What Claude Actually Is

Claude is a multi-surface AI platform

Claude is built by Anthropic, a San Francisco-based AI safety company founded in 2021 by former OpenAI researchers. The name matters for one practical reason: Anthropic trains Claude using Constitutional AI — a set of principles that define helpful, harmless, and honest behavior. The 2026 version of that constitution has grown to over 23,000 words — not legal padding, but a genuine attempt to build a model with ethical judgment rather than just a rule filter. This means Claude will sometimes refuse or heavily caveat requests it considers potentially harmful, even when your intent is legitimate defensive security work. This is a design choice, not a bug. Module F3 teaches prompting techniques that work within these constraints.

What most people call “Claude” is actually a platform with five distinct interfaces, each designed for different work patterns. Understanding which surface to use for which task is the first skill that separates effective Claude users from people who just type into a chat box.

Claude.ai — the chat interface

Claude.ai is the web-based chat interface and the surface most people start with. It is substantially more capable than it appears. Beyond the text input box, Claude.ai includes Projects (persistent context that carries across every conversation in the project — your system prompt, uploaded reference documents, and accumulated conversation history), Artifacts (structured output panels for code, documents, and visualizations that you can download, edit, and iterate on), Memory (Claude derives context from past conversations and remembers your preferences across sessions), Skills (persistent reusable workflows that shape how Claude behaves on specific tasks — you can teach Claude your report format, your naming conventions, or your analysis methodology and it applies them automatically), Extended Thinking (Claude performs multi-step internal reasoning before responding — critical for complex security analysis), Adaptive Thinking (Claude automatically determines when deeper reasoning is needed based on your question), Web Search (live internet access to find current information beyond the training cutoff), Visualizations (inline charts, diagrams, and interactive widgets rendered directly in the conversation), and Connectors (MCP integrations giving Claude direct access to Gmail, Google Drive, Slack, GitHub, and dozens more external tools).

For security professionals, Claude.ai is the primary interface for investigation analysis, report drafting, query generation, threat briefing creation, policy drafting, and any task where you are actively working with Claude in a conversational flow. Module F2 covers every feature in detail.

Claude Code — the terminal agent

Claude Code is a terminal-native agentic coding tool. It does not just answer questions about code — it acts. Claude Code reads your entire codebase (not just the file you are working on), executes bash commands, writes and edits files directly, runs your test suite, manages git workflows (branches, commits, pull requests), and handles multi-file refactoring through natural language instructions.

What makes Claude Code agentic rather than just a code assistant is its ability to plan and execute multi-step workflows autonomously. You describe the outcome (“audit all inbox rules across the tenant and generate a report”), and Claude Code plans the implementation, writes the script, tests it, and delivers the result. It can spawn multiple agents that work on different parts of a task simultaneously (Agent Teams — a lead agent coordinates the work, assigns subtasks, and merges results). It can run scheduled tasks (security audits every Monday, PR reviews after each deployment, dependency checks weekly). It can be controlled remotely from a browser or mobile device, so you can start a long task at your desk and check progress from your phone.

For security professionals, Claude Code is the interface for writing and maintaining PowerShell scripts, KQL detection rules, Python automation, infrastructure-as-code, and any security task that lives in a code repository. It integrates with VS Code, Cursor, Windsurf, and JetBrains IDEs. Module S5 covers Claude Code for security teams in depth.

Claude Cowork — the desktop agent

Cowork is available in the Claude Desktop app as a separate tab. Unlike Claude.ai (where you converse back and forth) and Claude Code (where you work in a terminal), Cowork executes multi-step tasks autonomously while you do something else. You describe the outcome, share the relevant files and folders, and Claude works through it — breaking complex work into subtasks, coordinating sub-agents in parallel, and delivering finished outputs directly to your file system.

Cowork has access to your local files (sandboxed — only the folders you explicitly share), the plugin marketplace (pre-built bundles of skills, connectors, and sub-agents for specific roles — including legal, finance, engineering, and security plugins), scheduled recurring tasks (weekly report generation, file organization, expense processing), and Computer Use (Claude controls your mouse, keyboard, and applications to automate workflows across apps that do not have APIs). The Dispatch feature lets you assign Cowork tasks from your mobile phone — message Claude from anywhere and the work executes on your desktop.

For security professionals, Cowork handles document creation (IR reports, policies, compliance evidence), file organization (evidence folder structuring, log sorting), data processing (transforming exports, compiling multi-source data), report compilation (assembling findings into deliverables), and any repeatable workflow you want to delegate rather than perform manually. Module S5 covers Cowork’s security applications.

Claude in Chrome and Mobile/Desktop apps

Claude in Chrome is a browser extension that gives Claude visibility into web pages. It reads page content, inspects the DOM and element attributes, analyzes network requests (XHR, Fetch, document loads), detects console errors, and can automate browser-based workflows. For security professionals, the Chrome extension is useful for analyzing web application behavior, reviewing portal configurations, testing web-based security tools, and automating browser-based tasks in security portals that lack API access.

Claude Mobile and Desktop apps provide native interfaces. The desktop app hosts the Cowork tab (the agentic surface described above). The mobile app supports Dispatch — assign tasks to Claude from your phone that execute on your desktop. Both apps maintain the same conversation history and project context as Claude.ai.

The connector layer: MCP

The Model Context Protocol is an open standard created by Anthropic that allows Claude to connect to external tools and data sources. Instead of copying data from one application and pasting it into Claude, MCP connectors give Claude direct, permissioned access to the data where it lives.

