Anthropic has launched Claude Security in public beta to its Claude Enterprise customers.
Previously known as Claude Code Security, the cybersecurity tool is built on Anthropic’s latest generally available AI model, Claude Opus 4.7, to scan codebases to find and patch software vulnerabilities.
It comes with scheduled and targeted scans, easier integration with audit systems, and improved tracking of triaged findings, according to the AI firm. No API integration or custom agent build is required.
“If your organization uses Claude, you can start scanning today,” a company statement said.
Meanwhile, access for Claude Team and Max customers is coming soon, according to the AI firm.
Claude Security can be accessed directly from the Claude.ai sidebar, or at claude.ai/security.
“While scanning, Claude reasons about code much like a security researcher. Rather than finding vulnerabilities by searching for known patterns, Claude seeks to understand how components interact across files and modules, traces data flows, and reads the source code,” Anthropic described.
Claude then provides a detailed explanation of each of its findings, including its confidence that the vulnerability is real, how severe it is, its likely impact and how it can be reproduced.
It also generates instructions for a targeted patch.
Claude Security has already been tested by hundreds of organizations of all sizes in limited research preview.
Based on the past two months of testing, Anthropic has added the following features to Claude Security:
- A multi-stage validation pipeline that independently examines each finding before it reaches an analyst. This drives down false positives. Claude attaches a confidence rating to every result
- An option to schedule scans, so teams can set a regular cadence around reviewing and acting on findings
- The ability to target a scan at a particular directory within a repository, dismiss findings with documented reasons (so that future reviewers can trust prior triage decisions), export findings as CSV or Markdown for existing tracking and audit systems, and send scan results to Slack, Jira, or other tools via webhooks
Opus 4.7’s capabilities are also being integrated into a number of cybersecurity firm’s software tools that many enterprises are already using. These include CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz.
This comes just weeks after Anthropic launched Project Glasswing and its frontier AI model Claude Mythos Preview. At the moment, Mythos is only available to a select number of partners. In testing, Anthropic said the Mythos model discovered thousands of zero-day vulnerabilities which had not previously been identified.
Meanwhile, OpenAI has launched GPT‑5.4‑Cyber and expanded its Trusted Access for Cyber program to support more permissive, streamlined deployment of AI models for cybersecurity defense use cases.
