SubImage
Platform
Attack Path Analysis
Internet exposure → crown jewels
Vulnerability Management
For GRC and actual security. Container image lineage.
CSPM
Cloud security posture frameworks
AI Asset Inventory
Powered by graph ontology
Company
Mission
Read our story
Careers
Build the future of security
Resources
Documentation
Blog
Changelog
Trust Center
Pricing
Pricing

Map your cloud and
secure everything.

SubImage (from the team behind Cartography) maps your entire cloud and on-prem infrastructure—so you know exactly what’s exposed, what’s misconfigured, and what to fix first.

Backed by
Y-Combinator
Trusted by:
Veriff
Neo4J
↓↓↓  secure your infra  ↓↓↓
The Problem

The modern cloud is too complex for security teams.

The average company grants access to over 106 software services.
Vulnerabilities, misconfigurations and access risks cause breaches.
Security teams either lack full visibility or rely on spreadsheets.

Attackers only need to win once. You have to win every time.
Where the heck do you even begin?

Your Vulnerabilities Made Actionable
Find and fix CVEs with visibility over your software dependencies, image lineage analysis, and organizational structure.
Misconfigurations Put into Context
AI-tailored rules adapt to your organization, avoiding generic checks and surfacing only valid and fixable findings.
Illuminate Attack Paths
Use our graph engine to map transitive risks and instantly see who has access to what.
Least Privilege Awareness
Use IAM traffic visibility to spot underutilized permissions and trim excess access.
Your Environment Secured End-to-End
Surface personalized findings across cloud and identity providers, as well as corporate security, productivity, and internal tools.
The Problem

The modern cloud is too complex for security teams.

The average company grants access to over 106 software services.
Vulnerabilities, misconfigurations and access risks cause breaches.
Security teams either lack full visibility or rely on spreadsheets.

Attackers only need to win once. You have to win every time.
Where the heck do you even begin?

Your Vulnerabilities Made Actionable
Find and fix CVEs with visibility over your software dependencies, image lineage analysis, and organizational structure.
Misconfigurations Put into Context
AI-tailored rules adapt to your organization, avoiding generic checks and surfacing only valid and fixable findings.
Illuminate Attack Paths
Use our graph engine to map transitive risks and instantly see who has access to what.
Least Privilege Awareness
Use IAM traffic visibility to spot underutilized permissions and trim excess access.
Your Environment Secured End-to-End
Surface personalized findings across cloud and identity providers, as well as corporate security, productivity, and internal tools.

Software that maps your infrastructure.

Agentless, Zero Maintenance

SubImage connects via a secure read-only API. Fully managed and agentless—no installs, no performance impact, no upkeep.

Asset Inventory

Continuously discover and map all your assets—across cloud, SaaS, and on-prem—into a single living graph. Gain instant visibility into resources, relationships, and ownership without manual effort or fragmented spreadsheets.

Flexible Integrations & Open APIs

Validate raw data, see how findings were derived, and adapt rules without opaque pipelines or lock-in. Query directly, connect with SIEM, SOAR, or ticketing systems, and automate your workflows.

AI-Powered Detective

Cut down on security theater with conversational interfaces that explain why something matters and what to do next.

Open-Core Alternative to Wiz.

Buy confidence, not tools. SubImage delivers a managed CNAPP built on open foundations you can inspect, extend, and trust.

Speed of Buy, Freedom of Build

Polished experience, open foundations. Built on Cartography—the open security graph we built at Lyft—every rule and relationship is visible and reproducible. Fix, extend, or introspect instantly if something breaks instead of being blocked on vendor tickets or hidden schemas.

No Pay-to-Play Integrations

Other CNAPPs make vendors pay to appear in your dashboard. SubImage connects to anything—no gated ecosystem, no blind spots.

Toxic Combinations are So 2021

Exploitable and actionable findings are table stakes. SubImage adds whats missing: relevance. Our graph and AI surface issues that actually make sense for your architecture, maturity, and risk profile.

