Anthropic Releases Claude Code Security: An AI Tool For Scanning Codebases And Delivering Targeted Vulnerability Fixes

AI safety and research company Anthropic announced that it has released Claude Code Security, a new capability built into Claude Code on the web, now available in a limited research preview. The tool is designed to scan software codebases for security vulnerabilities and propose targeted patches for human review, aiming to help teams identify issues that traditional methods often overlook.

Security teams continue to face a widening gap between the volume of software vulnerabilities and the number of specialists available to address them. Conventional static analysis tools typically rely on rule‑based pattern matching, which can detect common problems but often fails to surface complex, context‑dependent flaws. These weaknesses frequently require expert human researchers, who are already contending with growing backlogs.

Anthropic reports that recent internal testing has shown Claude capable of identifying novel, high‑severity vulnerabilities. The company acknowledges that such capabilities could be used by both defenders and attackers, and says Claude Code Security is intended to ensure these tools are deployed in support of defensive efforts. The preview is being offered to Enterprise and Team customers, with accelerated access for open‑source maintainers.

Claude Code Security Uses Behavioral Reasoning To Uncover Complex Software Vulnerabilities

Claude Code Security analyzes code by reasoning about program behavior rather than searching for predefined patterns. It examines how components interact, traces data flows, and highlights vulnerabilities that rule‑based tools may miss. Each finding undergoes a multi‑stage verification process in which Claude attempts to confirm or refute its own assessment, reducing false positives. Results are assigned severity ratings and delivered through a dashboard where analysts can review findings, inspect suggested patches, and approve fixes. The system provides confidence ratings for each issue, and no changes are applied without human authorization.

The new capability builds on more than a year of research into Claude’s cybersecurity performance. Anthropic’s Frontier Red Team has tested the model in competitive Capture‑the‑Flag environments, collaborated with Pacific Northwest National Laboratory on AI‑assisted defense of critical infrastructure, and refined Claude’s ability to detect and patch real‑world vulnerabilities. Using Claude Opus 4.6, released earlier this month, the team identified more than 500 vulnerabilities in production open‑source codebases, including issues that had gone unnoticed for decades. Anthropic says it is currently working with maintainers on triage and responsible disclosure.

The company describes this period as a pivotal moment for cybersecurity, anticipating that a large share of global code will soon be scanned by AI systems. While attackers are expected to use AI to accelerate vulnerability discovery, Anthropic argues that defenders who adopt similar tools can identify and patch weaknesses before they are exploited. Claude Code Security is positioned as part of a broader effort to raise security standards across the industry.

The post Anthropic Releases Claude Code Security: An AI Tool For Scanning Codebases And Delivering Targeted Vulnerability Fixes appeared first on Metaverse Post.