AI's "rectification" of the software industry isn't over yet; this time it's security's turn. However, the logic seems absurd, primarily because the source of the absurdity lies in Claude itself.
Simply put, due to the popularity of "Vibe Coding," security vulnerabilities in code delivered by AI are rising exponentially. Then, the Claude model—which arguably contributes to the most vulnerabilities (not because it's inherently bad, but because it's the most widely used and thus generates the most; though Gemini, GPT, and any other models are also creating exponentially rising code security issues)—steps forward and claims it can provide security protection.
In theory, of course, models can do anything. But even if we don't debate model capabilities, logically speaking, isn't it absurd for a black-box model to claim it can detect a vast number of code security vulnerabilities when, in fact, it created many of them in the first place?
I might be one of the first people to publicly state that AI will disrupt the entire software industry (specifically software engineering). However, my view is not based on the premise that "models make software better." Rather, it's built on the foundation of "pre-made meals" (or rather, "pre-made chefs")—where models are so convenient, efficient, and low-cost that they can be used and then discarded.
Everyone can start from their own practical needs and quickly use models to build the tools they require, rather than waiting for the inefficient output of decaying, bureaucratic software engineering—even though products from traditional software engineering are more robust, scalable, and secure.
But achieving immediate goals is what matters most. In an era of increasingly rapid change, who can clearly predict tomorrow's requirements?
However, this comes at a price: lower quality, more vulnerabilities and security issues, and difficulty in scaling (I don't mean everything, but the vast majority, because the underlying foundation has changed).
Consequently, security problems are rising exponentially. Of course, many people don't care about data leaks and security flaws. But when exponentially increasing applications and Agent tasks are running on the open internet, the demand for security also grows exponentially.
I don't doubt Claude's significantly improved bug-checking capabilities at all. Not just Claude 4.6, but Gemini-3.1-Pro and Codex-5.3 have also shown massive improvements in this area; I have experienced this firsthand recently.
However, this does not mean that models can replace humans and mature tools for security protection. In fact, many of the miracles they create are built precisely on top of humans and mature tools.
I also believe that in the visible short-to-medium term, they will take on more and more security-related work, but the reliance on humans and mature tools will also increase significantly. This same logic applies to professional fields like finance and law. Security, financial markets, and the judiciary (the Western system) are essentially about "offense and defense." These are the fields that require the most loophole-seeking. Perhaps models can "rectify" this "opportunism," but hasn't human society progressed to some extent precisely because of this relentless pursuit of "finding loopholes"?
Furthermore, while no single human can match current models in terms of breadth of knowledge, when it comes to being "clever," they still have a way to go.
After all this writing, let's see what Claude can actually do, as shown in the image below.
From a rational perspective, the panic-driven sentiment of "disrupting various software industries" will persist for some time. But sometimes, taking steps that are too large doesn't necessarily lead to a good outcome; history is full of such examples.
Unless, of course, we are truly facing the greatest inflection point in human history. I don't know what the general social emotional response was when the loom was invented—there was no social media then, and none of us lived through that period.
Humanity, so far, is doing just fine.