Using LLMs to secure source code

2026-05-27 · Source: Claude Blog · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Intermediate, extended

Summary

Anthropic outlines a six-step "find-and-fix loop" for securing source code using large language models, specifically Claude Opus. This methodology, detailed in an accompanying `defending-code-reference-harness` repository, focuses on building a threat model, sandboxing, discovering vulnerabilities, and then verifying, triaging, and patching them. The primary observation is that while vulnerability discovery is now straightforward to parallelize with LLMs, the subsequent stages of verification, triage, and patching have become the new bottlenecks. For instance, Anthropic's own scanning of open-source software revealed 1,596 vulnerabilities by May 22, 2026, yet only 97 of these had been patched. The guide emphasizes a one-time investment in threat modeling and sandboxing to power a continuous defender's loop, improving context for subsequent scans.

Key takeaway

For AI Security Engineers implementing LLM-driven vulnerability management, recognize that the bottleneck has shifted from discovery to verification, triage, and patching. You should invest upfront in comprehensive threat modeling and secure sandboxing to provide critical context and isolation. Prioritize building independent verification agents that can disprove findings and validate patches through a ladder of checks, ensuring high precision and reducing downstream manual effort in your security pipeline.

Key insights

LLMs streamline vulnerability discovery, shifting the bottleneck to verification, triage, and patching.

Principles

• Foundational threat modeling and sandboxing enable efficient vulnerability loops.
• Separate, adversarial discovery and verification optimize recall and precision.
• Rich context and simple prompts enhance LLM-driven vulnerability detection.

Method

Implement a six-step "find-and-fix loop": threat model definition, sandbox creation, LLM-driven discovery, independent verification, root-cause triage, and validated patching.

In practice

• Include a `THREAT_MODEL.md` in the repository for LLM context.
• Run agents in isolated microVMs with network egress locked down.
• Validate patches using a ladder of checks, including re-attacking the fix.

Topics

• LLM Security
• Vulnerability Management
• Threat Modeling
• Code Security
• Security Sandboxing
• AI Agents

Code references

• anthropics/defending-code-reference-harness
• adamshostack/4QuestionFrame
• ImageMagick/ImageMagick
• anthropics/claude-code-security-review

Best for: AI Security Engineer, Software Engineer, MLOps Engineer

Related on AIssential

• Security Risks in Language Models (LLMs) — LLMs face unique security threats from manipulation, data leakage, and supply chain vulnerabilities across their lifecycle.
• LLM-discovered 0-days — Claude Opus 4.6 finds high-severity 0-day vulnerabilities by reasoning about code, surpassing traditional fuzzing in complex cases.
• Components of a Coding Agent: How LLMs Become Software Engineers — Coding agents transform LLMs into dynamic, multi-step problem solvers through structured system design.
• The AI Agent Security Surface: What Gets Exposed When You Add Tools and Memory — AI agents introduce four distinct attack surfaces requiring a new security paradigm beyond traditional LLM prompt defenses.
• Connecting LLMs to the Real World: Tool Use, Function Calling, and MCP — LLMs use an application layer and standardized protocols to interact with external tools, extending their capabilities beyond text generation.
• 🥇Top AI Papers of the Week — LLM internal states, external environments, and architectural choices profoundly impact performance, safety, and cost.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Claude Blog.