Anthropic Launches Claude Security, an Autonomous Agent for Vulnerability Detection and Patch Generation

Anthropic moved Claude Security from closed preview to public beta on April 30, making an autonomous vulnerability scanning and remediation agent available to Claude Enterprise customers. The product, powered by Claude Opus 4.7, lets security teams point it at a repository, directory, or branch and receive vulnerability findings with confidence ratings, severity assessments, and generated patch instructions, all executable through Claude Code on the web.

From Research Preview to Production Agent

Claude Security started as Claude Code Security in a research preview in February. Since then, hundreds of organizations have used it to discover and fix exploits in production code, including vulnerabilities that existing tools had missed for years, according to SiliconANGLE.

The tool works differently from pattern-matching scanners. According to SecurityWeek, Claude Security traces data flows, reads source code, and examines interactions between components to synthesize network effects across a codebase. It then verifies findings with a confidence rating before surfacing them to analysts, aiming to reduce false positives that plague traditional scanning tools.

After the scan, users can open a Claude Code session to apply fixes directly in context. Anthropic says this compresses what previously took days of back-and-forth between security and engineering teams into single-session remediation cycles.

Scheduled Scans and Export Integration

Based on feedback from the closed preview, Anthropic added three features: scheduled scans for ongoing coverage rather than one-off audits, the ability to dismiss findings with documented reasons for future reviewers, and CSV/Markdown exports for import into existing audit systems, according to SiliconANGLE.

The Mythos Context

The launch sits in the context of Anthropic’s broader cybersecurity push. The company’s Mythos model has proven adept at discovering vulnerabilities, and Anthropic’s Project Glasswing initiative brings together technology partners to secure production software using frontier AI capabilities.

The defensive framing is explicit. “Part of our broader push to put frontier capabilities in defenders’ hands,” Anthropic wrote. CrowdStrike, Palo Alto Networks, SentinelOne, TrendAI, and Wiz are integrating Opus 4.7 into their existing security platforms. Consulting firms including Accenture, BCG, Deloitte, Infosys, and PwC are deploying Claude-integrated solutions for vulnerability management, secure code review, and incident response.

“This is not AI simply augmenting security, it is AI redefining how enterprises defend themselves,” Satish H.C., EVP and chief delivery officer at Infosys, told SecurityWeek.

The Agent-Driven Security Operations Shift

Claude Security represents a specific architectural pattern: autonomous agents operating as security team members rather than passive scanning tools. The agent reasons over code, generates fixes, and executes them through Claude Code’s autonomous execution engine. For security operations teams already stretched thin by the volume of AI-discovered vulnerabilities (the Zero Day Initiative reported a 490% increase in AI-discovered submissions in April alone), an agent that can scan, triage, and remediate in a single session changes the economics of vulnerability management.

Claude Security is available now to Claude Enterprise customers. Claude Team and Max customers will get access in the near future, according to SecurityWeek.