Claude Security enters public beta for Enterprise code scanning

Claude has just rolled out Claude Security in public beta for Enterprise customers, promising vulnerability scans with validated findings and patch suggestions—no API integration required. New additions include scheduled scans, exports, webhooks, and scan-to-scan dismissals.

ClaudeSecurity
claude cover

TL;DR

  • Claude Security (public beta): Available to Claude Enterprise customers for codebase vulnerability scanning
  • Findings workflow: Validates results to reduce false positives; suggests patches for review and approval
  • Deployment model: Uses Opus 4.7 on code without custom tooling; no API integration or agent build required
  • Since February research preview: Used by “hundreds of organizations” on production code; surfaced issues existing scanners missed
  • New features from feedback: Scheduled scans, directory-level targeting, CSV/Markdown exports, webhook notifications, persistent dismissals across scans
  • Community reaction: Mix of curiosity and skepticism; debate over “public beta” label and overlap with Claude Code audits

Claude has put Claude Security into public beta for Claude Enterprise customers, with the company saying the tool scans a codebase for vulnerabilities, validates findings to reduce false positives, and suggests patches for review and approval. The approach is similar to Cursor Security Review adds always-on agents for teams, although Claude’s rollout is aimed at security teams that want to use Opus 4.7 on code without building custom tooling. Claude states that no API integration or agent build is required.

In posts on X, the company adds that since a research preview in February, "hundreds of organizations" have used the product on production code and found issues that "existing scanners had missed." Claude also lists several additions based on early feedback: scheduled scans, directory-level targeting, CSV and Markdown exports, webhook notifications for new findings, and dismissals that carry forward across scans.

The rollout drew a mix of curiosity and skepticism in replies. Some users described the feature as a possible threat to existing security tools, while others questioned whether a "public beta" limited to Enterprise customers fits the label or differs much from running targeted audits in Claude Code.

Source: Claude on X

Continue the conversation on Slack

Did this article spark your interest? Join our community of experts and enthusiasts to dive deeper, ask questions, and share your ideas.

Join our community

Related Articles

OpenAI begins rolling out GPT-5.5-Cyber to key defenders

OpenAI begins rolling out GPT-5.5-Cyber to key defenders

OpenAI has just rolled out GPT-5.5-Cyber, bringing a new “frontier cybersecurity model” to critical cyber defenders. Early reactions focus on trusted access, benchmarks, and whether controls can prevent misuse by attackers.

1 shared tag
Anthropic explains Claude Code regressions—and the fixes now shipped

Anthropic explains Claude Code regressions—and the fixes now shipped

Anthropic published a postmortem on Claude Code quality complaints, pointing to three separate changes that hit reasoning effort, session history, and verbosity. All were reverted or fixed by April 20, and subscriber usage limits were reset April 23.

1 shared tag
claude cover

This git timeline makes Claude system prompts easy to track

Simon Willison has published a new project that turns Anthropic’s Claude system prompt history into a browsable git repo. With prompts split into granular files and timestamped commits, you can use git log, diff, and blame to trace changes over time.

1 shared tag