The feature allows engineering and security teams to scan entire codebases automatically, detect sophisticated vulnerabilities, and receive precise patch recommendations, all with full human oversight.
Traditional static analysis tools depend on predefined rules and pattern matching, effectively catching obvious issues such as hardcoded credentials or weak encryption.
However, they routinely miss subtle, high-impact flaws that emerge from complex code interactions, including business logic errors, broken authorization flows, authentication bypasses, advanced injection attacks, and memory-safety problems spanning multiple files and modules.
Claude Code Security addresses this gap by leveraging Anthropic’s frontier models, led by the newly released Claude Opus 4.6.
The system performs deep reasoning: it traces data flows across the entire repository, maps interdependencies, simulates attack paths, and identifies vulnerabilities that have evaded detection for years.
Every finding goes through rigorous multi-step verification, the AI critiques its own conclusions, eliminates false positives, assigns CVSS-based severity scores, and provides confidence levels.
Validated issues are presented in a clean, interactive dashboard complete with plain-English explanations, reproduction steps, and ready-to-apply patch suggestions that preserve existing code style and architecture.
Crucially, no changes are ever applied automatically; developers and security reviewers must explicitly approve every fix.
In internal testing conducted by Anthropic’s Frontier Red Team, Claude Opus 4.6 discovered more than 500 previously unknown high-severity vulnerabilities in widely used open-source projects, bugs that had survived extensive human audits, fuzzing campaigns, and penetration tests. Responsible disclosure is already underway with affected maintainers.
“We also use Claude to review our own code, and we’ve found it to be extremely effective at securing Anthropic’s systems.”
“We built Claude Code Security to make those same defensive capabilities more widely available. And since it’s built on Claude Code, teams can review findings and iterate on fixes within the tools they already use.” Claude stated.
The announcement triggered an immediate negative reaction across financial markets. Shares of major cybersecurity vendors fell sharply in Friday trading as investors priced in potential disruption to the traditional vulnerability-scanning and application-security market.
CrowdStrike (CRWD) dropped 7.8%, Palo Alto Networks (PANW) declined 6.4%, Cloudflare (NET) slid 5.9%, Zscaler (ZS) lost 5.2%, and Okta (OKTA) fell 4.7%. Smaller pure-play static-analysis and SAST providers saw even steeper declines, with some names down more than 12% by the close.
Analysts noted that Claude Code Security’s ability to find “long-hidden” bugs at scale could reduce reliance on legacy tools and shift spending toward AI-native security platforms.
“This is the first time a general-purpose frontier model has demonstrated production-grade autonomous vulnerability research at codebase scale,” said one cybersecurity equity analyst.
“The defensive upside is real, but the commercial threat to incumbents is immediate.”
Anthropic stressed that the tool is currently available only to Enterprise and Team plan customers in a limited research preview. Open-source maintainers can apply for free expedited access via the company’s security contact form.
The company expects to incorporate feedback from the preview before expanding availability later this year.
As AI-generated code proliferates and threat actors gain access to similar scanning capabilities, Anthropic positions Claude Code Security as a critical force multiplier for defenders.
By giving security teams the same frontier-level tools that attackers will soon wield, the company aims to raise the global security baseline and tilt the advantage back toward the defense.Anthropic Launches Claude Code Security: AI Tool Scans Codebases for Complex Vulnerabilities
The post Anthropic Launches Claude Code Security – AI Vulnerability Scanning Tool to Scans Codebases appeared first on Cyber Security News.
Epic Games has confirmed it will refund D4vd cosmetics to any Fortnite player who makes…
Epic Games has confirmed it will refund D4vd cosmetics to any Fortnite player who makes…
Epic Games has confirmed it will refund D4vd cosmetics to any Fortnite player who makes…
Seth MacFarlane said he is willing to make Ted Season 3 or even another movie,…
Seth MacFarlane said he is willing to make Ted Season 3 or even another movie,…
Michael made a huge $217 million at the global box office, enough to secure the…
This website uses cookies.