Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- AI vulnerability scanning is moving into developer workflows.
- Claude Security turns findings into prioritized fix guidance.
- The big challenge is keeping these tools from attackers.
Anthropic has announced Claude Security, a new defensive cybersecurity product. Right now, it’s available in public beta to Enterprise-tier Claude users, with availability “coming soon” to Claude Team and Max-tier users.
Claude Security is another tool in Anthropic’s cyberdefense toolbox. It gives security teams a way to “scan codebases for vulnerabilities and generate targeted patches” using the Claude Opus 4.7 model.
Earlier in the month, Anthropic debuted Project Glasswing, an AI Manhattan Project aimed at finding vulnerabilities in the world’s infrastructure of open-source software.
Glasswing uses an Anthropic model called Mythos, a model deemed so dangerous that it’s not being released to the public. It’s being shared with Glasswing participants, including erstwhile competitors like Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks.
Vulnerability scanning
At the core of both Project Glasswing and Claude Security is vulnerability scanning. Most cyberattacks begin with an enemy actor exploiting a vulnerability. So, if defenders can find and patch the vulnerabilities, the malicious perpetrator has a smaller attack surface.
Remember Star Wars? The entire plot of A New Hope revolves around Death Star plans that Princess Leia stores in R2-D2. Once the Rebels get those plans, they’re able to find a vulnerability. All Luke and the other pilots have to do is fire one torpedo down an exhaust port on the Death Star, and… boom!
That, boys and girls, is a vulnerability. The Death Star had one fatal flaw. Your codebase probably has more. Anthropic’s new Claude Security tool wants to find them before attackers get there first.
Back in the real world, everything runs on software, which is inherently vulnerable. Not only do vulnerabilities open doors for adversaries to exploit, but they also could cause damage simply by existing and causing bugs experienced by users of the software.
Also: I teamed up two AI tools to solve a major bug – but they couldn’t do it without me
I first used AI to do vulnerability scanning back in September with OpenAI’s Codex. At the time, it failed because it couldn’t handle a project-wide context. But when I teamed the AI pair programming tool with ChatGPT’s Deep Research, which was better with lots of data, the two found a number of critical vulnerabilities in my security software, which I immediately fixed.
Since then, both Codex and Claude Code have got better in terms of how much code they can process in one context, but neither is capable of handling an entire large codebase at once.
Mythos can, however. It can even handle the relationships between codebases on a macro scale. But it’s not available to the public, even via Enterprise-tier fees. Last month, OpenAI introduced Codex Security, which also offers a larger-scope context analysis. And now Claude Security can do similar larger-scale scans.
This new product is capable of scanning a full repository or a targeted directory. According to Anthropic, “Claude reasons about code the way a security researcher does, tracing data flows, reading source code, and working out how components interact across files and modules.”
There’s more to Claude Security, but first let’s talk about the big vulnerability introduced by vulnerability-scanning AIs.
Weapons of digital destruction
Vulnerability scanners help defenders defend. But they also help attackers find where to attack. That was the whole point with the Rebels’ attack on the Death Star. Once they knew of a vulnerability, they could exploit it.
For example, both Microsoft and OpenAI have reported that state-affiliated actors from China, Iran, Russia, and North Korea have used large language models to research various companies and cybersecurity tools, debug code, generate scripts, and create content likely for use in phishing and spear-phishing campaigns.
Also: AI is getting scary good at finding hidden software bugs – even in decades-old code
Anthropic is trying to prevent its models from being used in similar ways. As of the launch of Opus 4.7, the company includes new cyber safeguards that automatically detect and block requests suggestive of prohibited or high-risk cybersecurity uses.
For example, Opus 4.7 now blocks “Activities that are almost always used maliciously and have little to no legitimate defensive application such as mass data exfiltration or ransomware code development.”
On the other hand, what about activities that have legitimate defensive applications, such as vulnerability exploitation or offensive security tooling development? Opus 4.7 also blocks these activities, but cybersecurity researchers who are approved to join Anthropic’s Cyber Verification Program gain access to AI capabilities in this restricted gray zone.
Also: This new Claude Code Review tool uses AI agents to check your pull requests for bugs – here’s how
Effectively, those able to obtain a security clearance from Anthropic can use Opus 4.7 to perform blocked security activities in the course of doing their job. Disclosure: I am an authorized member of Anthropic’s Cyber Verification Program, so I have access to these capabilities as part of my cyberwarfare, cyberdefense, and counterterrorism work.
Making vulnerabilities actionable
The problem with vulnerability scanning is that it can become a firehose of noise. Every little thing can be flagged, and you can spend hours or days chasing down a bug that is of fairly little consequence instead of repairing a vulnerability that can cause an extinction-level event.
Claude Security is introducing a “multi-stage validation pipeline independently verifies each finding before it reaches an analyst, and every result gets a confidence rating.”
The AI is able to explain each “finding” in detail, including factors like confidence, severity, likely impact, reproduction steps, and recommended fix. This can be enormously helpful, because developers can then prioritize working on those high-confidence, large-impact, severely troubling problems first, without having to waste time on lesser issues.
Also: Why AI is both a curse and a blessing to open-source software – according to developers
From these findings, Claude Security gives defenders the ability to open the code in Claude Code, in context, so they can see and modify the areas needing work right from the finding results.
Anthropic has also added a series of workflow optimizations. It says, “We’ve added scheduled scans for ongoing coverage, the ability to dismiss findings with documented reasons (so future reviewers can trust prior triage decisions), and CSV and Markdown export for integrating findings into existing tracking and audit systems.”
Stay safe out there
Claude Security subscribers can work with technology and security partners. Anthropic specifically pointed out technology partners including CrowdStrike, Palo Alto Networks, SentinelOne, Trend.ai, and Wiz, which are integrating Opus 4.7 into their cybersecurity platforms.
Also: Google bets $32B on AI agent cyber force as security arms race escalates
The company is also working with security partners including Accenture, BCG, Deloitte, Infosys, and PwC, which are deploying Claude Security to help enterprises strengthen their security posture.
Do you see AI vulnerability scanning as more useful for finding dangerous flaws or for helping developers prioritize fixes faster? Let us know in the comments below.
You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter, and follow me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
