Who can use Claude Security right now?

Public beta is open from 4 May 2026 to Claude Enterprise customers via Claude.ai. Anthropic has said access for Team and Max customers will follow, but no firm date has been given.

Does Claude Security replace Semgrep, Snyk Code or GitHub Advanced Security?

Not yet. The honest framing is complementary. Claude Security excels at cross-file logic flaws and produces targeted patch proposals. Deterministic SAST tools still win on rule transparency, self-hosting and gating in CI. Most teams will run both for the next 12 months.

Is Claude Security self-hostable for regulated environments?

No. The current beta sends source code to Anthropic for analysis. That is a hard line for parts of UK financial services, NHS Digital workloads and Indian regulated sectors. Semgrep remains the strongest self-host option in this category.

How is Claude Security priced?

Anthropic has not published a per-seat or per-repo price. It is bundled into the Claude Enterprise plan, which is itself negotiated. Expect a sales conversation rather than a self-serve checkout — comparable in friction to GitHub Advanced Security or Snyk Enterprise.

What happens to GCC SAST review work in Bengaluru and Pune?

Some triage volume will compress. The realistic outcome is that L1 triage shifts upstream into the model and offshore reviewers move into validation, false-positive arbitration and security architecture work. The headcount stays; the job description sharpens.

Claude Security beta: Anthropic ships auto-patching for Opus 4.7

What you need to know

Public beta from 4 May 2026 for Claude Enterprise customers, accessed inside Claude.ai. No API integration or custom agent required.
Built on Opus 4.7, which scores 87.6% on SWE-Bench Verified — the same model behind the 1M-token context release a fortnight ago.
Five new beta features: scheduled scans, directory-targeted scans, persistent triage with documented dismissals, CSV and Markdown exports, and webhook integrations to Slack, Jira and GitHub.
Closed-source, cloud-only. Anthropic processes the code; there is no self-host option in beta. Pricing is folded into the Enterprise plan and negotiated, not published.
Complements rather than replaces Semgrep, Snyk Code and GitHub Advanced Security. Most teams will run two tools side-by-side for the next year.

Pro tip

If you already pay for Claude Enterprise, switch on Claude Security in shadow mode against a single non-critical repository before the end of the month. The interesting question is not whether it finds issues — it will. The interesting question is what your existing SAST stack missed that Claude flags. That delta is what justifies (or kills) the line item.

What Anthropic actually shipped

The headline product is straightforward: Claude reads a codebase, traces data flows across files and modules, and surfaces vulnerabilities with proposed patches. The novel bit is the workflow scaffolding around it. In the closed preview that ran through Q1, scans had to be triggered manually, findings lived in a separate dashboard, and triage state did not survive a re-scan. The beta fixes all three.

Scheduled scans now run on a cadence defined per repository — nightly, weekly or after every merge to main. Targeted scans let a security engineer point Claude at a specific directory, which matters because a sprawling Indian fintech monorepo or a UK retailer's checkout module are not the same review job and should not share a budget. Triage decisions persist: if a senior reviewer dismisses a finding as a false positive and writes a one-line reason, future scans honour that decision and surface the rationale to the next reviewer. Exports land as CSV or Markdown, which slot into existing audit trails without anyone writing a glue script. Webhooks fan out to Slack, Jira and arbitrary HTTP endpoints.

None of those features are individually novel. Snyk has had Jira integration for years; GitHub Advanced Security has scheduled scans baked into Actions. What is new is that they all sit behind a model that, on Anthropic's published numbers, found more than 500 previously unknown vulnerabilities in production open-source codebases during the closed preview — bugs that had survived years of conventional SAST review.

How it stacks up against the incumbents

This is the comparison most procurement teams will run first. The honest answer is that the four products solve overlapping but genuinely different problems. The table below summarises where each one wins and loses today, drawing on published benchmarks, vendor pricing pages, and the FindSkill 2026 buyer's guide.

Dimension	Claude Security	Semgrep Pro	GHAS + Copilot Autofix	Snyk Code
Detection style	LLM cross-file reasoning	Semantic rule patterns	CodeQL queries	Symbolic + ML hybrid
Cross-file logic flaws	Strong	Moderate	Moderate	Moderate
Auto-patch quality	Targeted patch per finding	Suggestion-only	Copilot Autofix PR	Auto-PR (deps mainly)
Indicative price	Bundled in Enterprise (negotiated)	From £24/dev/month (Pro)	£39/user/month (GHAS add-on)	From £45/dev/month (Team)
Self-host	No	Yes (strong)	No (GitHub-hosted)	Limited (largest customers)
CI gating maturity	Beta	Production	Production	Production
Source-code residency	Anthropic cloud	Customer infra	GitHub cloud	Snyk cloud (or on-prem)

Two things stand out. First, Claude Security is the only entry in this table whose primary differentiator is patch generation rather than detection. Semgrep, GHAS and Snyk all flag; only Claude routinely proposes a working fix. Second, it is the only entry without a self-host option, which immediately eliminates it from a slice of the regulated market — more on that in a moment.

Watch out

Do not let an Opus 4.7 patch land on main without a deterministic gate behind it. The model is good — 87.6% on SWE-Bench Verified is genuinely strong — but it is still a model. Keep your existing CI security gate (Semgrep, CodeQL, whatever you have) as the deterministic check that says "this PR does not regress known-bad patterns". Use Claude for triage, fix-suggestion and root-cause narrative; keep the deterministic tool as the gating signal. That layered pattern is how every mature shop will run this in 2026.

The India angle: GCCs and offshore code review

Indian Global Capability Centres in Bengaluru, Pune and Hyderabad currently absorb a large share of offshore security review work for UK and EU clients. A typical engagement looks like a 30-person AppSec pod running Snyk plus internal CodeQL queries against a client's repositories, triaging findings, and shipping a weekly compliance report. The economics work because junior triage time is cheap and the SAST tooling licence is paid by the client.

