Learning About LLM-Based Zero-Day Hunting with Claude Code’s Opus 4.6

Checkmarx evaluates Anthropic's Claude Opus 4.6 and LLM-based vulnerability hunting, finding that while LLMs can surface real zero-day vulnerabilities, their effectiveness is highly context-dependent, prone to false positives or rediscovering known issues, and requires expert validation; LLMs are best used as a complement to, not a replacement for, established AppSec tools and processes.