- The Government of Alberta assessed 466 million lines of government code in about 20 hours using Claude Code with roughly 50 agents working in parallel.
- Alberta estimates the same review would have taken about 6.5 years with traditional methods.
- The Ministry of Technology and Innovation maintains roughly 1,280 applications and 3,400 code repositories across all 27 provincial ministries.
- Where scans found vulnerabilities, Claude Code often generated, tested, and built fixes — writing tests first where none existed — with engineers approving every patch before it shipped.
What Happened
Since 2025, the Government of Alberta has used Claude Code with Anthropic’s Opus and Sonnet models to review its systems, find vulnerabilities, and fix them, according to an Anthropic case study published July 6, 2026. A team inside Alberta’s Ministry of Technology and Innovation assessed 466 million lines of code in about 20 hours and remediated security gaps across government systems.
Why It Matters
Government systems are often old, insecure, and incompletely documented, yet they hold highly sensitive data — in Alberta’s case, tax records, procurement data, and social services case files. “By using AI to find and fix vulnerabilities across our systems, we accomplished in hours what would have taken a traditional approach years to complete,” said Nate Glubish, Alberta’s Minister of Technology and Innovation. The Ministry estimates its accumulated technical debt — insecure code, unaddressed bugs, outdated software — runs into the billions of dollars.
Technical Details
The Ministry maintains roughly 1,280 applications and 3,400 code repositories for all 27 provincial ministries. Around 50 agents worked autonomously and in parallel, running a two-stage routine: a rules engine first flagged known patterns, then a review pass cited the exact file and line for each finding so developers could verify them. The 20-hour scan is one Alberta estimates would otherwise have taken about 6.5 years. Where a fix was needed, Claude Code could generate, test, and build it — writing tests first when a system lacked them — and rebuilt code too outdated to patch; a subsidy-portal originally hand-coded in Java about 25 years ago, which took five months to build the first time, was rebuilt in as little as four to five days. A “red team” agent probes each application from the outside while a “blue team” agent assesses defenses against an international security standard, checking every application against roughly 95 security controls per pass, built on the Claude Agent SDK.
Who’s Affected
The work most directly affects Alberta’s 27 ministries and the residents whose sensitive records those systems hold. Anthropic is publishing the case as a template for other governments, and Alberta has released technical white papers documenting its approach. The Ministry is also training staff and the public through the Alberta AI Academy, which it says thousands of government employees and more than 10,000 members of the public have used.
What’s Next
Alberta plans to expand from reviewing and modernizing existing code to using AI agents that build entirely new software alongside engineers. The numbers come from the government and Anthropic rather than an independent audit, so the durable test is whether the remediated systems hold up and whether other governments replicate the 466-million-line, 20-hour result on their own codebases.