From scan to fix, done seamlessly
From scan to fix, done seamlessly
Claude scans your entire codebase for vulnerabilities, validates each finding to minimize false positives, and suggests patches you can review and approve. Available in research preview for Claude Code.
How teams use Claude Code Security
Claude reasons through your code like a skilled security researcher. It understands context, traces data flows, and catches vulnerabilities that pattern-matching tools miss. Then it suggests a proposed fix.
Scan your code in parallel
Claude Code Security understands context, traces data flows across files, and identifies complex, multi-component vulnerability patterns that traditional scanners might not detect.
Validate findings
Every finding goes through an adversarial verification pass. Claude challenges its own results before surfacing them. More real issues get reported, and fewer false positives waste analyst time.
Review and patch
Claude detects issues and proposes fixes. Every finding includes a recommended patch for teams to review and approve. Fix vulnerabilities quickly rather than adding them to a growing backlog.
Built for security teams, used by Anthropic
Transparency and visibility
See details about every finding: the vulnerability, why it matters, and the proposed fix
Targeted patches
Suggested fixes that maintain your code's structure and style
Full remediation control
Teams stay in control, with every patch requiring human review and approval
Our most capable models
Powered by the same models Anthropic uses to secure its own codebase
Bring Claude to your codebase
Request early access to Claude Code Security.
FAQ
Claude Code Security is available in a limited research preview for Claude Enterprise and Claude Team customers through Claude Code on the Web. Customers interested in early access can join the waitlist.
Claude can make mistakes, so you should always review proposed patches before applying them, especially for critical systems.
Claude Code Security focuses on high-severity vulnerabilities including memory corruption, injection flaws, authentication bypasses, and complex logic errors that pattern-matching tools typically miss. It's particularly effective at finding context-dependent vulnerabilities that require understanding code across multiple files.
Traditional tools often use rule-based pattern matching, which catches known vulnerability patterns but can produce high false positive rates and miss complex issues. Claude Code Security reasons through your code like a security researcher. It can read Git history, trace data flows, and understand business logic to find real vulnerabilities and generate real fixes.
Yes. Claude Code Security complements your existing tools by catching what they might miss and closing the loop on remediation. You can export any findings to your existing security workflows.