Published on: July 16, 2026
4 min read
Use AI-driven security reasoning to detect authorization gaps, business-logic errors, and race conditions while code is still under review.
Static scanners excel at catching vulnerabilities that fit a known pattern, like unsanitized query inputs, hardcoded secrets, and unsafe deserialization. They struggle against flaws in your application’s logic, where there is no pattern to match — only valid code doing the wrong thing for your domain. Undetected, these flaws surface late and cost more to fix.
Security Review Flow, now in public beta, scrutinizes code changes the way a security engineer would. It traces intent rather than matching signatures to catch logic flaws before they hit production. It's a major step toward uncovering dangerous flaws that scanners usually miss.
The most damaging application vulnerabilities often look correct line by line, but violate context the code doesn't contain, like your authorization model, data sensitivity rules, and intended workflows. Consider three of the most common vulnerability classes:
Access and authorization: Whether a user may read or change a resource is defined by your authorization model, not any language construct. Broken object level authorization (accessing another user's data by changing an ID) has topped the OWASP API Security Top 10 since 2019.
Data exposure: Serializing an object and returning it is ordinary, correct-looking code. Whether it leaks depends on which fields are sensitive and who receives them — facts about your domain, not your syntax.
Control flow and workflow: Business-logic and race-condition flaws occur when valid operations run in the wrong order, repeat unexpectedly, or get manipulated. Examples include checkout reachable without payment, a state re-entered under a race, or a parameter tweaked to change a price.
Catching these flaws has previously required manual security review, which is expensive to scale across every merge request (MR), or penetration testing and bug bounties, which arrive too late. The result is a growing gap between the pace of development and how quickly security expertise can be applied.
Security Review Flow, a foundational flow on GitLab Duo Agent Platform, closes that gap by reasoning about what your code is meant to do. It detects exactly the classes of flaws described above: Broken object level authorization and function level authorization, missing authorization on state-changing operations, information disclosure, mass assignment, business logic errors, and race conditions in stateful workflows.
It complements traditional scanners and human analysis rather than replacing them, and it reviews code at the point of change, when a fix is cheapest. GitLab's own application security team has used Security Review Flow across internal MRs throughout its development.
See Security Review Flow in action:
When your MR is ready, request a review from Duo Security Review
, the same way you would from a person. It analyzes the diff in context: the original files, changed lines, MR discussion, and related code. Its reasoning is optimized for precision, and an independent validation pass examines each finding to filter out likely false positives.
Findings appear as diff threads on the relevant lines, along with a summary in an internal note. On public projects, they’re confined to the internal note, so security details aren’t exposed.
Each finding arrives with the context reviewers need:
Severity determines the reviewer state: A critical or high finding sets it to Request changes, while medium or low findings result in Comment. The flow never approves, even when it finds nothing — a human always owns the final call.
From there, mention your organization’s Duo Security Review service account in a comment thread to ask a question, discuss remediation, or challenge a finding. Resolve each finding by applying the fix as a standard MR suggestion, dismissing it as a false positive, or accepting the risk. After committing your fixes, request a fresh review to check what changed.
Security Review Flow is in public beta for GitLab Ultimate customers. It is available on GitLab.com, GitLab Self-Managed, and GitLab Dedicated.
Learn how to get started in the Security Review Flow documentation.
You can get access to Security Review Flow with a free trial of GitLab Duo Agent Platform. Already a GitLab Ultimate subscriber? Turn on Duo Agent Platform and use the GitLab Credits included with your subscription.
Cost varies with the complexity of the diff and the model you select, so try it on a few MRs before running it broadly. Pricing may be updated at general availability.
Share what you find in our feature feedback issue, so your input shapes what we build.
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum.
Share your feedbackStart building faster today
See what your team can do with the intelligent orchestration platform for DevSecOps.
Facts Only
* GitLab released Security Review Flow in public beta on July 16, 2026.
* Security Review Flow is a feature of the GitLab Duo Agent Platform.
* The tool is available to GitLab Ultimate customers on GitLab.com, GitLab Self-Managed, and GitLab Dedicated.
* The tool identifies authorization gaps, business-logic errors, and race conditions during code review.
* It analyzes merge request diffs, original files, changed lines, MR discussions, and related code.
* Findings are presented as diff threads or internal notes.
* Critical or high severity findings set the reviewer state to "Request changes."
* Medium or low severity findings result in a "Comment."
* Users can interact with the tool via the Duo Security Review service account.
* Costs vary based on diff complexity and the selected model.
* A free trial of the GitLab Duo Agent Platform provides access to the tool.
Executive Summary
GitLab has introduced Security Review Flow, an AI-driven security analysis tool designed to detect complex logic flaws—such as broken object-level authorization and race conditions—that traditional static scanners typically miss. Unlike pattern-matching tools, this system reasons about the intended behavior of the code within the context of the specific application domain, aiming to catch vulnerabilities before they reach production.
The tool integrates directly into the merge request workflow, providing severity-based feedback and allowing developers to discuss remediations with an AI service account. While it automates the detection of high-risk logic errors, it does not replace human judgment; the tool never autonomously approves code, ensuring a human reviewer maintains final authority. Access is currently limited to GitLab Ultimate subscribers, with pricing tied to the complexity of the code changes and the AI models utilized.
Full Take
The strongest version of this narrative is that AI is finally bridging the "expertise gap" in security, moving from simple syntax checking to nuanced semantic reasoning. By automating the detection of business-logic flaws, the tool potentially reduces the reliance on expensive, late-stage penetration testing and empowers developers to secure their code in real-time.
However, this is a classic vendor advertorial. The narrative relies on a specific persuasion vector: identifying a high-stakes pain point (the "growing gap" between development speed and security expertise) and positioning a proprietary product as the only viable bridge. The evidence for the tool's efficacy is provided by the vendor's own internal security team, creating a closed loop of validation where the creator is also the primary witness to the product's success.
The underlying paradigm is the "automation of intuition." It assumes that security reasoning can be reduced to a set of AI-driven heuristics and that "intent" can be accurately inferred from a diff. The second-order consequence is a potential atrophy of human security expertise; if developers rely on a "Duo" agent to flag logic errors, the critical thinking required to architect secure systems may shift from the human to the model.
Patterns detected: ARC-0032 Authority Game, ARC-0011 Fear Appeal
How would a developer's relationship with security change if the "reasoning" happens in a black box? If the AI fails to catch a logic flaw it claimed to protect against, where does the liability and trust reside? What would a third-party, independent audit of this tool's precision look like compared to the vendor's internal report?
Counterstrike Scan: A coordinated campaign would use the "fear of the invisible flaw" to create urgency, then present a proprietary AI tool as the sole "intelligent" solution to a problem humans can no longer scale to meet. The content matches this structural pattern by framing the limitation of static scanners as a systemic risk that only their specific AI platform can resolve.
Sentinel — Human
This text reads like a professionally written technical blog post designed to introduce a specific product feature by framing a recognized industry problem with a proposed, context-aware solution.
