How Ceros Gives Security Teams Visibility and Control in Claude Code
Summary
Claude Code, Anthropic's AI coding agent, operates on developers' machines with full developer permissions but outside traditional enterprise security controls, reading files and executing commands before security tools can monitor them. Ceros is an AI Trust Layer (a security tool that sits on a developer's machine) built by Beyond Identity that provides real-time visibility, runtime policy enforcement, and an audit trail of Claude Code's actions by capturing device context, process history, and tying sessions to verified user identities through cryptographic keys.
Solution / Mitigation
Ceros provides mitigation through installation and enrollment: developers run two commands (curl -fsSL https://agent.beyondidentity.com/install.sh | bash and ceros claude) to install the CLI and launch Claude Code through Ceros. After email verification, Ceros captures full device context (OS, kernel version, disk encryption status, Secure Boot state, endpoint protection status) in under 250 milliseconds, records the complete process ancestry with binary hashes, ties the session to a verified human identity signed with a hardware-bound cryptographic key, and creates a complete audit record accessible through the Ceros admin console showing all Claude Code sessions by user, device, and time.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/03/how-ceros-gives-security-teams.html
First tracked: March 19, 2026 at 09:00 AM
Classified by LLM (prompt v3) · confidence: 85%