Claude Security exits preview — Anthropic expands availability beyond preview to enterprise customers

Anthropic expanded Claude Security beyond its limited preview on April 30, opening the product in beta to Claude Enterprise customers. The product scans codebases for vulnerabilities, validates findings and proposes patches that developers can review in Claude Code, according to Anthropic’s product page. The move broadens access from the company’s February research preview, which had been limited to Enterprise and Team customers, with expedited access for maintainers of open-source repositories. Anthropic and The New Stack both described the product as a defensive security tool aimed at helping software teams find issues that rule-based scanners can miss. ### When did Anthropic move Claude Security beyond preview? April 30 was the date The New Stack reported that Anthropic had taken Claude Security out of closed preview and made it available in beta for Claude Enterprise customers. The publication said support for Team and Max users was coming soon, a change from the earlier private preview that had been limited to Enterprise and Team users. (thenewstack.io) February 20 was the date Anthropic announced the earlier version, then called Claude Code Security, as a limited research preview. In that announcement, Anthropic said the tool was being released to Enterprise and Team customers, with expedited access for maintainers of open-source repositories, so the company could refine the product and “ensure it is deployed responsibly.” (thenewstack.io) ### What does Claude Security actually do inside a codebase? Claude Security “reasons about your code like a security researcher,” Anthropic says on its product page, scanning for vulnerabilities, validating findings and proposing targeted patches. Anthropic says the system follows variables across files, traces how data moves through an application and surfaces exploitable issues for review. (anthropic.com) Anthropic said in its February announcement that the tool is designed to catch context-dependent flaws such as business-logic and broken-access-control issues that pattern-matching tools often miss. Each finding goes through a multi-stage verification process, with severity and confidence ratings attached before analysts review the result, the company said. ### What changed from the February research preview? (anthropic.com) February 20 marked the initial release as a “limited research preview,” while April 30 marked broader beta availability for Claude Enterprise customers. Anthropic’s current product page now brands the offering as Claude Security rather than Claude Code Security and describes scheduled scans, webhook integrations and patch generation that opens in Claude Code for review. (anthropic.com) The New Stack reported that the product runs multiple agents in parallel to scan an entire codebase and uses an added validation pipeline before notifying an analyst. Anthropic’s product page similarly says the system produces a ranked list of findings rather than a raw report and does not ship changes without human approval. ### Who is Anthropic pitching this to? Anthropic’s product materials frame Claude Security as a tool for defenders responsible for software that underpins “power grids, hospitals, payment networks, and the supply chains economies depend on.” The company says the product is intended to help security teams review code on their own schedule through scheduled scans and workflow integrations. (anthropic.com) (thenewstack.io) The February announcement said Anthropic was also expediting access for maintainers of open-source repositories. The New Stack said Anthropic described preview use by “hundreds of organizations,” though Anthropic did not identify those customers by name in the materials reviewed. ### What has Anthropic said about safeguards? Anthropic said on February 20 that the same capabilities that help defenders find and fix vulnerabilities could also help attackers exploit them. (anthropic.com) The company said that risk was one reason for the limited research preview and for keeping humans in the approval loop on suggested fixes. The product page says “Nothing ships without your approval,” and Anthropic’s coordinated disclosure page says reports generally reflect findings that a human security researcher has reviewed and confirmed. (anthropic.com) Those statements place review and disclosure controls around a product built to identify previously unknown flaws. ### What comes next for customers? May 28 is the next public milestone Anthropic has listed for Claude Security. (anthropic.com) The company is scheduled to host a live webinar on that date at 10:00 a.m. Pacific time featuring Michael Moore, Anthropic’s head of cyber products, and product manager Dor Fledel. Anthropic says the session will cover deployment, integration, lessons from “hundreds of teams” in preview and a live demonstration of the product for Claude Enterprise customers. (anthropic.com 1) (anthropic.com 2)