Claude Security exits preview as Anthropic pushes Opus 4.7 into Falcon, Palo Alto Networks and Microsoft Security stacks

Anthropic has moved Claude Security out of limited research preview and into public beta for all Claude Enterprise customers, opening direct access to a code-scanning and patch-generation product built on Claude Opus 4.7. The launch, dated April 30, 2026, formally rebrands what had been Claude Code Security and folds it into the main Claude.ai sidebar, removing any requirement for API integration or custom agent builds. Anthropic is simultaneously extending Opus 4.7 into the security stacks of CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz, with Accenture, BCG, Deloitte, Infosys and PwC named as services partners helping enterprises deploy Claude-integrated security workflows. The release lands at a moment when Anthropic is openly arguing that the gap between vulnerability discovery and active exploitation is collapsing, and that defenders need frontier AI in their hands before attackers operationalise the same capability against them.

Why is Anthropic launching Claude Security in public beta now and what does Opus 4.7 actually change for enterprise defenders

The strategic timing matters more than the feature list. Anthropic positioned the launch alongside its own warning that the next generation of frontier models will be especially effective at autonomously exploiting software flaws, not just finding them. That framing is a deliberate sales narrative for enterprise security buyers: the implicit message is that the asymmetry between AI-assisted attackers and pattern-matching legacy scanners is widening, and Claude Security is the bridge product that puts a frontier-class model on the defender side of that equation. Opus 4.7 is being marketed as among the strongest generally available models for finding and patching software vulnerabilities, and Anthropic is positioning the product as the everyday defensive complement to Claude Mythos, the more powerful but tightly gated cyber model released through Project Glasswing to a smaller circle of partners and critical software maintainers.

The technical pitch is that Opus 4.7 reasons over a codebase the way a human security researcher does, rather than running signature or pattern matches. It traces data flows, reads source code in context, and analyses how components interact across files and modules before producing a finding. Each result carries a confidence rating, a severity assessment, an explanation of likely impact, and reproduction steps, with a multi-stage validation pipeline designed to suppress false positives before a finding reaches an analyst. Patches are generated as targeted fixes that can be opened directly in Claude Code on the Web, compressing the loop between detection and a merge-ready pull request. For security leaders who have spent years drowning in low-confidence alerts from traditional static analysis tools, the explicit pitch is signal density rather than volume.

How does the partner architecture around CrowdStrike, Wiz and SentinelOne reshape the AI cybersecurity competitive map

The partner roster is doing significant strategic work for Anthropic, and it is worth reading carefully. CrowdStrike (NASDAQ: CRWD) confirmed the same day that it is integrating Opus 4.7 across the Falcon platform and routing the capability through its newly unveiled Project QuiltWorks coalition, positioning itself as a verified participant in Anthropic’s Cyber Verification Program. Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz are named alongside CrowdStrike on the technology side, which means Opus 4.7 is being embedded into vendor consoles that already sit inside enterprise security operations centres rather than asking buyers to adopt a new standalone tool. On the services side, the inclusion of Accenture, BCG, Deloitte, Infosys and PwC gives Anthropic distribution into managed services contracts and large transformation programmes where vulnerability management and incident response are billable line items.

The competitive implication is that Anthropic is not trying to build a direct-to-CISO product business in cybersecurity. It is licensing the model layer and letting the existing security platform incumbents wrap their own workflows, telemetry and customer relationships around it. That is a defensible strategy because the platform vendors already own the deployment surface, the audit trails, and the incident response playbooks. It also reduces the friction that a pure-play challenger would face trying to displace established endpoint, cloud workload and code security stacks. The trade-off is that Anthropic cedes some pricing power and direct customer ownership, but in return it accelerates Opus 4.7’s penetration into security buying centres that are notoriously slow to adopt new vendors. For peers such as OpenAI, which has been widening its own cybersecurity model access, the partner depth Anthropic has assembled in a single launch raises the bar on enterprise distribution, not just model capability.

What did Anthropic learn from the research preview and how has the product changed for full enterprise rollout

The shift from research preview to public beta is not cosmetic. Anthropic spent roughly two months running Claude Security across hundreds of organisations under the previous Claude Code Security branding, and the public beta reflects three specific operating insights from that period. First, detection quality, not detection volume, is what security teams actually value, which is why the multi-stage validation pipeline and per-finding confidence ratings have been hardened in the production release. Second, the metric that matters to security leaders is time from scan to applied patch, not the number of findings surfaced, which explains why the patch handoff now flows directly into Claude Code on the Web rather than ending at a ticket. Third, security teams want continuous coverage rather than one-off audits, which is why scheduled scans are now first-class functionality alongside on-demand and directory-scoped scans.

The release also adds operational features that matter for security operations centres rather than for demos. Findings can be dismissed with documented reasons so that future reviewers can trust the audit trail behind a triage decision, results can be exported as CSV or Markdown for ingestion into existing vulnerability management and audit systems, and webhooks can push scan output into Slack, Jira and other workflow tools. These are the kinds of integrations that separate a research demo from a product a security organisation can actually plug into its compliance and reporting obligations, and their presence at launch suggests Anthropic understood that an enterprise rollout has to meet customers where their existing change-management and audit processes already live. Currently the product supports GitHub-hosted repositories, with access for Claude Team and Max customers flagged as coming soon but without a committed date.

