Anthropic has launched Claude Code Safety, the corporate’s first product aimed toward utilizing AI fashions to assist safety groups sustain with the flood of software program bugs they’re accountable for fixing. For big corporations, unpatched software program bugs are a number one trigger of knowledge breaches, outages, and regulatory complications—whereas safety groups are sometimes overwhelmed by how a lot code they’ve to guard.
Now, as an alternative of simply scanning code for recognized drawback patterns, Claude Code Safety can evaluation complete codebases, extra like a human knowledgeable would—taking a look at how completely different items of software program work together and the way knowledge strikes by means of a system. The AI double-checks its personal findings, charges how extreme every difficulty is, and suggests fixes. However whereas the system can examine code by itself, it doesn’t apply fixes routinely, which may very well be harmful in its personal proper—builders should evaluation and approve each change.
Claude Code Safety builds on over a 12 months of analysis by the corporate’s Frontier Pink Workforce, an inside group of about 15 researchers tasked with stress-testing the corporate’s most superior AI techniques and probing how they could be misused in areas comparable to cybersecurity.
The Frontier Pink Workforce’s most up-to-date analysis discovered that Anthropic’s new Opus 4.6 mannequin has considerably improved at discovering new, high-severity vulnerabilities—software program flaws that enable attackers to interrupt into techniques with out permission, steal delicate knowledge, or disrupt essential providers—throughout huge quantities of code. Actually, in testing open-source software program that runs throughout enterprise techniques and in essential infrastructure, Opus 4.6 discovered a few of these vulnerabilities that had gone undetected for many years, and was in a position to take action with out task-specific tooling, customized scaffolding, or specialised prompting.
Frontier Pink Workforce chief Logan Graham instructed Fortune that Claude Code Safety is supposed to place this energy within the arms of safety groups that want to spice up their defensive capabilities. The instrument is being launched cautiously as a restricted analysis preview for its Enterprise and Workforce prospects. Anthropic can be giving free expedited entry to maintainers of open-source repositories—the usually under-resourced builders accountable for protecting extensively used public software program working safely.
“This is the next step as a company committed to powering the defense of cybersecurity,” he mentioned. “We are now using [Opus 4.6] meaningfully ourselves; we have been doing lots of experimentation—the models are meaningfully better.” That’s significantly true by way of autonomy, he added, mentioning that Opus 4.6’s agentic capabilities imply it will probably examine safety flaws and use varied instruments to check code. In follow, which means the AI can discover a codebase step-by-step, check how completely different elements behave, and observe leads very similar to a junior safety researcher would—solely a lot quicker.
“That makes a really big difference for security engineers and researchers,” Graham mentioned. “It’s going to be a force multiplier for security teams. It’s going to allow them to do more.”
After all, it’s not simply defenders who search for safety flaws—attackers are additionally utilizing AI to search out exploitable weaknesses quicker than ever, Graham mentioned, so it’s vital to ensure that enhancements favor the great guys. Subsequently, along with the analysis preview, he mentioned, Anthropic is investing in safeguards to detect malicious use and when attackers could be utilizing the system.
“It’s really important to make sure that what is a dual-use capability gives defenders a leg up,” he mentioned.
