Thoughts on Claude Code Security

A few days ago, Anthropic announced Claude Code Security, an agentic approach to vulnerability identification and remediation. Similar to the announcement of Aardvark (aka Codex Security) from OpenAI a few months ago, these initiatives have sparked significant discussion about the future of cybersecurity.  

This blog post aims to explain what Claude Code Security is (recognizing few details are currently available), and how enterprises and developers should think about its role in their cybersecurity toolchain. 

What is Claude Code Security?

Claude Code Security is a research preview from Anthropic that uses AI models to scan codebases, identify specific high-severity vulnerabilities (such as memory corruption, injection flaws, and authentication bypasses), and patch the issues they find. 

In our view, what Anthropic announced is akin to an agentic security researcher. It has long been considered best practice to employ a range of techniques, from hiring a security research team or ethical hackers to having bug bounty programs that search for vulnerabilities in applications. These approaches complement other cyber defenses, including SAST and DAST, by looking for issues that are typically missed. Claude Code Security focuses on high-severity vulnerabilities including memory corruption, injection flaws, authentication bypasses, and complex logic errors that pattern-matching tools typically miss.

Once it finds an issue, it uses a technique called adversarial verification to try to confirm that the issue is real—and then it generates a patch to attempt to address the identified issue. 

Agentic security research shows a lot of promise in improving overall codebase and application security. By amplifying the work of security researchers and addressing the last mile of remediation (similar to our SonarQube Remediation Agent, now available in Beta), it creates a force multiplier. We expect this will result in healthier, more secure codebases when used in combination with existing techniques. As Anthropic says in their product description, “Claude Code Security complements your existing tools by catching what they might miss and closing the loop on remediation.”

How does Claude Code Security fit with SonarQube?

While valuable, Claude Code Security solves a different use case than SonarQube.

• SonarQube systematically evaluates all of your code, while Claude Code Security engages in a more sampling based, spot-checking approach.
• SonarQube consistently and repeatedly evaluates a defined set of issues, providing assurance they have been reviewed, while Claude Code Security is more opportunistic and looks for a different class of issues.
• SonarQube employs sophisticated mathematical reasoning techniques that move beyond simplistic pattern matching  to evaluate complex issues such as data flows. All while maintaining the industry’s lowest false positive rate. Claude Code Security employs probabilistic reasoning techniques that are subject to hallucinations and uses token-consuming, biased, and less reliable LLM-based verification techniques.  

In other words, the two tools serve very different but complementary jobs: 

1. SonarQube: Rigorous, consistent, fast, and low-cost code review and verification
2. Claude Code Security:Opportunistic hunting for rare but high-value vulnerabilities.  

SonarQube’s approach ensures that every line of code meets defined standards for reliability and maintainability while also monitoring open-source dependencies for known vulnerabilities and license risks. 

This methodology is deterministic and consistent: given the same code, you get the same result every time. It is comprehensive: the entire codebase is checked, not just selected parts. And it is explainable: when an issue is flagged, you can see exactly which rule was triggered and why.

This matters for a few practical reasons:

1. Auditors and compliance frameworks require consistent, repeatable evidence that code has been checked.
2. Development teams need results they can act on in their normal workflow—inside their IDE, as part of a CI/CD pipeline, before code is merged.
3. Security coverage needs to extend beyond your own code to include open-source dependencies, infrastructure configuration, and secrets that may have been accidentally committed.

The bigger picture: how security toolchains actually work

The most security-conscious organizations rely on a portfolio of tools. A typical mature security practice already combines several layers of defense, as no single method catches everything:

1. Automated systematic codebase analysis integrated into the development workflow (SAST, SCA, secrets, IaC)
2. Dedicated security testing tools for specific vulnerability classes
3. Internal security teams who review architecture and design
4. External security researchers, often through bug bounty programs, who look for what everyone else missed

Claude Code Security fits naturally into the fourth category. It is an AI-powered security researcher—one that can be pointed at a codebase to preemptively identify issues before they can be weaponized. 

What is the next evolution of application security?

The emergence of AI-powered security research tools is a positive development for the industry. Finding vulnerabilities that require contextual reasoning—understanding what a piece of code is supposed to do, and identifying where that intent breaks down—has historically required skilled human researchers. Making that capability more accessible and scalable is valuable.

At the same time, the properties that make AI research tools interesting are also the properties that make them unsuitable as a replacement for systematic codebase analysis. They are not exhaustive. They are not consistent run-to-run. They do not produce the kind of structured, auditable evidence that compliance frameworks require.

The future of application security is likely one where both layers are stronger. Deterministic, comprehensive scanning handles the verification layer—ensuring that every known class of vulnerability has been checked, across all code, continuously. AI-assisted research handles the exploratory layer—finding the things that rules cannot anticipate. Together, they cover more ground than either could alone.

Claude Code Security is a spot-checking tool.

SonarQube is a comprehensive audit and verification platform.

Each has a role.

