Anthropic has just crossed a major milestone in AI-assisted software security. Claude Security, the code analysis tool the company had been developing since February under the name Claude Code Security, is now available in public beta. And honestly, this is one of the most promising evolutions I’ve seen in security code analysis in a long time.
TL;DR — If you only have 30 seconds: Claude Security scans your code, validates detected vulnerabilities, and suggests fixes. Public beta is available now for Enterprise customers.
How Claude Security Works
In practice, the tool goes far beyond simply scanning your codebase for known patterns. Claude Security tracks data flows across files, reads Git history to understand context, and understands the business logic behind the code. Where traditional tools stop at pattern matching, this is real semantic analysis.
Every detected vulnerability comes with:
- A confidence score for the diagnosis
- A severity assessment
- The likely impact on the system
- The steps required to reproduce the issue
- A suggested fix directly openable in Claude Code on the Web
And most importantly — a critical point — every fix requires human review and approval before being applied. Teams stay in control. Personally, I think this is exactly what we should expect from a tool operating in the security space: no automatic application, no unexpected production changes.
New Features Included in the Public Beta
| Feature | What It Enables |
|---|---|
| Scheduled scans | Automate security checks at regular intervals |
| Directory targeting | Restrict scans to a specific project path |
| Documented dismissal | Keep a record of triage decisions for future teams |
| CSV/Markdown export | Integrate results into existing audit systems |
| Webhooks | Send alerts to Slack, Jira, and other third-party tools |
These features address real-world needs I regularly hear from development teams: automating security without losing traceability, while integrating smoothly into existing workflows.
Claude Security Availability
The tool is available immediately in public beta for Claude Enterprise customers, via the Claude.ai sidebar or directly at claude.ai/security. Administrators can enable it from the admin console.
Important point: no API integration or custom agent development is required. This is plug-and-play for Enterprise customers.
Access for Team and Max plans is expected soon — I’d recommend keeping an eye on future announcements if you’re not yet on Enterprise.
Behind Claude Security: A Broader Cybersecurity Strategy
It would be incomplete to discuss Claude Security without mentioning the larger context. This launch is part of a broader offensive cybersecurity strategy from Anthropic, initiated a few weeks ago with Claude Mythos Preview.
For context, Mythos Preview is considered too powerful to be released publicly — it is accessible only to around fifty partner organizations responsible for securing critical infrastructure. Meanwhile, Claude Security relies on Claude Opus 4.7, Anthropic’s latest public-facing model, which includes cybersecurity safeguards derived from Project Glasswing.
Beyond security itself, this move also allows Anthropic to push Opus 4.7 deeper into its partner ecosystem: CrowdStrike, Microsoft Security, Palo Alto Networks, and others. It’s a smart strategy — and it shows the company is not only playing the technical card, but also the ecosystem card.
🔑 Key Takeaways
- Claude Security is now in public beta for Enterprise customers — Team and Max plans will follow.
- The tool goes beyond pattern recognition by understanding business logic and tracking data flows.
- Every suggested fix requires human approval — no automatic application, which is the responsible approach.
- New features such as scheduled scans, webhooks, and exports directly address professional team requirements.
- This launch fits into a broader strategy positioning Opus 4.7 as Anthropic’s flagship cybersecurity model.
Conclusion
To put it simply: Claude Security looks like what code security should always have been — an assistant that truly understands what it scans, not just a pattern detector. Does it replace human security audits? No. Does it make code review faster and more comprehensive? Absolutely.
Personally, I’ll be watching this very closely. If you’re on an Enterprise plan and running production code, enabling Claude Security should be an obvious move.
Nicolas Dabène — Developer of the MCP Tools Plus module for PrestaShop & expert in e-commerce security architecture.