The researcher who helped 250 companies promise to write safer software is now building the tools that actually do it.
At 15, Jack Cable found a vulnerability in a financial website and sent off a responsible disclosure email. That single act put him on a path that would take him through the Pentagon, the U.S. Senate, two stints at CISA, and eventually to a San Francisco startup building security rails for AI-generated code - all before turning 26.
Cable is CEO and co-founder of Corridor, which raised a $25M Series A in March 2026 at a $200M valuation. Corridor's thesis: AI coding assistants like Cursor are writing more and more production code, and that code has a security problem. Corridor sits in between - understanding codebases' security models, refactoring unsafe patterns, and adding guardrails so AI-generated code doesn't ship vulnerabilities at scale.
Before Corridor, Cable spent years at CISA as Senior Technical Advisor, where he was one of the principal architects of the Secure by Design initiative - a campaign that convinced 250+ software manufacturers including Google, Microsoft, and AWS to commit to measurable improvements in software security. It was the kind of work that changes how an industry thinks. Cable decided it wasn't enough.
His career reads like someone kept skipping grades. Defense Digital Service straight out of high school. TechCongress fellowship advising U.S. senators on election security. Election infrastructure scanning at CISA before the 2020 vote. Ransomwhere, a crowdsourced tracker that mapped $32 million in ransom payments. A top-100 HackerOne ranking. TIME Magazine's Most Influential Teens at 17. Congressional testimony at 25.
The through-line isn't a subject matter - it's a bias toward fixing things upstream. Find the bug before it ships. Change the policy before the attack. Build the guardrail before the AI writes the code.
AI is going to write more and more code. The question is whether that code will be secure.
Cable co-founded Corridor with Stanford classmate Ashwin Ramaswami on a single observation: AI coding assistants are writing production code at a rate that security teams aren't equipped to review. The existing tooling - static analyzers, linters, SAST tools - was built for humans writing code, not AI agents generating thousands of lines per session.
Corridor's Agentic Coding Security Management (ACSM) platform does three things: it builds a model of a codebase's security architecture, identifies and refactors unsafe patterns, and adds context-aware guardrails that operate at the point of AI code generation. The idea is to shift security left of the shift-left tools.
The seed round closed in August 2025 with $5.4M from Conviction VC and angels including Bugcrowd founder Casey Ellis, Duo Security co-founder Jon Oberheide, and engineers from Anthropic, OpenAI, Cursor, Cognition, Factory, and Lovable. The Series A followed in March 2026 - $25M at $200M valuation, led by Felicis, with Lux Capital, Datadog, and SV Angel alongside.
Customers include Cursor itself - the AI editor that Corridor's own platform helps secure - creating a recursively interesting relationship between tool and guardrail.
Secure by Design started as a CISA position paper and became something harder to produce: an industry-wide commitment with specific, measurable goals. Cable was one of the principal architects of both the initiative and the Pledge - the document that asked software manufacturers to publicly commit to seven concrete security improvements over 12 months.
The ask was pointed: reduce default passwords, eliminate whole classes of vulnerabilities, increase multi-factor authentication adoption. Not vague commitments to "take security seriously" but specific, verifiable changes with accountability built in.
More than 250 companies signed, including essentially every major software manufacturer. Whether the pledges translate to durable change is a question the industry is still working through - which is part of why Cable started building tools instead of writing more policy.
"Secure by Design is important. But someone has to build the tools that make it real."
"The goal of Corridor is to understand the security model of a codebase, refactor unsafe patterns, and add guardrails around AI coding assistants."
"AI is going to write more and more code. The question is whether that code will be secure."
"Bug bounties are great for finding vulnerabilities after the fact, but we need to shift left - catch problems before they ship."
"Secure by Design is important. But someone has to build the tools that make it real."
A cybersecurity podcast co-hosted by Cable and Corridor CSO Alex Stamos, focused on security in the age of AI. Episodes cover everything from agentic coding security to the state of government cyber policy, with guests from across the security and AI industries.
The age at which Cable found his first vulnerability and responsibly disclosed it - setting the trajectory for everything that followed.
Public GitHub repositories, including the official CISA Crossfeed tool and Ransomwhere, which tracked $32M+ in ransomware payments through crowdsourcing.
Separate stints at CISA - one as Election Security Technical Advisor before 2020, and one as Senior Technical Advisor from 2023 to January 2025.
Employees at Corridor as of Series A close. From founded to $200M valuation in under a year of operations.
Amount saved for ransomware victims when Cable found a decryption workaround for an active strain - earning recognition from the U.S. Secretary of Homeland Security.
His finish in Hack the Air Force at age 17, which directly led to his role at the Defense Digital Service. Same story, always: find the problem, fix the problem, build from there.