Claude Security
From scan to fix, done seamlessly
Claude scans your codebase, validates findings, and suggests patches you can review and approve. Available in public beta for Claude Enterprise.
How teams use Claude Security
Claude reasons through your code like a skilled security researcher. It understands context, traces data flows, and catches vulnerabilities that pattern-matching tools miss. Then it suggests a fix.
Scan your code in parallel
Claude Security understands context, traces data flows across files, and identifies complex, multi-component vulnerability patterns that traditional scanners might not detect.
Validate findings
Every finding goes through an adversarial verification pass. Claude challenges its own results before surfacing them. More real issues get reported, and fewer false positives waste analyst time.
Review and patch
Claude detects issues and proposes fixes. Every finding includes a recommended patch for teams to review and approve. Fix vulnerabilities quickly rather than adding them to a growing backlog.
Available today for Enterprise customers.
Built for security teams, used by Anthropic
Transparency and visibility
See details about every finding: the vulnerability, why it matters, and the proposed fix
Targeted patches
Suggested fixes that maintain your code's structure and style
Fits your existing workflow
Push findings via webhooks to Slack or Jira, export for audit, and schedule recurring scans
Full remediation control
Teams stay in control, with every patch requiring human review and approval
Our most capable generally available models
Powered by the same models Anthropic uses to secure its own codebase
Security resources
FAQ
Claude Security is available in public beta for Claude Enterprise. Access to Claude Team and Max plans coming soon.
Admins can enable Claude Security in the admin console. See the getting started guide for setup steps.
Claude can make mistakes, so you should always review proposed patches before applying them, especially for critical systems.
Claude Security focuses on high-severity vulnerabilities including memory corruption, injection flaws, authentication bypasses, and complex logic errors that pattern-matching tools typically miss. It's particularly effective at finding context-dependent vulnerabilities that require understanding code across multiple files.
Traditional tools often use rule-based pattern matching, which catches known vulnerability patterns but can produce high false positive rates and miss complex issues. Claude Security reasons through your code like a security researcher. It can read Git history, trace data flows, and understand business logic to find real vulnerabilities and generate real fixes.
Yes. Claude Security is built to feed into the tools your team already uses. Send findings to Slack, Jira, or any ticketing system via webhooks, or export results as CSV or Markdown for tracking and audit. Documented dismissals carry forward, so triage decisions made in Claude Security stay visible wherever your team works.
Yes to both. You can scope a scan to a specific directory, and you can configure scheduled scans for ongoing coverage without manual kickoffs.