A Project in Corridor represents a codebase (typically a repository) that you want to secure. Each repository you add to Corridor becomes a Project that is continuously monitored and guarded.
Key concepts
- One repo = one project: When you import a repository, Corridor indexes its code and sets up security guardrails specific to that project. All findings, pull request reviews, and guardrail configurations are associated with that project
- Required for scanning: Corridor only monitors code that has been explicitly added as a project. If a repository isn’t added, Corridor will ignore its PRs and won’t apply guardrails to it
- Multiple projects: You can add multiple repositories as separate projects, each with possibly different guardrail settings tailored to their context
Project limits
| Tier | Max Projects |
|---|
| Pro | 5 |
| Team | 20 |
| Enterprise | Unlimited |
Creating a project
From your IDE
The simplest way to create a project:
- Open a Git repository in your IDE
- Ensure you’re signed in to Corridor
- Click Register Project in the Corridor panel
- Select your team
From the dashboard
Create projects directly in the web dashboard:
- Go to app.corridor.dev
- Click New Project
- Enter a project name
- Connect a GitHub repository (optional)
- Select the team
Initial scan and guardrail generation
Once added, Corridor immediately:
- Scans the codebase to understand the project’s technology stack
- Identifies frameworks and languages in use
- Auto-generates security guardrails tailored to that project
- Starts analyzing any new code changes
This process happens fairly quickly and requires no action on your part.
Connecting GitHub
To enable PR reviews, connect your project to a GitHub repository:
- Go to Project Settings → GitHub
- Click Connect GitHub
- Authorize Corridor to access your repository
- Toggle on Automated PR Reviews
Once connected, every pull request is automatically reviewed for security vulnerabilities.
Project settings
Access settings by clicking the gear icon on any project:
General
- Name: Display name for the project
- Description: Optional project description
- Team: Which team owns this project
GitHub integration
- Repository: Linked GitHub repository
- PR Reviews: Enable/disable automated reviews
- Status Checks: Require Corridor review before merge
Guardrails
Configure which guardrails are active for this project. By default, projects inherit their team’s guardrail settings, but you can customize per-project. This allows tailoring security to the context of that repo (for example, enabling web-specific guardrails on a web app project, and different ones on an infrastructure-as-code repo).
You can further refine a project’s guardrails (including adding custom ones on Team/Enterprise plans) in the Guardrails settings.
Project activity
PR Reviews
See all automated reviews for this project:
- Open your project
- Click PR Reviews
- View reviews with status and findings count
- Click any review to see details
Findings
View security findings discovered in this project:
- Open your project
- Click Findings
- Filter by state, severity, or source
Guardrail Invocations
See real-time security analysis from IDE usage:
- Open your project
- Click Guardrails or Activity
- View invocations with compliance status
Project analytics
View metrics for your project:
- PR review volume: Reviews over time
- Findings by severity: Distribution of issues
- Guardrail pass/fail rates: How often guardrails are triggered
- Remediation progress: Open vs. closed findings
Archiving projects
Archive projects you no longer actively maintain:
- Go to Project Settings
- Click Archive Project
- Confirm the action
Archived projects:
- Don’t appear in the main project list
- Stop processing new PR reviews
- Retain all historical data
- Can be restored later
Deleting projects
Deleting a project permanently removes all associated data including findings, reviews, and analytics.
- Go to Project Settings
- Click Delete Project
- Type the project name to confirm
- Click Delete
Next steps
