusted Access for Cyber program, aiming for more permissive and streamlined deployment of AI models for cybersecurity defense use cases.
