Anthropic launches Claude Code Security for AI-assisted vulnerability scanning

TL;DR — Anthropic is rolling out Claude Code Security in limited preview for Enterprise/Team plans, offering AI-assisted vulnerability scanning with human-in-the-loop approval.

What happened

Claude Code is Anthropic's AI-powered coding assistant that operates directly in a developer's terminal. The Hacker News reports that Anthropic has begun rolling out Claude Code Security, a security feature for Claude Code that scans a user's software codebase for vulnerabilities and suggests targeted patches.

The feature is available as a limited research preview for Enterprise and Team customers, positioned as a defender-focused capability where findings and suggested fixes require human review before application.

This adds to a growing wave of AI-assisted AppSec tooling — alongside GitHub's Copilot Autofix and Snyk's DeepCode AI — signaling that AI-driven vulnerability discovery is moving from research novelty to production workflow.

Who is impacted

• Teams using (or evaluating) Claude Code for development workflows, especially organizations looking to add AI-assisted vulnerability discovery into existing AppSec/DevSecOps processes.
• Security and platform engineering teams that must validate tool output, manage false positives, and decide how findings flow into their triage/remediation pipeline.

What to do now

• If eligible, plan for human review gates — the feature emphasizes a human-in-the-loop model where nothing is applied without approval.
• Treat findings as triage inputs, not authoritative truth; ensure normal verification steps (reproduction, tests, code review) remain mandatory.
• Decide where output fits operationally (e.g., separate "AI suggested" queue vs. normal vuln backlog) so developers aren't overwhelmed and remediation is trackable.