Build AI-powered security tools: LLM code reviewer, threat intelligence enrichment, IR playbook generator.
Building LLM Security Tools
import anthropic
client = anthropic.Anthropic()
# 1. AI-powered SAST
def ai_code_review(code: str, language: str) -> dict:
"""Find security vulnerabilities in code."""
resp = client.messages.create(
model="claude-opus-4-5", max_tokens=1500,
system="You are an expert application security engineer. Find security vulnerabilities.",
messages=[{"role":"user","content":f"""Review this {language} code for security issues.
Return JSON: {{
"vulnerabilities": [{{
"type": "SQL Injection|XSS|IDOR|etc",
"severity": "Critical|High|Medium|Low",
"line": number,
"description": "what is wrong",
"fix": "how to fix"
}}]
}}
Code:
{code}"""}]
)
return json.loads(resp.content[0].text)
# 2. Threat intelligence enrichment
def enrich_ioc(ioc: str, ioc_type: str) -> dict:
"""Enrich IP/domain/hash with threat context."""
vt_data = virustotal.lookup(ioc)
resp = client.messages.create(
model="claude-opus-4-5", max_tokens=500,
system="You are a threat intelligence analyst.",
messages=[{"role":"user","content":f"Summarise threat context for {ioc_type} {ioc}:
{vt_data}"}]
)
return {"ioc":ioc,"summary":resp.content[0].text}
# 3. Incident playbook generator
def generate_playbook(incident_type: str) -> str:
resp = client.messages.create(
model="claude-opus-4-5", max_tokens=2000,
system="You are a CISO. Create step-by-step incident response playbooks.",
messages=[{"role":"user","content":f"Create an IR playbook for: {incident_type}"}]
)
return resp.content[0].text