Why it matters: AI security tools only matter if teams trust the findings enough to act. Anthropic put Opus 4.7 behind a beta workflow that scans code, validates issues, and suggests fixes after a preview used by hundreds of organizations.
GitHub used X to point developers to a roadmap that hardens Actions across dependency locking, policy-based execution, and runner network controls. The plan includes workflow-level dependency locks, ruleset-based execution protections, and a native egress firewall for GitHub-hosted runners.
OpenAI said on March 6, 2026 that Codex Security is entering research preview for ChatGPT Pro, Enterprise, Business, and Edu users in Codex web. The company says the application-security agent uses project-specific threat models, contextual validation, and patch proposals, and in beta scanned more than 1.2 million commits.
GitHub said in a March 17, 2026 X thread that Copilot coding agent now adds model selection, self-review before PRs, built-in code/secret/dependency scanning, custom agents, and cloud-to-CLI handoff. GitHub’s blog frames the upgrade as a smoother delegation workflow for background coding tasks.