---
title: Claude Code Security Is What Cowork Should Have Been
description: Anthropic previewed Claude Code Security, an AI vulnerability scanner built into Claude Code. Cyber stocks dropped $15 billion for no good reason.
author: Darie Nani (Editor-in-Chief)
date: 2026-02-22T12:35:42.000Z
updated: 2026-03-28T18:10:54.472Z
canonical: https://www.sovereignmagazine.com/article/claude-code-security-is-what-cowork-should-have-been
image: https://cdn.nanimediahouse.com/965345.jpeg
categories: Artificial Intelligence
content_type: News
region: United States
publication: Sovereign Magazine
---

Anthropic previewed [Claude Code](https://www.sovereignmagazine.com/article/openai-codex-plugins-ai-coding-tools) Security on 20 February 2026, a vulnerability scanner built into its Claude Code developer tool. The new capability scans codebases for security flaws and suggests patches for human review. Unlike Cowork, which I felt was a big disappointment, this one actually looks good.

## How it finds bugs

Traditional static analysis tools match code against libraries of known vulnerability patterns. Claude Code Security reads the full codebase, traces how data moves between components and identifies flaws those pattern-matching tools cannot catch: broken access control, authentication bypass and business logic errors. A multi-stage verification process forces the model to disprove its own findings before presenting them to an analyst, and every suggested fix requires human approval.

Anthropic’s Frontier Red Team tested the capability against production open-source codebases. [Opus 4.6 found over 500](https://www.sovereignmagazine.com/article/claude-mythos-anthropic-new-model) vulnerabilities without custom prompting or specialist tools. Some had gone undetected for decades. Trail of Bits has published a separate [open-source set of Claude Code security skills](https://github.com/trailofbits/skills) covering code auditing, static analysis with CodeQL and Semgrep, and variant analysis across codebases.

## $15 billion wiped from the wrong companies (again)

CrowdStrike fell 8%, Cloudflare dropped 8.1%, Okta lost 9.2% and SailPoint shed 9.4%. The Global X Cybersecurity ETF hit its lowest close since November 2023. Barclays called the sell-off ‘illogical’ because it is. CrowdStrike detects threats on endpoints. Cloudflare secures networks. Okta manages identity. None of them scan source code for bugs. An AI tool that reads a Git repository and flags a broken authentication check is not competing with a firewall vendor or an identity provider.

Every time Anthropic announces something, the market goes into a frenzy, and whoever is doing the buying and selling seems to have very little understanding of what was actually announced. Cowork was not a replacement for the [SaaS companies that got hammered](https://www.sovereignmagazine.com/article/cowork-is-a-big-disappointment-285-billion-wiped-because-of-this) in that sell-off either. It is a tool. If it worked properly, it would help the people inside those companies do more, not replace the companies themselves. The same applies here. Claude Code Security helps security teams find bugs faster. It does not make CrowdStrike or Okta redundant.

## A preview, not a launch

Anthropic is treating this with more care than it treated Cowork. Claude Code Security is a limited research preview for Enterprise and Team customers, not a public release. Open-source project maintainers get free expedited access, which is where the tool stands to make the largest difference given that open-source libraries sit beneath most commercial software and rarely receive dedicated [security audits](https://www.sovereignmagazine.com/article/firms-step-up-software-security-what-jfrog-and-tl-consulting-are-doing-differently).

Logan Graham, Anthropic’s Frontier Red Team lead, called it ‘a force multiplier for security teams’. Unlike Cowork, the foundation it is built on justifies that claim. Claude Code already has persistent memory, reads project configuration files and maintains context across sessions. Anthropic has been [building enterprise AI capabilities](https://www.sovereignmagazine.com/article/enterprise-ai-race-intensifies-as-ibm-partners-with-anthropic-to-embed-claude-in-business-sof) for months, and this is the first addition that feels like a genuine step forward rather than a marketing exercise.

## Further Context

**Q: Can AI find security vulnerabilities that human reviewers miss?**
Machine learning has been used in code scanning for years. GitHub, for example, includes machine learning in its code scanning feature to identify known vulnerability patterns. Claude Code Security goes further by reasoning about how code components interact rather than matching against a static list of known flaws. Anthropic’s Frontier Red Team demonstrated this by finding over 500 vulnerabilities in open-source codebases that had passed years of human review. The key difference is that language models can trace data flow and logic paths across an entire application, catching business logic errors and access control failures that pattern-based tools are not designed to detect.

**Q: Can AI identify vulnerable systems in enterprise environments?**
AI-driven systems analyse security logs, network traffic and threat intelligence feeds to identify patterns that indicate potential vulnerabilities. IBM and Palo Alto Networks both use machine learning in their vulnerability management platforms to flag anomalies at scale. Claude Code Security operates at a different layer. Rather than monitoring live infrastructure, it reads source code before deployment and flags flaws at the development stage. The two approaches are complementary rather than competing, which is part of why the cybersecurity stock sell-off following Anthropic’s announcement had no rational basis.

**Q: Can AI detect cyber threats in real time?**
AI and machine learning are foundational to modern threat detection, enabling security teams to identify and respond to threats at speeds that manual analysis cannot match. CrowdStrike, Palo Alto Networks and other endpoint protection vendors use AI to monitor network activity and flag suspicious behaviour in real time. Claude Code Security does not operate in this space. It scans source code repositories for vulnerabilities before software reaches production. Real-time threat detection and pre-deployment code scanning serve different purposes in the security stack.
