Anthropic Opens Claude Security Public Beta for Enterprise
Anthropic moved Claude Security from its February research preview into public beta for all Claude Enterprise customers this week, making Opus 4.7-powered codebase vulnerability scanning available without API integration or custom agent setup. The move signals Anthropic's push into the enterprise DevSecOps market, positioning Claude Security as an on-ramp for security teams that want frontier model analysis without standing up new infrastructure.
What the Source Actually Says
The official @claudeai announcement describes a three-step workflow: Claude scans a codebase for vulnerabilities, validates each finding to cut false positives, then suggests patches for human review and approval. Anthropic explicitly frames the "no API integration or agent build required" design as a response to security teams asking how to put Opus 4.7 to work on their code without custom tooling.
Since the February preview, hundreds of organizations have used Claude Security on production code, catching vulnerabilities that existing static analysis scanners missed. The public beta ships with a notable expansion of capabilities based on that early feedback: scheduled scans for automated recurring analysis; directory-level targeting for scoping large codebases; CSV and Markdown exports for integrating findings into existing security reporting pipelines; webhook notifications for new findings; and persistent dismissals that carry forward across scan runs — addressing a recurring frustration with AI security tools that re-flag intentionally accepted risks scan after scan.
@techsnif notes the product was formerly branded as "Claude Code Security," indicating a deliberate repositioning away from the Claude Code developer toolchain toward a standalone enterprise security product with its own product URL at claude.com/product/claude-security.
Strategic Take
The scheduled-scan and webhook features are the telling detail: this is engineered to slot into existing DevSecOps pipelines rather than displace them wholesale. Teams evaluating Claude Enterprise should run Claude Security alongside current SAST tooling on a representative codebase to benchmark catch-rate overlap — particularly on the vulnerability classes legacy scanners are known to miss.
