SubImage

Clear Maps for Complex Cloud Environments

Book a demo with the founders

graph-example

Backed by Y Combinator

Handle Complexity with Confidence

🔒 Know Who Has Access to What

Understand permissions and reduce security risks in your cloud environment.

🌐 Understand Your Internet Exposure

Visualize and manage your public-facing assets effectively.

☁️ Ingest from All Vendors, Clouds, and On-Prem

Bring all your data together and connect the dots across all supported providers.

Query with Natural Language (preview)

Ask questions like:

🪣 Which S3 buckets allow public read or write access?
🔑 Which credentials haven’t been rotated in over 90 days?
🖥️ Which servers are running an out-of-date OS?

Just use your words.

Chatbot Interaction

Enrich and Customize

Add your organization’s data to your graph.

🛡️ Which of your company’s directors own the most security risk?
🔓 Who has admin access within each SaaS and Cloud platform, and who is their manager?
📂 What are your company’s storage buckets grouped by team?

SubImage allows you to extend the graph with your own data using a simple schema definition. Here’s an example:

- node_label: TeamMember
  node_properties:
    - email
    - title
    - employee_id
    - id
  schema_version: 1
  relationships:
    - rel_label: MEMBER_OF_TEAM
      target_node_label: Team
      field: team_id
      target_field: id
      direction_inward: False
      rel_properties: null
  tenant_rel:
    rel_label: MANAGED_BY_ORG
    target_node_label: Organization
    field: org_id
    target_field: id
    direction_inward: True
  data_path: s3://my-bucket/team-members.json

Our Story

SubImage is a fully managed offering built around the Cartography open-source project, originally created at Lyft in 2019 and donated to The Linux Foundation in 2024. Founded by members of Cartography’s original team, SubImage brings self-maintaining maps to organizations that need visibility but lack resources to manage the infrastructure themselves. Inspired by attacker mindsets, SubImage helps security teams deeply understand their environments to reduce risk.

About us

Alex Chantavy // Co-founder & CEO

alex

Co-creator of Cartography
13+ year infosec career, building capabilities years ahead of what was commercially available at Lyft, Microsoft, and the NSA
Architected and built Lyft’s vulnerability management platform, led penetration tests for Microsoft’s Red Team, developed tools and techniques for NSA’s Computer Network Exploitation mission

Kunaal Sikka // Co-founder & President

kunaal

Former Lyft Staff Engineer and Member of Technical Staff at Anthropic
Architected Lyft’s next-generation SIEM, insider abuse program, and vulnerability management platform, reducing security risks and driving cross-organizational change
Won Microsoft’s internal employee hackathon as a high school intern, delivering protoype for what became LinkedIn’s QR feature

Get Started

Do you think in graphs?

Book a demo with the founders