Cursor Security Review is now available for Teams and Enterprise plans. Run two types of always-on agents: 1. Security Reviewer checks every PR for vulnerabilities and leaves comments. 2. Vulnerability Scanner runs scheduled scans of your codebase and posts findings in Slack. https://t.co/TKaqYKJxm8
Cursor Launches Managed Security Agents to Audit Pull Requests and Track Fixes
· Updated
Cursor launched Security Review for Teams and Enterprise plans, featuring managed agents that audit pull requests and perform scheduled codebase scans. This shifts security from a manual checkpoint to an autonomous, always-on background process that scales with AI-driven development. The system uses LLMs to verify if reported vulnerabilities are actually resolved by analyzing incremental code diffs.
- Availability
- Teams and Enterprise plans
- Agent types
- Security Reviewer, Vulnerability Scanner
- Triggers
- Git events, cron schedules
- Integrations
- Slack, MCP, GitHub, GitLab
- Key metrics
- Vulnerabilities found, issues fixed, resolution rate
- Execution environment
- Cloud Agents or self-hosted pools
This release formalizes Cursor's security agent templates previously shared from its own internal fleet. As agentic coding accelerates development cycles, manual security reviews become a bottleneck. Managed security agents provide a continuous safety net, mirroring the multi-agent review patterns recently introduced in Claude Code Ultrareview.
Configure these agents via the Security Review Dashboard to trigger on Git events or cron schedules. They support custom instructions and MCP integrations to report findings to Slack. Cursor also tracks a resolution rate, using LLMs to verify if vulnerabilities were fixed. This is available for Teams and Enterprise subscribers.
Still wondering? A few quick answers below.
Every HeadsUpAI update is written based on its original source and reviewed before it's published. Read our editorial standards →



