CLAUDE Code Security made a big splash when it was introduced, but according to Dark Reading, it may be too early to call it as disruptive as the markets suggested. Anthropic unveiled Claude Code Security on 20 February 2026, built into the web version of Claude Code, and it is currently available in research preview, scanning codebases for vulnerabilities and proposing patches categorised by priority while still leaving the final decision to developers.
The article notes that Claude Code Security is not a one‑and‑done solution and that markets reacted with notable share price moves, with CrowdStrike slipping from about $420 to less than $350 between 19 and 23 February, and JFrog dropping from about $50 to $35 before partly recovering. It also highlights critiques that the tool, while promising, is not a universal AppSec fix and that several practitioners warn of false positives or impractical patches in real‑world development environments.
Check Point Research identified three critical vulnerabilities in Claude Code this week, underscoring the ongoing need for security when using coding tools and the value of combining agentic security with traditional measures.