Claude Security Enters Public Beta: Automated Vulnerability Scanning and Patching for Enterprise…

What Is Claude Security

Ankit Himanshu

~3 min read · May 6, 2026 (Updated: May 6, 2026) · Free: Yes

Claude Security, previously known as Claude Code Security, has entered public beta for Claude Enterprise customers. It is accessible directly from the Claude.ai sidebar or at claude.ai/security, and admins can enable it through the admin console. Access for Claude Team and Max customers is expected to follow.

The tool is built around the Claude Opus 4.7 model and targets one specific problem: finding security vulnerabilities in codebases and generating patches for review, without requiring API integration or custom agent setup.

How the Scanning Process Works

Users select a repository, directory, or branch to scope the scan, then initiate the analysis. During a scan, Claude does three things:

Reads source code across files and modules
Traces data flows through the codebase
Examines how components interact with each other

This cross-file, cross-module analysis is important because many real-world vulnerabilities span multiple layers of a codebase and are not visible from single-file inspection.

After the scan completes, each finding includes:

Output Field Description

Confidence Level

How certain the model is about the finding

Severity

Impact classification of the vulnerability

Likely Impact

What exploitation could result in

Steps to Reproduce

How to validate the finding

Patch Instructions

Suggested fix, reviewable and applicable in context

The patch suggestions are intended for human review before application, keeping an engineer in the loop rather than auto-applying changes.

New Features in the Public Beta

Anthropologic has added several workflow-oriented capabilities alongside the beta launch:

Targeted directory scans — scope a scan to a specific directory within a repository rather than the full codebase
Finding dismissal with documented reasons — lets teams record why a finding was triaged out, so future reviewers can trust prior decisions
CSV and Markdown export — for integration with existing tracking and audit workflows
Webhook support — send scan results to Slack, Jira, or other tools

The dismissal tracking feature is notable for enterprise security workflows. In practice, triage decisions made without documentation tend to be revisited repeatedly, creating noise. Attaching a reason to each dismissed finding reduces that overhead.

Deployment Options

Organizations have three paths for adopting Claude Security:

1. Directly within the Claude Security interface on Claude.ai 2. Integrated into existing security platforms 3. With support from Anthropic services teams

No API setup or custom agent configuration is required for the first path, which lowers the barrier for teams that want to evaluate the tool quickly.

Scheduled and Continuous Scanning

Beyond on-demand scans, Claude Security supports scheduled scans and integration with audit systems for tracking triaged findings over time. This positions it closer to a continuous security monitoring tool rather than a one-off scanner, which matters for teams managing active development pipelines.

Competitive Context: OpenAI's GPT-5.5-Cyber

A month before this beta launch, Anthropic released Claude Mythos Preview, a general-purpose model available to select partners and developers. That model is oriented toward offensive security research, with reported capabilities around identifying zero-day vulnerabilities and building working exploits across major operating systems and web browsers.

In direct response, OpenAI CEO Sam Altman announced on X that the company would begin rolling out GPT-5.5-Cyber to selected cyber defenders. Altman stated the goal is to work with the broader ecosystem and government to establish trusted access frameworks for cyber defense.

The parallel releases from both labs reflect an accelerating push to deploy AI capabilities in security tooling, on both the defensive and offensive sides.

Bottom Line

Claude Security is a practical tool for enterprise engineering teams that want automated vulnerability detection without building custom integrations. The Opus 4.7-backed scanning, combined with exportable findings, webhook delivery, and documented triage, fits into existing security workflows rather than requiring teams to adopt a new platform from scratch. The beta is live now for Enterprise customers; broader availability is pending.

Originally published at https://www.codeintechnology.com/blog/claude-security-public-beta-opus-4-7-vulnerability-scanning.

#claude #ai #security #machine-learning

< Go to the original