Anthropic Bolsters Cyber Defenses with AI-Driven Vulnerability Scanning for Claude Code

SAN FRANCISCO – Artificial intelligence pioneer Anthropic has officially launched a new security layer for its developer tool, Claude Code, capable of scanning entire software codebases for hidden vulnerabilities and automatically generating patches.

Currently available in a limited research preview for Enterprise and Team customers, the "Claude Code Security" feature marks a significant shift toward using generative AI as an active defensive shield. By reasoning through codebases with the nuance of a human researcher, the tool aims to outpace cyber adversaries who are increasingly using similar AI technologies to automate their attacks.

The new capability is designed to bridge the gap between traditional security tools and human intuition. According to a company announcement released Friday, the feature goes well beyond standard static analysis or pattern matching. Instead, it traces complex data flows and analyzes how disparate software components interact to identify sophisticated "zero-day" style weaknesses that rule-based systems often overlook. To ensure accuracy, Anthropic has implemented a multi-stage verification process to filter out false positives, assigning each discovery a severity rating to help engineering teams prioritize their most critical fixes.

A core philosophy of the rollout is the "human-in-the-loop" approach, ensuring that AI-driven suggestions do not compromise system integrity. While the tool provides a confidence rating for its findings and suggests targeted software patches, it does not execute changes autonomously. Developers must review and approve all fixes through a dedicated security dashboard before any code is modified. By giving defenders the same high-speed reasoning capabilities currently being weaponized by threat actors, Anthropic hopes to fundamentally raise the security baseline for modern software development.