Claude Security compresses the L1 layer of that workflow. A scheduled scan plus auto-patch proposals plus persistent triage means the model is doing what a Year-1 reviewer used to do — reading the finding, deciding if it is real, drafting the fix. That does not delete the headcount. What it does is shift it upstream: the offshore reviewer becomes a validator of model output, an arbitrator of false positives, and a security architect for the workloads the model cannot reason about (cryptographic primitives, novel auth schemes, custom hardware integrations).

The smart GCC leadership response is to retrain pods around three new specialisms: (a) prompt design and triage rubrics for security agents, (b) deterministic-tool authoring (Semgrep rules, CodeQL queries) that captures domain-specific bad patterns the model misses, and (c) pen-test and threat-modelling work that has always been undersupplied. We have spoken to two Bengaluru AppSec leads in the past week who are already organising training around exactly this. The ones who treat Claude Security as an existential threat will lose; the ones who treat it as a labour multiplier will pull more billable senior work upmarket.

The UK angle: NHS Digital, FCA fintechs and the self-host question

The UK regulated stack has the opposite problem. NHS Digital workloads, FCA-supervised fintechs, and any Ministry of Defence-adjacent code base all share a constraint: source code does not leave the customer's environment without a serious procurement conversation. Some of these organisations have spent years self-hosting Semgrep specifically because the data-residency story is clean.

Claude Security in beta cannot meet that bar. The code is sent to Anthropic for analysis. Anthropic offers a Business Associate Agreement and the usual Enterprise data-handling commitments, but for a Tier 1 UK bank under PRA supervision, or for an NHS England trust handling patient-adjacent code, the answer this quarter is "not yet". The product team at Anthropic has signalled that a deployment story for regulated customers is on the roadmap but has not committed to a date.

For UK fintechs that are not self-hosting today — the Series B and earlier cohort, who are already on GitHub cloud and Snyk cloud — Claude Security is straightforwardly competitive. The friction is procurement, not architecture. The pragmatic play for a 50-engineer London fintech is to pilot it on a non-PII repository, document the findings delta against the incumbent SAST, and use that data in the next licence renewal cycle.

Want to discuss this with other verified Builders?

Every article on AI Tech Connect surfaces the practitioners shipping in production. Browse profiles, shortlist who you want to hire or collaborate with.

Browse Builders →

Cost-of-adoption arithmetic

The headline cost question is whether bundling Claude Security into Claude Enterprise pencils out against per-developer SAST pricing. The honest answer is that the maths varies by team shape.

50-developer team already on Claude Enterprise. Marginal cost of switching on Claude Security is near zero. Compare with Snyk Team at roughly £45 per developer per month — that is £27,000 a year of headroom to play with. Claude Security wins on raw cost even if you keep Semgrep's free tier underneath as the deterministic gate.
50-developer team not on Claude Enterprise. The arithmetic flips. Claude Enterprise is itself a five-figure annual commitment. If you are buying it solely for security, you are paying for a lot of capability you will not use. Stay on your current SAST and revisit when Team-tier access lands.
200-developer regulated UK bank. Self-host is non-negotiable, so Claude Security is out of scope until Anthropic ships a deployment story. Semgrep self-hosted plus CodeQL is the standing answer.
500-engineer Indian SaaS exporter. Hybrid is the right answer: Claude Security on the customer-facing repos where speed-to-fix matters, deterministic SAST gating on the core engine, GHAS for the GitHub-native compliance reporting that auditors expect.

How this fits Anthropic's wider Enterprise push

Claude Security is the second Enterprise-only beta Anthropic has launched in three weeks, alongside the Managed Agents preview on 22 April. The pattern is clear: Anthropic is building out an Enterprise stack that makes the cost of standardising on Claude lower at every layer — agent runtime, IDE integration, code review, security. There is also a more specialised cybersecurity-focused Claude variant in preview, Claude Mythos with Glasswing, which targets red-team and adversarial workloads that sit one floor up from vulnerability scanning.

That stack thesis is also the strategic risk. If you bet on Claude Security in 2026 you are also betting that Anthropic stays the leading frontier-model lab through 2027. That is not a free bet. The deterministic SAST tools will still be there even if the model behind your auto-patch flow has to be swapped out. Architect with portability in mind: keep the gating tool deterministic and keep the AI tool replaceable.

The practitioner take

Three things to do this week, regardless of where you sit on the India-UK axis.

Run a parallel scan. If you are on Claude Enterprise, point Claude Security at a single non-critical repo this week. Capture the findings as a CSV and diff them against your existing SAST output. The interesting metric is not raw count — it is the count of findings only one tool surfaces.
Write the procurement memo before procurement asks. Three paragraphs: what Claude Security is, why it is closed-source and cloud-only, and how it complements rather than replaces your existing licence. If you are in a UK regulated organisation, lead with the data-residency caveat. If you are an Indian SaaS exporter, lead with the GCC labour-multiplier framing.
Refresh the team's review rubric. When the model proposes a patch, what counts as "good enough to merge"? Write that down before you have to defend it to an auditor. The teams that get the most value out of this product in 2026 are the ones that institutionalise the human-in-the-loop pattern early.

None of that requires a budget conversation. All of it positions you to make the budget conversation easier in three months when the Team-tier access lands and the friction drops.

Primary sources: Anthropic's launch post at anthropic.com/news/claude-code-security, the Help Net Security write-up of the 4 May beta at helpnetsecurity.com, and the SWE-Bench Verified figure cross-checked against the AWS Bedrock Opus 4.7 announcement and the Vellum benchmark explainer.