Anthropic Launches Claude Security Beta for Codebases

Anthropic announced the launch of Claude Security in public beta mode on April 30, 2026, to help cybersecurity teams scan their codebases for vulnerabilities and generate patches. The tool opens to all Claude Enterprise customers and uses Claude Opus 4.7, currently one of the strongest generally available models for security analysis, to scan entire codebases, trace how data moves through code, and generate targeted patches for developer review. The launch comes as Anthropic positions Claude Security to help defenders keep pace with Mythos signaling a new era of near-instant exploitation.

Claude AI security beta generates targeted code patches for developer review and codebase protection.

Core Capabilities and Integration

Claude can now reason over entire codebases by thinking similarly to the way a cybersecurity researcher does, tracing data flows, reading source code and examining interactions between code components and files to synthesize network effects, instead of looking for known patterns. The model then verifies everything with a confidence rating before it reaches an analyst so that it can provide more trustworthy outputs.

No custom API integration or agent-building is required; if your organization already runs Claude, you can point it at a GitHub repository and start scanning today. Claude Security can be accessed from the Claude.ai sidebar or at claude.ai/security.

Each surfaced finding goes through a multi-stage validation pipeline before it reaches an analyst and receives a confidence rating, and findings can include likely impact, reproduction steps, and a recommended fix, with users able to open Claude Code against the same repository context to work through the patch.

Features Added from Research Preview

Anthropic says that hundreds of organizations tested the tool in a closed research preview since February, uncovering exploits in production code, including vulnerabilities that existing tools had missed for years. After feedback from the research preview, the company added scheduled scans for ongoing coverage, the ability to dismiss findings with documented reasons (essentially notes for future reviewers to triage analysis), and comma-separated and Markdown exports for easy import into existing audit systems.

Teams can now schedule recurring scans with a weekly cadence that ties well to sprint boundaries or pre-release checkpoints, and scans can be scoped to a specific directory within a repository, which meaningfully improves success rates on large monorepos. Results export as CSV or Markdown, and per-project webhooks push scan events into Slack, Jira, or other existing tracking systems in real time.

Industry Partnerships and Enterprise Support

Anthropic’s technology partners, such as CrowdStrike Holdings Inc., Palo Alto Networks Inc., SentinelOne Inc., Trend Micro Inc.’s TrendAI and Wiz Inc., are integrating Opus 4.7 into their cybersecurity platforms. Other firms (Accenture, BCG, Deloitte, Infosys, and PwC) are working to deploy Claude-integrated solutions for vulnerability management, secure code review, and incident response programs.

Teams want minimal time from scan to fix (Claude Security is already reducing days of back and forth between the security team and the engineers to a single sitting), and they want ongoing coverage rather than one-off audits, so Anthropic has added an option to schedule scans, allowing a regular cadence around reviewing and acting on findings.

Mythos Preview Context and Defensive Push

Claude Security sits alongside Anthropic’s more restricted Project Glasswing initiative, where the far more capable Claude Mythos Preview model is being used with a vetted set of partners, and Mythos-class capabilities are expected to become more broadly available within the next year or two. Anthropic has identified thousands of additional high- and critical-severity vulnerabilities that the company is working on responsibly disclosing to open source maintainers and closed source vendors, and has contracted a number of professional security contractors to assist in the disclosure process by manually validating every bug report before sending it out.

In controlled evaluations where Mythos Preview was explicitly directed and given network access to do so, evaluators observed that it could execute multi-stage attacks on vulnerable networks and discover and exploit vulnerabilities autonomously, tasks that would take human professionals days of work. The key shift is that vulnerability discovery and exploit development are becoming cheaper, faster and less dependent on scarce human expertise.

Availability and Access

Claude Security is now available in public beta to Claude Enterprise customers. Currently, only GitHub-hosted repositories are supported, and access for the Claude Team and Max plan customers is expected soon. Organizations whose legitimate security work triggers Opus 4.7’s built-in cyber safeguards can apply for Anthropic’s Cyber Verification Program to continue operating without interruption.

The product runs on Claude Opus 4.7, the model Anthropic released on April 16 with new cyber safeguards designed to block requests that indicate prohibited or high-risk cybersecurity use while preserving availability for approved defensive work.

Key Facts

Claude Security launched in public beta on April 30, 2026, for Enterprise customers
Powered by Claude Opus 4.7 with automated codebase scanning and patch generation
Hundreds of organizations tested the tool since February research preview
CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, Trend.ai, and Wiz integrating Opus 4.7 into security platforms
New features include scheduled scans, documented dismissals, CSV/Markdown exports, and real-time webhooks
GitHub repositories only; Team and Max plan access coming soon
Claude Mythos Preview identified thousands of high- and critical-severity vulnerabilities through Project Glasswing