Introduction
Anthropic has recently introduced a groundbreaking tool called Claude Code Security, which uses advanced artificial intelligence to scan entire codebases for vulnerabilities. This new capability, integrated directly into Claude Code on the web, aims to revolutionize application security by identifying sophisticated threats that traditional tools often miss.
How Claude Code Security Works
Claude Code Security leverages frontier reasoning technology from Anthropic’s latest release of Claude Opus 4.6. Unlike legacy Static Application Security Testing (SAST) tools that rely on rigid signature matching, this new system maps data flows across modules and simulates attack paths to uncover business logic flaws, authentication bypasses, complex injection vectors, and memory safety issues.
Key Features of Claude Code Security
- Data Flow Mapping: The system traces how data moves through different parts of the codebase to identify potential vulnerabilities.
- Multistage Self-Critique: Each finding undergoes a rigorous self-critique process, significantly reducing false positives and improving accuracy.
- User-Friendly Dashboard: Validated vulnerabilities are presented in an easy-to-understand dashboard with clear explanations, reproduction steps, severity ratings, and conservative patches that maintain the original code’s style and structure.
Internal Testing Results
In internal testing, Anthropic’s Frontier Red Team discovered over 500 previously unknown high-severity vulnerabilities in popular open-source projects using Claude Opus 4.6. Many of these bugs had evaded detection by experts for years.
Market Reaction and Availability
The launch of Claude Code Security has caused a significant stir in the cybersecurity market, with established players like CrowdStrike, Cloudflare, and Okta experiencing sharp declines in their stock prices. This reaction reflects concerns about the impact on traditional vulnerability management revenue streams.
Availability and Future Plans
Claude Code Security is currently available as a limited research preview for Enterprise and Team plan customers. Open-source maintainers can request free, expedited access through Anthropic’s security contact form. Feedback from this initial phase will guide the broader rollout planned later in 2026.
元記事: https://gbhackers.com/anthropic-debuts-claude-code-security/