AI is writing more code than humans—and much of it isn’t secure. Corridor’s founders think they’ve found a way to catch the mistakes before attackers do.
Catherine Collins
The day after Ashwin Ramaswami lost the Georgia State Senate race in November 2024, his phone rang. It was Jack Cable, a friend and former colleague at the DHS with a simple pitch: “Why don’t we start a company?”
Two months later, they’d launched Corridor to address an inconvenient truth for modern software: a growing share of production code is being written by AI, and a lot of it is arriving with the digital equivalent of unsecured doors and a welcome mat.
On Wednesday, Corridor announced $25 million in funding led by Felicis at a $200 million valuation. Among its angel investors are some high-profile names from the AI industry, including Anton Osika, billionaire CEO at vibe coding giant Lovable, and Christina Cacioppo, chief executive at $4 billion AI compliance company Vanta, as well as Mike Krieger, Instagram cofounder and now chief product officer at Anthropic.
Corridor’s product is an AI system that watches over both AI and human operators as they code, issuing alerts when vulnerabilities arise as the software is being written. The human can then make an informed decision on how to fix the problem before the code goes live.
“The speed of code creation is totally outpacing the speed of security review.” – Jake Storm, VC at Felicis
It comes at a time when a glut of AI-generated code is being put online, prime for hackers to exploit. A recent study from code security company Veracode found that, while some premier AI models were getting better at writing secure code, all major AI systems were still regularly introducing vulnerabilities in basic coding tasks. Even OpenAI’s GPT-5 model still included a known vulnerability in one in four coding tasks it was given by Veracode.
“In the past 18 months, we’ve gone from all code being written by humans to the vast majority of code being written by AI,” Cable says. “Our focus at Corridor is to make sure that as AI continues to enable exponential gains in software development, security doesn’t stay the bottleneck.”
Cable and Ramaswami, both now 26, claim their AI is better at finding vulnerabilities than a human, which is as much cause for optimism as it is for anxiety. “There’s massive potential here to build more secure by design products,” Cable tells Forbes. “Even when AI is exploiting a vulnerability, more often than not it’s not inventing anything new, it’s finding a known class of vulnerability and, as it turns out, AI can do a far better job than humans, even myself, of both finding and preventing them.”
Corridor’s current customers are a mix of AI coding providers and security companies, including $365 million-valued AI customer service startup Pylon and Sublime Security, an AI email security startup that’s scored $240 million funding to date and a $950 million valuation.
Aashish Kapur, an engineer at Pylon, says his team is able to ship code faster because they don’t have to wait for a person to find and fix security issues; Corridor is doing that job for them. Sublime’s chief security officer, Andrew Becherer, tells Forbes Corridor had caught potentially severe vulnerabilities before they shipped inside Sublime’s own security product, “the kind of thing a human reviewer will have extreme difficulty finding due to complexity.”
“With the volume of AI-generated code increasing, the security review workload is getting worse,” Becherer explains. “The code comes in fast and it looks right, but it’s not always secure.” Corridor is able to identify exactly how and where it’s not secure, filling the role of code reviewer, he adds.
Cable and Ramaswami met at Stanford. Cable soon moved into working on election cybersecurity in 2020 at CISA, where he moved on to lead the Secure By Design project, a voluntary initiative that worked with companies like Microsoft and Google to ensure exploitable bugs weren’t being written into widely-used products. He left DHS in January last year, amid layoffs and concerns the Trump department was eviscerating the agency. Before his stint in government, Cable had a reputation as one of the world’s foremost bug hunters, identifying over 350 vulnerabilities in software made by tech giants like Google and Facebook, as well as flaws in government agency systems, including the Department of Defense.
Ramaswami also worked on election security at CISA, though left in 2023 to briefly take a tech policy role at Schmidt Futures, the philanthropic VC company founded by former Google CEO Eric Schmidt and his wife Wendy. Then came his run for office. “Both of us have always been very interested in public service and finding ways to do things that help make the world more secure,” Ramaswami says. “That’s something which drove us both in terms of the work we did in government, but also has driven us in terms of what we’re focusing on here in Corridor.”
The founders are planning to use the new funding to expand their research and sales teams, as they look to hire top tier talent. Last year, they tapped former Facebook chief information security officer Alex Stamos for the same role at Corridor. They’ve also recruited Joel Wallenstrom, ex-CEO at encrypted comms app Wickr, as general manager.
Corridor is among many AI-focused security companies who’ve been making hay in a VC funding boom in the AI cyber market. Last year, security testing company Tenzai was valued at $330 million within six months of founding with a $75 million seed round. Irregular, a $450 million startup testing the safety of models at Anthropic and OpenAI, raised $80 million.
Jake Storm, the Felicis investor who led the Corridor round, says the rush to invest in the market is born out of a need to keep up with the explosive growth of AI-generated apps. “The volume of code has exploded, but if you think about security expertise per line of code, that’s like completely collapsed… the speed of code creation is totally outpacing the speed of security review,” he says. “Actually being able to be proactive in a meaningful way is quite hard to do, but we think Corridor is doing it.”
This story was originally published on forbes.com and all figures are in USD.
Want to see more Forbes articles on your feed? Tap here to make Forbes Australia a preferred source on Google.
Look back on the week that was with hand-picked articles from Australia and around the world. Sign up to the Forbes Australia newsletter here or become a member here.
