The Government of Alberta has used Claude Code, running both Opus and Sonnet models, to scan and remediate security vulnerabilities across its provincial IT systems, Anthropic said this week.
A team within Alberta's Ministry of Technology and Innovation, which maintains roughly 1,280 applications and 3,400 code repositories across all 27 provincial ministries, put around 50 agents to work scanning 466 million lines of code in 20 hours, a task the Ministry estimates would otherwise have taken about six and a half years. Most of that code had never undergone a systematic security review, and the accumulated technical debt runs into the billions of dollars.
Where the scan flagged vulnerabilities, Claude Code was often able to generate fixes, write missing tests, and in some cases rebuild outdated systems entirely. One subsidy portal, originally hand-coded in Java roughly 25 years ago and requiring five months to build, was rebuilt in as little as four to five days. All patches were reviewed and approved by Ministry engineers before deployment.

The Ministry has also built specialised "red team" and "blue team" review agents on the Claude Agent SDK, checking each application against roughly 95 security controls per pass.
Alongside the technical work, the Ministry has been training people through its Alberta AI Academy, which has taught thousands of government employees and more than 10,000 members of the public the basics of effective AI use.
Minister Nate Glubish said the work showed what "responsible government looks like in the AI era."
Looking ahead, one ministry alone runs 185 legacy applications in production; Alberta plans to use Claude Code to consolidate these into 16 modern, reusable applications. The Ministry is hosting an industry day in Edmonton in July to share its findings with other governments, and plans to scale its approach across the provincial government from the autumn.
