Anthropic launches Claude Code Security preview for AI-assisted vulnerability scanning and patch suggestions

What happened

The Hacker News reports that Anthropic has begun rolling out Claude Code Security, a security feature for Claude Code that scans a user's software codebase for vulnerabilities and suggests targeted patches.

According to the article, Claude Code Security is available as a limited research preview for Enterprise and Team customers, and it is positioned as a defender-focused capability where findings and suggested fixes are reviewed by humans.

Who is impacted

• Teams using (or evaluating) Claude Code for development workflows, especially organizations looking to add AI-assisted vulnerability discovery and patch suggestions into existing AppSec/DevSecOps processes.
• Security and platform engineering teams that must validate tool output, manage false positives, and decide how findings should flow into their normal triage/remediation pipeline.

What to do now

• If you are eligible and considering the preview, plan for human review gates: the article emphasizes a human-in-the-loop model where nothing is applied without approval.
• Treat findings as triage inputs, not authoritative truth: ensure your normal verification steps (reproduction, unit/integration tests, and code review) remain mandatory before shipping changes.
• Decide where the output fits operationally (e.g., separate "AI suggested" queue vs. normal vuln backlog) so developers are not overwhelmed and remediation is trackable.

Additional Information

The article says Anthropic claims the system goes beyond rule-based static analysis by reasoning about code like a human researcher, including tracing data flows and component interactions, and that findings go through a "multi-stage verification process" to filter false positives. It also notes that findings receive severity ratings and are shown in a dashboard where analysts can review suggested patches and approve them.