"If your organization uses Claude, you can start scanning today," a company statement said.
Claude Security enters public beta for Claude Enterprise
Anthropic has launched Claude Security in public beta to its Claude Enterprise customers, rebranding what was previously known as Claude Code Security. Built on Anthropic’s generally available model Claude Opus 4.7, the tool is designed to scan codebases to find and propose patches for software vulnerabilities. According to the company, no API integration or custom agent build is required; customers can access the feature directly from the Claude.ai sidebar or at claude.ai/security.
Features added after research preview testing
Anthropic reports that hundreds of organizations of all sizes used Claude Security in a limited research preview. Based on two months of testing, the company added a suite of operational features aimed at enterprise workflows:
- A multi-stage validation pipeline that independently examines each finding before it reaches an analyst, with a confidence rating attached to every result to reduce false positives.
- An option to schedule scans so teams can set a regular cadence for review and remediation.
- The ability to target scans at a specific directory within a repository, dismiss findings with documented reasons to preserve triage history, and export findings as CSV or Markdown for existing tracking and audit systems.
- Integration options to forward scan results to collaboration and tracking systems such as Slack and Jira, or to other tools via webhooks.
How Claude reasons about vulnerabilities
Anthropic describes Claude Security’s approach as reasoning about code "much like a security researcher." Rather than relying solely on pattern matching for known weaknesses, Claude traces data flows, reads source code across files and modules, and seeks to understand component interactions. For each finding the tool produces a detailed explanation that includes the model’s confidence that the vulnerability is real, an assessment of severity and likely impact, reproduction steps, and instructions for a targeted patch.
Opus 4.7 integrations with commercial cybersecurity tools
Anthropic says capabilities from Opus 4.7 are being integrated into a number of cybersecurity vendors’ software tools that many enterprises already use. The firms Anthropic lists are CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz. Those integrations indicate Anthropic’s intent to surface model-driven vulnerability analysis within existing defensive toolchains rather than confining it to the Claude.ai interface.
Anthropic’s broader security push and market context
The Claude Security public beta comes weeks after Anthropic announced Project Glasswing and its frontier model, Claude Mythos Preview. Anthropic said Mythos is currently available only to a select group of partners and that in testing the Mythos model discovered thousands of zero-day vulnerabilities that had not previously been identified. The company’s rollout of Claude Security sits alongside competitive moves in the sector: the source notes that OpenAI has launched GPT‑5.4‑Cyber and expanded its Trusted Access for Cyber program to support more permissive, streamlined deployment of AI models for cybersecurity defense use cases.
What this means for technologists and security teams, procurement leaders, and cybersecurity vendors
- Technologists and security teams: They gain an on‑demand scanner that combines scheduled and targeted scans with explanatory output and suggested patches; teams will likely evaluate the multi-stage validation pipeline and confidence scores to manage triage workload.
- Procurement and enterprise security leaders: The promise of no API or agent build may lower deployment overhead for Claude Enterprise customers, and the export and webhook capabilities are positioned to fit existing audit and ticketing processes.
- Cybersecurity vendors and integrators: Anthropic’s stated integrations with CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz suggest a path where vendors incorporate model-assisted vulnerability analysis into established security controls and workflows.
Anthropic has opened Claude Security to Claude Enterprise customers now, with access for Claude Team and Max customers promised “coming soon.” The public beta, combined with Opus 4.7 integrations and the earlier Mythos testing that reportedly uncovered thousands of previously unidentified zero‑days, frames a near-term agenda: broaden access, plug model capabilities into vendor toolchains, and measure how well automated findings and confidence ratings hold up in operational triage. For organizations already using Claude, the company’s message is straightforward — the scanning capability is available today; the next question is how readily teams can fold the delivered findings and recommended patches into their existing review and remediation processes.
