Modern codebases run to millions of lines, change every day, and ship faster than any team can audit by hand. In a memory-unsafe language like C, a single overlooked defect such as a buffer overflow or a use-after-free can become a remotely exploitable vulnerability, and manual review cannot cover that surface. Anthropic recently showed that LLMs are now capable enough to find and fix vulnerabilities at scale, and that discovery is now straightforward to parallelize, so the effort has shifted to proving a finding is exploitable, triaging it, and patching it.

Anthropic calls the whole process a six step find-and-fix loop, and we are going to build every step of it. —  Read More