SubImage
Company
Mission
Read our story
Careers
Build the future of security
Resources
Documentation
Blog
Changelog
Trust Center
Pricing
Pricing

Map your cloud and
secure everything.

SubImage (from the team behind Cartography) maps your entire cloud and on-prem infrastructure—so you know exactly what’s exposed, what’s misconfigured, and what to fix first.

Backed by
Y-Combinator
↓↓↓  secure your infra  ↓↓↓
public
EC2
role
storage bucket
Misconfiguration: Bucket is publicly accessible outside of intended route.
public
CVE
Prioritize fixing this CVE first and reset keys for affected sensitive database.
EC2
role
secure database
Access to sensitive data!
admin
secret store
key
Access to API keys!
OpenAIopenai
from vault to vendor: follow the key
role
sales database
identity platform
sales
laptop
out of date
protect the laptop, protect the org
devs
interns
This interns team looks innocuous, but can pivot into an admin role.
service
on call
role
GitHubrepo
package
package
package
CVE
This CVE is less urgent as it impacts internal resources without public access.
IoT provider
secure everything
fridge
e-bike
"temp"
find hidden trusts
Kuberneteskubes cluster
pod
image
image
CVE
know the layer, know the fix
The Problem

The modern cloud is too complex for security teams.

The average company grants access to over 106 software services.
Vulnerabilities, misconfigurations and access risks cause breaches.
Security teams either lack full visibility or rely on spreadsheets.

Attackers only need to win once. You have to win every time.
Where the heck do you even begin?

Your Vulnerabilities Made Actionable
Find and fix CVEs with visibility over your software dependencies, image lineage analysis, and organizational structure.
Misconfigurations Put into Context
AI-tailored rules adapt to your organization, avoiding generic checks and surfacing only valid and fixable findings.
Illuminate Attack Paths
Use our graph engine to map transitive risks and instantly see who has access to what.
Least Privilege Awareness
Use IAM traffic visibility to spot underutilized permissions and trim excess access.
Your Environment Secured End-to-End
Surface personalized findings across cloud and identity providers, as well as corporate security, productivity, and internal tools.
CVE
public
EC2
role
secure database
CVE
package
GitHubrepo
service
role
sales database
public
EC2
role
storage bucket
Misconfiguration: Bucket is publicly accessible outside of intended route.
interns
identity platform
role
sales database
admin
secure database
secret store
key
public
EC2
role
sales database
role
admin
identity platform
sales
interns
devs
service
key
from vault to vendor: follow the key
OpenAIopenai
CVE
know the layer, know the fix
image
pod
Kubernetescluster
"temp"
find hidden trusts
IoT provider
secure everything
fridge
update
laptop
The Problem

The modern cloud is too complex for security teams.

The average company grants access to over 106 software services.
Vulnerabilities, misconfigurations and access risks cause breaches.
Security teams either lack full visibility or rely on spreadsheets.

Attackers only need to win once. You have to win every time.
Where the heck do you even begin?

Your Vulnerabilities Made Actionable
Find and fix CVEs with visibility over your software dependencies, image lineage analysis, and organizational structure.
Misconfigurations Put into Context
AI-tailored rules adapt to your organization, avoiding generic checks and surfacing only valid and fixable findings.
Illuminate Attack Paths
Use our graph engine to map transitive risks and instantly see who has access to what.
Least Privilege Awareness
Use IAM traffic visibility to spot underutilized permissions and trim excess access.
Your Environment Secured End-to-End
Surface personalized findings across cloud and identity providers, as well as corporate security, productivity, and internal tools.

Software that maps your infrastructure.

Agentless, Zero Maintenance

SubImage connects via a secure read-only API. Fully managed and agentless—no installs, no performance impact, no upkeep.

Asset Inventory

Continuously discover and map all your assets—across cloud, SaaS, and on-prem—into a single living graph. Gain instant visibility into resources, relationships, and ownership without manual effort or fragmented spreadsheets.

Flexible Integrations & Open APIs

Validate raw data, see how findings were derived, and adapt rules without opaque pipelines or lock-in. Query directly, connect with SIEM, SOAR, or ticketing systems, and automate your workflows.

AI-Powered Detective

Cut down on security theater with conversational interfaces that explain why something matters and what to do next.

Open-Core Alternative to Wiz.

Buy confidence, not tools. SubImage delivers a managed CNAPP built on open foundations you can inspect, extend, and trust.

Speed of Buy, Freedom of Build

Polished experience, open foundations. Built on Cartography—the open security graph we built at Lyft—every rule and relationship is visible and reproducible. Fix, extend, or introspect instantly if something breaks instead of being blocked on vendor tickets or hidden schemas.

