SAN FRANCISCO: Anthropic has released Claude Code Security, an artificial intelligence tool that automatically scans codebases for vulnerabilities and suggests patches, triggering sharp declines in cybersecurity stocks.
The feature integrates into Claude Code’s web-based platform and uses large language models to analyze code contextually rather than through predefined pattern matching. The system examines how components interact and how data flows through applications to identify complex vulnerabilities.
CrowdStrike shares dropped 8 percent while Cloudflare declined 8.1 percent following the announcement. Zscaler fell 5.5 percent, SailPoint shed 9.4 percent and Okta retreated 9.2 percent. The Global X Cybersecurity ETF declined 4.9 percent to its lowest level since November 2023.
“Claude Code Security is intended to put this power squarely in the hands of defenders and protect code against this new category of AI-enabled attack,” Anthropic stated. The tool addresses subtle logic flaws that manual reviewers often overlook.
The system performs multi-stage verification before presenting findings to analysts. Claude reviews its own results, attempts to confirm or refute them and filters false positives. Validated vulnerabilities receive severity and confidence scores in a dashboard for security team review.
Anthropic tested Claude Opus 4.6 internally and identified over 500 vulnerabilities in production open-source codebases during stress testing. The company developed the technology over more than one year including participation in capture-the-flag cybersecurity competitions.
“There’s been steady selling in software, and today it’s security that’s getting a mini-flash crash on a headline,” said Dennis Dick, head trader at Triple D Trading. Market participants expressed concern about AI agents potentially cannibalizing traditional threat detection markets.
The feature remains in limited research preview for enterprise and team customers. Open-source project maintainers can apply for free expedited access. Anthropic has not announced a timeline for general availability.
CrowdStrike CEO George Kurtz responded that AI increases security needs rather than eliminating them. Raymond James analyst Mark Cash called the market reaction excessive, noting investors were extrapolating beyond current functionality.
The selloff mirrors broader volatility across software sectors as generative AI transitions from experimental features to core enterprise functionality. The iShares Expanded Tech-Software Sector ETF has declined approximately 23 percent year-to-date.
Previous
