Anthropic has released Claude Security in public beta for Enterprise customers. The tool scans codebases for vulnerabilities and generates patches, running on Claude Opus 4.7. The release precedes the broader rollout of the controversial Mythos cybersecurity model.
Key takeaways
- Claude Security runs on Claude Opus 4.7 and is available to all Enterprise customers with no API integration required
- The tool was tested by "hundreds of organizations" — their feedback shaped the production release
- Opus 4.7 is being embedded into tools from Microsoft Security, CrowdStrike, TrendAI, Accenture, Deloitte, PwC, and Infosys
- The tool analyzes cross-module data flows and component interactions — not just known CVE databases
- Team and Max customers will gain access soon; Enterprise has access immediately
Claude Security: what it is and how it works
On May 1, 2026, Anthropic announced the public beta of Claude Security — a code security scanning tool for Enterprise customers. The tool runs on Claude Opus 4.7 and, according to the Anthropic blog post, requires no API integration or custom agent build.
Previously available as Claude Code Security in limited testing, the public beta opens the tool to all Enterprise plan customers. Unlike traditional vulnerability scanners that rely on known CVE databases, Claude Security analyzes how components interact across modules and files, traces data flows, and reads source code directly. It then provides an explanation of findings — including threat level and a targeted patch — which users can open in Claude Code on the web.
The tool supports both scheduled and targeted scans, integrates with audit systems, and tracks triaged findings. One early tester was DoorDash. Its VP and chief security officer, Suha Can, stated: "Claude Security surfaces deep vulnerabilities accurately, and pipes findings right into our workflows so engineers can act on them in context."
Context: Mythos and Anthropic's cybersecurity strategy
The Claude Security release is part of a broader Anthropic cybersecurity push. The company is simultaneously running Project Glasswing, through which it shares access to the Mythos model — described as too powerful for public release — with selected partners for fixing critical vulnerabilities. Mythos is not commercially available.
Claude Security is the commercial, mass-market counterpart — accessible to any Claude Enterprise customer. Anthropic positions both products as complementary: Mythos for extreme threats, Claude Security for everyday compliance and codebase monitoring.
Comparison: Claude Security vs. other AI security tools
The AI-assisted code security market is already competitive. GitHub Advanced Security (based on CodeQL) offers data flow analysis across codebases. Snyk uses AI-powered models for vulnerability remediation suggestions. Amazon CodeGuru focuses on security and performance code reviews.
Claude Security's differentiators include: zero-setup deployment for Enterprise users, deep contextual analysis across files and modules, and integration with established security partner tools (CrowdStrike, Microsoft Security). However, Anthropic has not published comparative benchmarks against the tools above — performance claims rest on early-tester feedback rather than independent evaluation.
Why this matters
Anthropic's entry into the code security tools market has strategic significance. First, it reinforces Claude Opus 4.7 as an enterprise production model — not just for code generation but for code verification. Second, the zero-setup approach lowers the barrier for firms that previously avoided AI security tooling due to integration complexity.
Interpretive caution is warranted, however. Anthropic is describing its own product — independent benchmarks comparing Claude Security against competitors are not yet available. Feedback from "hundreds of organizations" encompasses diverse firm types, and tool effectiveness may vary significantly by programming language, codebase size, and application type. False positives — flagged by testers as a problem — were not quantified.
What's next?
- Team and Max customers will gain access to Claude Security soon — Anthropic did not specify a date
- Broader access to the Mythos model through Project Glasswing is expected, which could affect how Claude Security is positioned relative to advanced use cases
- Independent comparative benchmarks against GitHub Advanced Security and Snyk will be needed to assess real-world effectiveness