No Pay-to-Play Integrations

Other CNAPPs make vendors pay to appear in your dashboard. SubImage connects to anything—no gated ecosystem, no blind spots.

Toxic Combinations are So 2021

Exploitable and actionable findings are table stakes. SubImage adds whats missing: relevance. Our graph and AI surface issues that actually make sense for your architecture, maturity, and risk profile.

Community-Powered Velocity

A shared open foundation that moves fast. Build, connect, and understand anything. Need help? Were here.

42k downloads
of Cartography per month
110+ contributors
to the Cartography open-source project

Every integration you need.

Coverage across all the tools you use, out of the box.

SaaS
Google
Google Workspace
GitHub
GitHub
PagerDuty
PagerDuty
Airbyte
Airbyte
… and more
Security Threat & Vuln Management
Trivy
Trivy
Semgrep
Semgrep
CrowdStrike
CrowdStrike
SentinelOne
SentinelOne
… and more
Cloud Services
AWS
AWS
Azure
Azure
Google Cloud
Google Cloud
Oracle Cloud
Oracle Cloud
DigitalOcean
DigitalOcean
Kubernetes
Kubernetes
Scaleway
Scaleway
… and more
Identity & Access
Okta
Okta
Entra
Entra
Keycloak
Keycloak
Duo
Duo
LastPass
LastPass
… and more
AI Providers
Anthropic
Anthropic
OpenAI
OpenAI
… and more
Networking & Edge
Cloudflare
Cloudflare
Tailscale
Tailscale
… and more
CorpSec Solutions
Kandji
Kandji
Snipe-IT
Snipe-IT
Jamf
Jamf
BigFix
BigFix
… and more

Meet the upgrade.

Compare to:
Competitors
Cartography
SubImage
SubImage
Wiz
Orca
Infra mapping
Access to underlying graph
API-first access for automation and custom workflows
Cloud support
Agentless deployment
Historical data
Prioritized risk fixes
Ask in plain English
Audit on-prem assets
Extend visibility to on-prem, IoT, and OT systems
Customizable integrations
Model internal services and data through simple, schema-based hooks.
SubImage
SubImage
Cartography
Cartography
Infra mapping
Cloud support
Agentless deployment
Historical data
Prioritized risk fixes
Ask in plain English
RBAC and SSO
Built by talent from
Anthropic
Lyft
NSA
Microsoft

Give your security team an unfair advantage.

Attackers think in graphs. You should too.

What kind of security tool is SubImage? CNAPP? CSPM? PAM? Something else?

SubImage checks the CNAPP, CSPM, and PAM boxes—cloud misconfigurations, access visibility, identity integrations—but it goes further by giving you a complete, queryable map of who can access what, and why. We help your team move from alert fatigue to decisive action with clear paths to remediation, grounded in context, not guesswork.

Can we query our data directly or integrate SubImage into our existing dashboards and workflows?

Absolutely. Your graph is fully queryable, and you can integrate it with your SIEM, SOAR, or ticketing systems using our API and integrations.

Is SubImage fully managed, or do we need to maintain it?

SubImage is fully managed. We handle everything behind the scenes—no maintenance, no updates to worry about, and no complex configurations. You get insights and actions without operational headaches.

What's the difference between Cartography and SubImage?

Cartography is an open-source project that maps cloud assets and relationships. We built it at Lyft in 2019. SubImage takes that core and delivers a fully managed experience: we host and operate Cartography for you. We handle data updates, database maintenance, and scaling. We add compliance and security layers on top. And we provide a natural language chatbot to query your graph and get instant answers.

In short: SubImage gives you the power of Cartography without the DIY pain.

How fast can we get value from SubImage?

You can connect your environment and start seeing actionable insights in hours—not days.

How does SubImage integrate with our existing cloud and on-prem infrastructure?

SubImage connects via read-only API access—no agents, no invasive installs.

We integrate directly with major cloud providers like AWS, GCP, and Azure, as well as identity systems like Okta and SaaS providers like GitHub. The full list is available here.

For on-prem or hybrid environments, we connect through a proxy you control, allowing SubImage to securely pull data from inside your environment over private, encrypted tunnels. This gives you full control over the connection. We only access what you permit, when you permit it.

You can bring in context from any system—cloud, SaaS, or on-prem — to build a complete view of access and risk.

How secure is SubImage?

SubImage is built with security as a first principle.

Agentless: Nothing to install on your systems or workloads.

Read-only access: We use the minimum necessary permissions.

No secrets stored: We never retain your credentials.

Your environment stays in your control—we simply analyze what’s already there, and help you reduce risk without adding it, and without impacting performance.

SubImage
Platform
ProductPricingBook a Demo
Company
MissionCareers
Contact Us
Resources
DocumentationBlogChangelogTrust Center