Claude supports over 38 built-in connectors including Gmail (search and read emails), Google Drive (access documents and spreadsheets), Google Calendar (read and manage events), Slack (search messages and channels), GitHub (read repositories, create pull requests, manage issues), Notion (access workspace pages), Salesforce (query CRM records), Figma (access design files), DocuSign (manage documents), and many more. Organizations can also build custom MCP servers that connect Claude to proprietary internal systems — your SIEM, your ticketing system, your internal documentation.

For security professionals, MCP connectors mean you can ask Claude to search your email for phishing reports, pull an IR template from your shared drive, check your calendar for incident bridge schedules, or review GitHub issues in your detection rule repository — all within the same conversation, without switching applications.

Each connector has granular permission controls. You can allow Claude to search your emails but block it from sending them. You can allow Claude to read GitHub issues but block it from creating pull requests. This permission model is critical for security use — you control exactly what Claude can access and what actions it can perform.

The three model tiers

Anthropic offers three model tiers. Every Claude surface uses the same underlying models — the difference is capability, speed, and cost.

Claude Opus 4.6 is the most capable model, launched February 2026. It supports up to one million tokens of context (roughly 750,000 words) with up to 128,000 output tokens per response. Opus excels at complex multi-step reasoning, sustained analysis over extended sessions, and tasks where precision matters more than speed. In a security context, use Opus for reconstructing complex attack timelines from multiple data sources, writing comprehensive post-incident reviews, analyzing novel attack techniques, and any task where Sonnet’s output is not deep enough. Available on Pro, Max, Team, and Enterprise plans.

Claude Sonnet 4.6 is the default model for both free and paid users, also launched February 2026. Sonnet offers up to one million tokens of context in beta and delivers a strong balance of capability and speed. Early access users preferred Sonnet 4.6 to the previous generation’s Opus, which demonstrates how capable the mid-tier model has become. In a security context, Sonnet handles the vast majority of daily work: KQL queries, IR report sections, sign-in log analysis, detection rule logic, policy drafting, and alert triage. Start with Sonnet for everything.

Claude Haiku 4.5 is the fastest and cheapest model, designed for tasks where speed matters more than depth: data reformatting, simple classification, high-volume processing, and quick factual lookups. In a security context, use Haiku for log formatting, data parsing, simple summarization, and any bulk task where you need answers fast without deep reasoning.

Worked artifact — model selection guide for your SOC:

Alert triage (structured assessment of a single alert) → Sonnet → Sufficient depth for field-by-field analysis. Fast response time supports operational tempo.

KQL detection rule from a threat report → Sonnet with Extended Thinking → Detection rules require multi-step reasoning. Extended Thinking improves accuracy on complex logic.

Complex attack timeline reconstruction (multi-source, multi-day) → Opus → Requires synthesizing evidence from multiple tables across an extended timeframe.

Bulk log reformatting (CSV → structured JSON) → Haiku → Pure transformation task with no reasoning required. Fastest and cheapest.

Comprehensive post-incident review → Opus → Requires sustained attention, nuanced analysis, and integration of technical findings with business impact.

Compliance gap analysis against a long framework document → Opus → Requires sustained attention across a long document with nuanced interpretation of control requirements.

Adapt this guide for your team — add the specific tasks you perform daily and test each model tier to calibrate your own selection criteria.

Knowledge boundaries

Claude’s training data has a cutoff date. As of March 2026, the knowledge cutoff is the end of May 2025. Claude reliably knows about security concepts, attack techniques, frameworks, and tool documentation published before June 2025. It may not know about new Defender features, KQL functions, CVEs, threat actor campaigns, or Microsoft product changes from the past year.

Web search partially compensates when enabled — Claude can search the internet for current information. This helps with recent CVEs, current product documentation, and breaking threat intelligence. But web search results are not guaranteed to be accurate or comprehensive. Treat them as one source among many.

Your environment is unknown to Claude. It does not know your Sentinel table names, your watchlist contents, your conditional access policies, your network topology, or any of your organizational context. This is why Projects — with uploaded reference documents and system prompts describing your environment — are essential for professional security work. They give Claude the environment context it cannot otherwise access.

The verification discipline

Every Claude output in a security context follows the same three-step pattern: Output → Verify → Deploy.

Claude generates the output. You verify it against your environment and your expertise. Only after verification do you deploy it to production.

This is not a suggestion. It is the operational discipline that separates professionals from amateurs using AI tools. The speed advantage of AI-assisted work comes from Claude generating the first draft in seconds — not from skipping the verification step.

Knowledge checks

Key takeaways

Claude is a platform, not a chatbot. Five surfaces — Claude.ai, Claude Code, Cowork, Chrome extension, and Mobile/Desktop apps — each designed for different types of work. Security professionals who only use the chat interface are using a fraction of the platform’s capability.

MCP connects Claude to your tools. Over 38 built-in connectors allow Claude to access data where it lives. Custom MCP servers can connect Claude to proprietary systems. Permissions are granular — you control access and actions.

Choose the right model tier. Sonnet for daily work. Opus for complex analysis. Haiku for simple, high-volume tasks. Start with Sonnet and escalate only when the output needs more depth.

Knowledge boundaries are real. Training cutoff, unknown environment, invisible operational context. Projects and system prompts solve the environment problem. Web search partially compensates for the cutoff.

Output → Verify → Deploy. Non-negotiable. Every Claude output in a security context must be verified before use. The speed advantage comes from Claude generating the first draft — not from skipping verification.