{
  "schema_version": "1.0",
  "id": "archive:https://www.anthropic.com/news/alberta-government-claude-cybersecurity",
  "slug": "alberta-government-claude-cybersecurity-059q6cn",
  "url": "https://feed7.dev/p/alberta-government-claude-cybersecurity-059q6cn",
  "title": "Government of Alberta uses Claude to find and fix cybersecurity vulnerabilities across government systems",
  "why_included": "Alberta's government ran 50 parallel Claude Code agents over 466M lines of code, compressing a security review estimated at 6.5 years into 20 hours — with every patch still gated on human review.",
  "summary": "**The gist** Alberta's Ministry of Technology and Innovation scanned **466 million lines of code** across 3,400 repositories by running **50 Claude Code agents** in parallel, finishing in **20 hours** a review estimated at 6.5 years. Each pass checked applications against **95 security controls**, in a two-stage flow: pattern-flag repositories first, then re-review for exact file and line citations.",
  "practical_implication": "**Why it matters** The harness patterns transfer to any large codebase: cheap flagging followed by precise verification, continuous **red team / blue team** review agents, and remediation that writes **tests first** where coverage is missing and rebuilds legacy code rather than patching it — one 25-year-old Java portal scoped at 5 months was rebuilt in **4–5 days**.",
  "agent_context": "**The gist** Alberta's Ministry of Technology and Innovation scanned **466 million lines of code** across 3,400 repositories by running **50 Claude Code agents** in parallel, finishing in **20 hours** a review estimated at 6.5 years. Each pass checked applications against **95 security controls**, in a two-stage flow: pattern-flag repositories first, then re-review for exact file and line citations.\n\n**Why it matters** The harness patterns transfer to any large codebase: cheap flagging followed by precise verification, continuous **red team / blue team** review agents, and remediation that writes **tests first** where coverage is missing and rebuilds legacy code rather than patching it — one 25-year-old Java portal scoped at 5 months was rebuilt in **4–5 days**.\n\n**Watch out** It's an Anthropic customer story: no vulnerability counts or fix rates are disclosed, every patch still required **human review** before deployment, and results depend on existing documentation quality. Broader rollout is planned for **fall 2026**, so long-term outcomes are unproven.",
  "source": {
    "name": "Anthropic",
    "url": "https://www.anthropic.com/news/alberta-government-claude-cybersecurity",
    "published_at": null
  },
  "source_class": "blog_post",
  "content_type": "Engineering Post",
  "layer": "agent",
  "domains": [
    "security",
    "coding"
  ],
  "topics": [
    "multi-agent",
    "coding-agents",
    "adoption"
  ],
  "verification": {
    "status": "official_source",
    "label": "Official Source",
    "method": "source_feed",
    "verified_at": null
  },
  "uncertainty": [
    "It's an Anthropic customer story: no vulnerability counts or fix rates are disclosed, every patch still required **human review** before deployment, and results depend on existing documentation quality. Broader rollout is planned for **fall 2026**, so long-term outcomes are unproven."
  ],
  "lifecycle": "Current",
  "published_at": null,
  "modified_at": null,
  "supersedes": [],
  "expires_at": null,
  "formats": {
    "html": "https://feed7.dev/p/alberta-government-claude-cybersecurity-059q6cn",
    "json": "https://feed7.dev/p/alberta-government-claude-cybersecurity-059q6cn.json",
    "markdown": "https://feed7.dev/p/alberta-government-claude-cybersecurity-059q6cn.md"
  }
}