Anthropic introduces Claude Code Security, a feature built into Claude Code on the web that is now available in a limited research preview. What does it do? It scans codebases for vulnerabilities and suggests targeted patches for human review, helping teams find and fix flaws that traditional tools often miss.

What is Claude Code Security

Is it just another static scanner? Not at all. While classic tools hunt for known patterns, Claude Code Security tries to read and reason about code the way a human security researcher would: it understands how components interact, traces data flow, and spots contextual and logical vulnerabilities that tend to slip through.

That doesn't mean it applies patches automatically. Every finding goes through a multi-stage verification process: Claude rechecks its own results, tries to prove or disprove each issue, filters out false positives, and assigns a severity rating. Validated findings show up in a panel where your team can review them, inspect the suggested patches, and approve fixes.