$10B Gets Wiped Out Because Wall Street Doesn't Know What a Firewall Is.
What Anthropic's Claude Code Security tool actually does, and what the market got wrong.
Anthropic released a security tool on Friday.
It’s called Claude Code Security. It scans your codebase for vulnerabilities and suggests patches for a human to approve.
Limited research preview.
Enterprise customers only.
Not even generally available yet.
The backstory is straightforward.
Anthropic has been stress-testing this internally for over a year
red teams,
Capture the Flag contests,
lab partnerships.
They used it to secure their own systems, then decided to open it up. It found 500+ vulnerabilities in open-source projects that survived decades of expert review. Powered by Opus 4.6. Human-in-the-loop. Nothing ships without approval.
With in one hour of the post, market lost its mind.
CrowdStrike down 6.5%.
Cloudflare down 8%.
Okta down 9%.
SailPoint down 9.4%.
The cybersecurity ETF hit its lowest close since November 2023 , while the Nasdaq was up.
Total damage: $10 billion in market cap. just from a blog post, or well a tweet actually.
Here’s why that’s ridiculous.
Claude Code Security does code scanning.
CrowdStrike does endpoint protection.
Cloudflare does network security.
Okta does identity.
These are completely different layers of the stack. It’s like Anthropic announcing a better building inspector and the market firing every security guard, locksmith, and fire marshal in the building. And here’s whats the most hilarious and ironic at the same time. OpenAI’s Aardvark has been doing the same thing in beta since October. but hey no panic then?
Now wait for it.
Within 48 hours, every tech blog will publish some version of “How Claude Just Killed 50? 1000 Cybersecurity Startups.” The LinkedIn hustle bros will post “Is your security startup dead? Here’s what I’d do instead.” The hot takes will write themselves. They always do.
What actually happens in reality?
The companies that actually should be nervous are Snyk, Veracode, Checkmarx, the ones doing static code analysis today? But nobody’s even talking about them.
The ones that got hammered do completely different things. and this is when, Anthropic themselves said they released this tool because attackers will use AI to find vulnerabilities too, which means more attack surface, more threats, and more demand for CrowdStrike, Cloudflare, and Okta, and NOT LESS.
The tool literally makes the case for why those stocks matter more going forward. Q1 earnings in March will tell the real story. Until then, it’s just vibes and panic.
The AI disruption is real. The panic is not. Know the difference.