Anthropic is continuing its rise by providing not only the arguably strongest frontier model with Opus 4.6, but more importantly by shifting the SOTA of AI-based software development with Claude Code. In its most recent addition focused on security, they partnered with Mozilla to investigate the latest Firefox release. After all the dust had settled, the total vulnerability count came out to 112 (resulting in 22 CVEs), most of them already fixed in the latest Firefox 148 release.
The obvious question now is: If AI is available to both the attacking and the defending party, who will gain the upper hand? Will AI allow malevolent actors to brick the internet. Here’s a comforting finding from the authors:
One, Claude is much better at finding these bugs than it is at exploiting them. Two, the cost of identifying vulnerabilities is an order of magnitude cheaper than creating an exploit for them.
So there you go: Judgment day will have to wait until that situation is reversed or at least equalized. Comforting, isn’t it?
Claude Code for Security
Being responsible for the platform security of alan.de (a B2B AI chat platform in Germany/EU), I’m particularly curious about getting access to this set of tools as Claude Code for Security. For now though it’s invite only and exclusively for Team/Enterprise plans. I’m excited about the possibilities though, and to see if it’ll be as transformative and Claude, Codex, and Copilot have been for software development.
Daniel Lenz 