Anthropic · 2026-04-30 · major
Claude Security Hits Public Beta — Opus 4.7 Vulnerability Scanner With Multi-Stage Validation Pipeline
Anthropic's defensive product scans codebases with Opus 4.7, traces data flows across files, attaches confidence ratings to each finding, and hands patches to Claude Code for in-context fixes.
.jpg)
Anthropic ships a dedicated security product that reasons about code like a human researcher and validates its own findings before they reach an analyst.
What is it?
Claude Security is a public-beta product for Claude Enterprise customers, powered by Opus 4.7. It scans repositories for vulnerabilities, explains each finding with reasoning and confidence, and generates patches that Claude Code can apply directly. It graduates from a February research preview previously called Claude Code Security.
How does it work?
Rather than pattern-matching on known signatures, the model traces data flows and how components interact across files and modules. A multi-stage validation pipeline independently re-examines every finding before surfacing it, attaching a confidence rating and an explanation of exploitation likelihood and fix effectiveness. Findings can be scheduled, scoped to directories, dismissed with documented reasons, and exported to CSV/Markdown or piped through Slack/Jira webhooks.
Why does it matter?
Static analyzers are notorious for false-positive flooding; Anthropic's pitch is that Opus-grade reasoning plus self-validation flips the usual bargain. Hundreds of orgs in the closed preview reportedly fixed long-standing bugs that legacy tools had missed. CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz are embedding Opus 4.7 into their own platforms, while Accenture, BCG, Deloitte, Infosys and PwC sign on as deployment partners.
Who is it for?
enterprise security teams, AppSec engineers, platform CISOs
Try it
Open via the Claude.ai sidebar (Enterprise plan)