Anthropic Launches Claude Code Security to Hunt Software Vulnerabilities Humans Miss

AI That Reads Code Like a Human Security Researcher

Anthropic launched Claude Code Security on February 20 as a limited research preview for Enterprise and Team customers. Unlike traditional static analysis tools, the system uses Claude Opus 4.6 to reason about code the way a human security researcher would, mapping how application components interact and tracing data flows to detect complex vulnerabilities that pattern-matching tools miss.

How It Works

Claude Code Security scans entire codebases, identifies business logic flaws and access-control issues, assigns severity and confidence ratings to each finding, and suggests targeted patches — all requiring human approval before any change is applied. A multi-stage verification pipeline filters false positives before results reach the review dashboard.

Over 500 Undetected Vulnerabilities Found in Production Code

Using the tool on production open-source codebases, Anthropic reports finding more than 500 vulnerabilities that had gone undetected for decades despite years of expert review. Maintainers of open-source repositories can apply for expedited free access.

Cybersecurity Stocks Drop on Launch Day

The announcement triggered an immediate market reaction: CrowdStrike fell 6.8%, Okta dropped 9.2%, SailPoint shed more than 9%, and Cloudflare slid nearly 7% — wiping billions from the sector in hours. The sell-off reflects investor concern that AI-powered security tooling could disrupt incumbent cybersecurity software vendors.

Claude Code Security is currently available only to Enterprise and Team customers; no broader rollout date has been announced.