product-launch

Anthropic 2026-03-09-1

Making frontier cybersecurity capabilities available to defenders

Product announcement dressed as research disclosure. Claude Code Security uses multi-stage self-verification to scan codebases beyond pattern-matching SAST. The 500-vuln claim has no CVEs, no false positive rates, and no comparison to existing tools. Zero external validation in the announcement itself -- the WSJ/Firefox piece did that work. The real play: security scanning as a loss-leader wedge for enterprise platform deals. Neither lab announced pricing.

# tags

cybersecurity enterprise-ai agentic-ai defensibility product-launch

◆ entities

Anthropic Claude Opus 4.6

→ threads

ai-security reliability ai-1.0-defensibility

permalink

OpenAI 2026-03-09-2

Codex Security: now in research preview

Same-day competitive counter to Anthropic with stronger receipts: 15 named CVEs in the appendix (GnuTLS heap overflows, GnuPG stack buffer overflow, GOGS 2FA bypass), published improvement curves (84% noise reduction, 90%+ severity over-reporting reduction, 50%+ false positive reduction). The threat model architecture -- building an editable intermediate artifact before scanning -- is the most interesting pattern: it generalizes as "make the agent's understanding inspectable before execution." Broader tier access (Pro through Edu) weakens the dual-use containment narrative but maximizes adoption velocity.

# tags

cybersecurity enterprise-ai agentic-ai defensibility product-launch

◆ entities

OpenAI

→ threads

ai-security agentic-ai-viability ai-1.0-defensibility

permalink