Claude Code Security Scans Codebases for Vulnerabilities and Suggests Patches

Feb 20, 2026 · Updated Apr 25, 2026

Claude Code Security launches as a new capability built into Claude Code on the web. Rather than matching against known vulnerability patterns like static analysis tools, it reasons through how code components interact and traces data flows. Every finding goes through multi-stage verification, gets a severity rating and confidence score, and only reaches your dashboard after Claude has tried to disprove its own results.

Rule-based scanners catch predictable issues like exposed credentials but miss complex vulnerabilities - broken access control, business logic flaws - that attackers actually target. Anthropic's Frontier Red Team used Claude Opus 4.6 to find over 500 vulnerabilities in production open-source codebases that had survived years of expert review.

The research preview is open to Enterprise and Team customers. Open-source maintainers can apply for free expedited access, making this a practical option even for projects without a security budget.

View the full update on anthropic.com

Claude

@claudeaiFeb 20

Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: https://t.co/n4SZ9EIklG https://t.co/zw9NjpqFz9

5.4k

View on X