Claude Security, previously called Claude Code Security, is in public beta for Claude Enterprise customers. Available in Claude.ai, the capability scans codebases for security vulnerabilities and suggests targeted patches for review, helping teams identify and fix issues that might otherwise be missed.
Admins can enable it in the admin console. Access for Claude Team and Max customers is expected to follow.
Organizations can use the Claude Opus 4.7 model across their codebases to detect vulnerabilities and generate patches. The system analyzes code by tracing data flows and examining how components interact across files and modules.
Claude Security does not require API integration or custom agents. It includes scheduled and targeted scans, integration with audit systems, and tracking for triaged findings.
How Claude Security works
Claude Security is available from the Claude.ai sidebar or at claude.ai/security. Users select a repository or scope a scan to a directory or branch, then start the scan.
During a scan, Claude analyzes how components interact across files and modules, traces data flows, and reads source code. After the scan, it provides a detailed explanation of each finding, including confidence level, severity, likely impact, and steps to reproduce. It also generates patch instructions that can be reviewed and applied in context.
“With this release, we’ve also added the ability to target a scan at a particular directory within a repository, dismiss findings with documented reasons (so that future reviewers can trust prior triage decisions), export findings as CSV or Markdown for existing tracking and audit systems, and send scan results to Slack, Jira, or other tools via webhook,” Anthropic said.
Organizations can adopt these capabilities in several ways: directly in Claude Security, within existing platforms, or with support from services teams.
OpenAI responds with GPT-5.5-Cyber rollout
A month ago, Anthropic has launched Claude Mythos Preview, a general-purpose model available to select partners and developers that can identify zero-day vulnerabilities and build working exploits across major operating systems and web browsers.
In response, OpenAI CEO Sam Altman said in a post on X that the company will begin rolling out GPT-5.5-Cyber to selected cyber defenders in the coming days.
“We will work with the entire ecosystem and the government to establish trusted access for cyber. We want to help secure companies and infrastructure quickly,” he said.
