Making frontier cybersecurity capabilities available to defenders
4 hours ago
- #AI
- #CodeSecurity
- #Cybersecurity
- Claude Code Security is a new capability that scans codebases for security vulnerabilities and suggests patches for human review.
- It addresses the challenge of too many vulnerabilities and not enough personnel by detecting subtle, context-dependent issues that traditional tools miss.
- Unlike rule-based static analysis, Claude Code Security understands code interactions and data flow like a human researcher, catching complex vulnerabilities.
- Findings undergo a multi-stage verification process to filter out false positives and are assigned severity ratings for prioritization.
- Validated findings appear in a dashboard with suggested patches and confidence ratings, requiring human approval for fixes.
- Claude Code Security builds on over a year of research, including competitive Capture-the-Flag events and partnerships with national labs.
- Using Claude Opus 4.6, over 500 previously undetected vulnerabilities in open-source codebases were found, with plans for responsible disclosure.
- The tool is now available in a limited research preview for Enterprise and Team customers, with expedited access for open-source maintainers.
- AI is expected to scan a significant share of the world’s code soon, with attackers and defenders both leveraging AI capabilities.
- Claude Code Security aims to improve industry-wide security by enabling defenders to find and patch vulnerabilities quickly.