In summary:

• Systematic codebase analysis (SAST, SCA, secrets, IaC) by SonarQube employs mathematical reasoning to provide comprehensive, consistent, auditable coverage of your entire codebase. It is the foundation of any serious security practice.
• AI-assisted security research finds context-specific vulnerabilities that rules cannot anticipate—the same job that human security researchers and bug bounty programs have always done.
• These are complementary capabilities, not competing ones. The strongest security posture uses both.
• For teams with compliance requirements, regulatory obligations, or a need to demonstrate consistent security coverage, systematic code analysis remains essential—and cannot be replaced by a research preview tool.

Anthropic has built something genuinely useful, and we think the teams that will benefit most from it are the ones who already have a solid systematic code analysis foundation in place. That is what gives AI-assisted research the context it needs to be most effective.

Frequently asked questions

1. What kinds of code security vulnerabilities can Claude Code Security detect?
Claude Code Security targets high‑severity, hard‑to‑find vulnerabilities, especially those that traditional pattern‑matching scanners often miss, including:

• Memory corruption issues
• Injection flaws (e.g., various injection-style vulnerabilities)
• Authentication bypasses
• Complex logic errors that require deeper contextual reasoning, rather than simple pattern matching

2. Is Claude Code Security a complete code security solution or just a research preview?
Claude Code Security is currently available as a research preview, and not a complete, standalone end-to-end security solution.

• It operates more like an AI security researcher/bug‑bounty agent that opportunistically hunts for serious issues.
• It is not exhaustive, not deterministic, and does not produce structured, auditable evidence suitable for compliance on its own.
• It is intended to complement existing tools (like SAST tools and systematic codebase analysis), not replace systematic codebase analysis.

3. How does Claude Code Security compare to SAST tools?

• Role & goal
  • SAST (systematic and deterministic codebase analysis): Provide automated, repeatable verification of code and applications, checking defined classes of vulnerabilities across all relevant code on every run.
  • Claude Code Security: Acts as an agentic security researcher, doing spot‑checking and discovery of rare, high‑value vulnerabilities that rules may miss.
• Coverage model
  • SAST: Aim for comprehensive coverage (e.g., “entire codebase, every line, every scan”).
  • Claude Code Security: Uses a sampling‑based, opportunistic approach; coverage is not guaranteed to be exhaustive.
• Determinism & reliability
  • SAST: Deterministic, same code yields the same result every time; designed for low false‑positive rates and clear rules.
  • Claude Code Security: Probabilistic LLM reasoning; results may vary between runs and LLMs are known to produce false positives and hallucinations.
• Compliance & audit use
  • SAST: Provide structured, repeatable evidence accepted by auditors and regulators.
  • Claude Code Security: Not currently suitable as standalone compliance evidence because of its non‑deterministic, research‑preview nature.

Claude Code Security is positioned as an exploratory, AI‑powered research layer, whereas SAST provides the systematic and deterministic verification layer. They are complementary, not interchangeable.

4. What should I keep in mind when using an LLM-based tool like Claude Code Security? ?

Key concerns include:

• Hallucinations and false positives
  • Uses probabilistic LLM reasoning that is “subject to hallucinations” and relies on LLM-based verification rather than deterministic checks.
  • False‑positive rate is not currently disclosed; LLM-based tools are known to produce false positives
• Lack of determinism
  • Results are probabilistic, so the same code can yield different findings between runs, which undermines trust and repeatability.
• Weaker explainability & auditability
  • Findings are driven by AI reasoning, which “may be harder to audit” than rule-based results, and they do not produce structured, auditable evidence required by many compliance frameworks.
• Not exhaustive
  • By design, it does not exhaustively cover the entire codebase, so you cannot rely on it as your only line of defense.
• Cost and performance impact
  • LLM‑driven analysis and “adversarial verification” are described as slower and high‑token‑consumption, which can be a practical and economic constraint at scale.

LLM-based research tools are valuable but cannot replace systematic, deterministic codebase analysis for serious security programs or compliance use cases.

5. How does SonarQube differ from Claude Code Security in terms of code security coverage?

• Coverage model
  • SonarQube:
    • Systematic and deterministic-first analysis of  all of your code, “entire codebase, every line of code, every scan.”
    • Covers first‑party code plus open‑source dependencies, Infrastructure as Code (IaC), and secrets (SAST, SCA,  secrets detection).
  • Claude Code Security:
    • Uses a sampling‑based, spot‑checking approach that is opportunistic, not comprehensive or guaranteed to be exhaustive.
• Determinism & consistency
  • SonarQube: Deterministic; same input always yields the same result, with an ~3% false‑positive rate and explicit rule references for each finding.
  • Claude Code Security: Probabilistic; results can vary between runs, with unknown FP rate and AI reasoning that is harder to audit.
• Role in security posture
  • SonarQube: A comprehensive audit and verification platform and the “foundation of any serious code security and code quality practice”, designed to provide comprehensive, consistent, auditable coverage of your entire codebase and satisfy auditors and regulators.
  • Claude Code Security: A spot‑checking tool, an AI‑powered security researcher used to hunt for rare, high‑value vulnerabilities that escape rule‑based analysis.

In short: SonarQube is the deterministic-first, full‑coverage review and verification layer; Claude Code Security is a non‑deterministic, opportunistic research layer. Both together form a stronger security posture than either alone.