Anthropic has released Claude Code Security, a new AI-powered tool that scans codebases for vulnerabilities and suggests targeted patches for human review. The tool, built into Claude Code on the web, is now available in a limited research preview to Enterprise and Team customers, with expedited access for open-source maintainers.

Traditional security tools rely on pattern matching to find known vulnerabilities, but often miss complex issues involving business logic or access control. Claude Code Security takes a different approach, reasoning about code like a human security researcher would by understanding component interactions and tracing data flows through applications. Every finding undergoes multi-stage verification, with severity ratings and confidence scores to help teams prioritize fixes.

The tool builds on more than a year of cybersecurity research, including competitive Capture-the-Flag events and partnerships with organizations like Pacific Northwest National Laboratory. Using Claude Opus 4.6, Anthropic's team discovered over 500 previously undetected vulnerabilities in production open-source codebases. The company positions this release as a way to give defenders the same AI capabilities that attackers might use, helping organizations patch vulnerabilities before they can be exploited.