Ceros Strengthens Security Teams’ Control Over Claude Code Operations
In the evolving landscape of cybersecurity, the emergence of AI-driven tools presents new challenges for security teams. One such tool, Claude Code, developed by Anthropic, is gaining traction within engineering organizations. This AI coding agent operates autonomously, executing commands and accessing sensitive data on developers’ local machines without leaving a trace detectable by traditional security measures. The implications of this shift are significant, prompting the need for enhanced oversight mechanisms.
The Challenge: Claude Code’s Operations Beyond Security Controls
For years, security teams have focused on establishing identity and access controls for human users and service accounts. However, Claude Code operates outside these established frameworks. It autonomously reads files, executes shell commands, and interacts with external APIs, all while leveraging the permissions of the developer who initiated it. This means that by the time any network-layer security tool detects unusual activity, the damage may already be done.
Claude Code’s operational profile complicates matters further. It utilizes existing tools and permissions on the developer’s machine rather than introducing its own, making its actions blend seamlessly with normal traffic. This creates a significant gap in visibility for security teams, as they cannot monitor actions that occur locally before any request leaves the device.
Introducing Ceros: A New Layer of Security
To address these challenges, Beyond Identity has developed Ceros, an AI Trust Layer that operates directly on the developer’s machine alongside Claude Code. Ceros provides real-time visibility and enforces runtime policies, creating a cryptographic audit trail of every action taken by the AI agent.
Installation of Ceros is designed to be seamless, requiring only two commands to set up. The first command installs the command-line interface (CLI), while the second launches Claude Code through Ceros. Developers can continue their work without disruption, as the integration is designed to be invisible.
Once enrolled, Ceros captures comprehensive device context, including operating system details, disk encryption status, and endpoint protection status, all in under 250 milliseconds. This data is tied to a verified human identity, ensuring accountability and traceability.
Gaining Insights: The Ceros Admin Console
After integrating Ceros, security teams can access a wealth of information through the Ceros admin console. This console provides a complete record of Claude Code’s activities across the organization. The “Conversations” view details every interaction between developers and Claude Code, showing not only the prompts and responses but also the underlying tool calls executed on local machines.
For instance, when a developer queries Claude Code about directory contents, the agent may execute a shell command like bash ls -la, which runs with the developer’s permissions. This level of visibility into tool invocations is unprecedented for many security teams, allowing them to understand the full scope of actions taken by the AI agent.
Policy Enforcement: Governing Claude Code’s Actions
Visibility alone is insufficient for effective governance. Ceros transitions from observability to enforcement through its policy framework. Policies are evaluated at runtime, ensuring that controls are applied at the moment actions are executed, rather than being reconstructed afterward.
One of the most impactful policies is MCP server allowlisting, which allows administrators to define a list of approved servers. Any attempts by Claude Code to connect to unapproved servers are blocked before the connection is established. Additionally, tool-level policies enable administrators to control which tools Claude Code can invoke and under what circumstances, allowing for granular oversight.
Device posture requirements further enhance security by ensuring that sessions are only initiated on machines meeting specific security criteria. Ceros continuously reassesses device posture throughout the session, providing a dynamic security environment.
The Activity Log: Immutable Audit Trails
Ceros also offers an Activity Log that serves as a forensic snapshot of the environment at the moment Claude Code is invoked. Each log entry captures the device’s security posture, the complete process ancestry, and every action taken during the session. This level of detail is crucial for compliance, as auditors increasingly require tamper-evident records.
Ceros signs each log entry with a hardware-bound cryptographic key, ensuring that the logs cannot be altered after the fact. This capability is essential for frameworks that demand immutable audit records, such as SOC 2, FedRAMP, HIPAA, and PCI-DSS.
Standardizing Tooling: Managed MCP Deployment
For organizations looking to standardize the tools available to Claude Code, Ceros offers managed MCP deployment. Administrators can push approved MCP servers to every developer’s instance without requiring individual configuration. This creates a cohesive governance model, allowing developers to operate within defined parameters without friction.
The Dashboard: Organizational Risk Posture
Ceros is also developing a Dashboard that will provide a comprehensive view of AI risk posture across the organization. This tool will enable security teams to monitor the number of devices provisioned, enrolled, and actively running Claude Code, with alerts for any adoption gaps.
Conclusion
The rise of AI tools like Claude Code presents unique challenges for cybersecurity teams. By operating outside traditional security controls, these agents create vulnerabilities that can be exploited. Ceros addresses this gap by providing real-time visibility, policy enforcement, and immutable audit trails, allowing organizations to regain control over their security posture.
According to publicly available thehackernews.com reporting, Ceros is now available for organizations seeking to enhance their security measures in an increasingly complex digital landscape.
Follow the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