How does Claude Security fit alongside Claude Mythos and Project Glasswing in Anthropic’s broader cyber strategy

This is where the strategic picture gets genuinely interesting. Anthropic has split its cyber capability into two clearly differentiated tiers. Claude Mythos, available through Project Glasswing to a small set of partners and critical software maintainers, is described as matching or surpassing elite human experts at both finding and exploiting vulnerabilities. Claude Security, by contrast, is the broadly accessible defensive product, gated behind Claude Enterprise but designed for general distribution into enterprise security teams rather than reserved for vetted national-security-adjacent use cases. The separation lets Anthropic argue that it is putting frontier capability into defenders’ hands without conceding that the most aggressive offensive capabilities are also broadly available, which is a politically important distinction given ongoing scrutiny over who should access the most powerful cyber models.

Opus 4.7 in Claude Security ships with what Anthropic calls new cyber safeguards, designed to automatically detect and block prompts suggestive of prohibited or high-risk cybersecurity uses. Organisations whose legitimate work triggers those safeguards can apply for the Cyber Verification Program, which is the same governance layer CrowdStrike has now publicly joined. That structure does two things at once. It gives Anthropic a defensible answer to policy questions about misuse, and it creates a tiered access regime in which verified enterprise security teams can operate without interruption while casual or unvetted users hit a hard limit. For a sector currently arguing about whether frontier AI cyber capability is more analogous to dual-use export controlled technology than to ordinary software, the verification program is a meaningful piece of governance infrastructure rather than a marketing line.

What are the execution and adoption risks Anthropic still has to manage with Claude Security in public beta

There are real risks worth flagging, even in an otherwise well-executed launch. The first is the GitHub-only constraint at launch, which excludes enterprises running self-hosted GitLab, Bitbucket Server, Azure DevOps or other repository systems and limits the addressable footprint inside large regulated organisations that often run mixed source control estates. The second is the dependency on Claude Enterprise as the gating tier, which leaves Team and Max customers waiting for an availability window that has not been committed to publicly, and which creates a temporary commercial mismatch for organisations whose security teams sit on lower Claude tiers than their development teams.

The third risk is more strategic. By distributing Opus 4.7 capability through CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI, Wiz and the Big Four consulting firms, Anthropic is intentionally reducing its own visibility into how the model is being used at the customer endpoint. That is a reasonable trade for distribution velocity, but it means Anthropic is partly relying on partner governance and the Cyber Verification Program to police misuse cases that might otherwise surface through direct telemetry. The fourth, and arguably most consequential, is the political backdrop around Mythos access. Reporting around the launch indicates that Anthropic is operating against active White House scrutiny over who should receive its more powerful Mythos model, and Claude Security is being positioned partly as the supervised commercial path for accounts that did not make the Glasswing cut. If that dispute hardens into formal access restrictions, the boundary between what Claude Security can and cannot do becomes a regulatory question, not just a product one.

How should enterprise security leaders, platform vendors and policy watchers read the Claude Security launch

For enterprise security leaders, the practical signal is that an additional, well-resourced AI vulnerability scanning option now exists inside an environment many of them already license, which makes pilot-stage evaluation a low-friction exercise rather than a procurement project. The DoorDash reference, with its chief security officer publicly endorsing Claude Security’s ability to surface deep vulnerabilities and route findings into engineering workflows, gives buying committees a recognisable enterprise reference point. For platform vendors outside the named partner list, the message is harder. Anthropic has publicly anchored Opus 4.7 inside the security stacks most large enterprises already run, which raises the integration bar for any vendor wanting to remain relevant in AI-augmented vulnerability management.

For policy watchers and competitive analysts, the most important takeaway is structural rather than technical. Anthropic has now demonstrated a model for splitting frontier cyber capability into a tightly controlled offensive-capable tier and a broadly distributed defensive-capable tier, with a verification program acting as the governance bridge. That template, if it holds, is likely to influence how OpenAI, Google DeepMind and other frontier labs structure their own cybersecurity productisation. It also gives policymakers a working example of how AI access tiers can be designed in practice, rather than only in white papers. Whether the structure survives contact with real-world misuse incidents and government scrutiny is the test that matters next.

What are the key takeaways from the Claude Security public beta launch for enterprise security buyers and the broader AI cyber market

• Claude Security is now generally available in public beta to Claude Enterprise customers and runs on Claude Opus 4.7, with Team and Max access flagged as coming soon but without a committed date.
• The product replaces the earlier Claude Code Security research preview and is reachable from the Claude.ai sidebar with no API integration or custom agent build required.
• Anthropic is distributing Opus 4.7 cyber capability through CrowdStrike, Microsoft Security, Palo Alto Networks, SentinelOne, TrendAI and Wiz on the platform side, and through Accenture, BCG, Deloitte, Infosys and PwC on the services side.
• CrowdStrike (NASDAQ: CRWD) is the most visible launch partner, integrating Opus 4.7 across the Falcon platform and channelling it through its newly unveiled Project QuiltWorks coalition.
• Anthropic has deliberately split its cyber model strategy into a broadly available defensive tier in Claude Security and a tightly gated offensive-capable tier in Claude Mythos under Project Glasswing.
• The Cyber Verification Program acts as the governance layer for legitimate enterprise security work that would otherwise trip Opus 4.7’s built-in cyber safeguards.
• Operational additions over the research preview include scheduled scans, directory-scoped scans, dismiss-with-reason workflows, CSV and Markdown exports, and webhooks into Slack and Jira.
• The product currently supports GitHub-hosted repositories, which is a meaningful constraint for enterprises running mixed source control environments such as self-hosted GitLab or Azure DevOps.
• Competitive pressure on OpenAI, Google DeepMind and pure-play AI security challengers shifts to enterprise distribution depth, not just model capability, given Anthropic’s partner architecture.
• The political backdrop around Mythos access and broader frontier cyber model governance is the single biggest external variable that could reshape how Claude Security evolves over the next twelve months.