Community-Powered Velocity

A shared open foundation that moves fast. Build, connect, and understand anything. Need help? Were here.

42k downloads
of Cartography per month
130+ contributors
to the Cartography open-source project

Every integration you need.

Coverage across all the tools you use, out of the box.

SaaS
Airbyte
Airbyte
GitHub
GitHub
GitLab
GitLab
Google
Google Workspace
PagerDuty
PagerDuty
Slack
Slack
… and more
Networking & Edge
Cloudflare
Cloudflare
Tailscale
Tailscale
… and more
Cloud Services
AWS
AWS
Azure
Azure
DigitalOcean
DigitalOcean
Google Cloud
Google Cloud
Kubernetes
Kubernetes
Oracle Cloud
Oracle Cloud
Scaleway
Scaleway
Spacelift
Spacelift
… and more
Security Threat & Vuln Management
CrowdStrike
CrowdStrike
Semgrep
Semgrep
SentinelOne
SentinelOne
Trivy
Trivy
… and more
CorpSec Solutions
BigFix
BigFix
Jamf
Jamf
Kandji
Kandji
Snipe-IT
Snipe-IT
… and more
Identity & Access
Duo
Duo
Entra
Entra
Keycloak
Keycloak
LastPass
LastPass
Okta
Okta
… and more
AI Providers
Anthropic
Anthropic
OpenAI
OpenAI
… and more

Meet the upgrade.

Compare to:
Competitors
Cartography
SubImage
SubImage
Wiz
Orca
Infra mapping
Access to underlying graph
API-first access for automation and custom workflows
Cloud support
Agentless deployment
Historical data
Prioritized risk fixes
Ask in plain English
Audit on-prem assets
Extend visibility to on-prem, IoT, and OT systems
Customizable integrations
Model internal services and data through simple, schema-based hooks.
SubImage
SubImage
Cartography
Cartography
Infra mapping
Cloud support
Agentless deployment
Historical data
Prioritized risk fixes
Ask in plain English
RBAC and SSO
Built by talent from
Anthropic
Lyft
NSA
Microsoft

Give your security team an unfair advantage.

Attackers think in graphs. You should too.

What kind of security tool is SubImage? CNAPP? CSPM? PAM? Something else?

SubImage checks the CNAPP, CSPM, and PAM boxes—cloud misconfigurations, access visibility, identity integrations—but it goes further by giving you a complete, queryable map of who can access what, and why. We help your team move from alert fatigue to decisive action with clear paths to remediation, grounded in context, not guesswork.

Can we query our data directly or integrate SubImage into our existing dashboards and workflows?

Absolutely. Your graph is fully queryable, and you can integrate it with your SIEM, SOAR, or ticketing systems using our API and integrations.

Is SubImage fully managed, or do we need to maintain it?

SubImage is fully managed. We handle everything behind the scenes—no maintenance, no updates to worry about, and no complex configurations. You get insights and actions without operational headaches.

What's the difference between Cartography and SubImage?

Cartography is an open-source project that maps cloud assets and relationships. We built it at Lyft in 2019. SubImage takes that core and delivers a fully managed experience: we host and operate Cartography for you. We handle data updates, database maintenance, and scaling. We add compliance and security layers on top. And we provide a natural language chatbot to query your graph and get instant answers.

In short: SubImage gives you the power of Cartography without the DIY pain.

How fast can we get value from SubImage?

You can connect your environment and start seeing actionable insights in hours—not days.

How does SubImage integrate with our existing cloud and on-prem infrastructure?

SubImage connects via read-only API access—no agents, no invasive installs.

We integrate directly with major cloud providers like AWS, GCP, and Azure, as well as identity systems like Okta and SaaS providers like GitHub. The full list is available here.

For on-prem or hybrid environments, we connect through a proxy you control, allowing SubImage to securely pull data from inside your environment over private, encrypted tunnels. This gives you full control over the connection. We only access what you permit, when you permit it.

You can bring in context from any system—cloud, SaaS, or on-prem — to build a complete view of access and risk.

How secure is SubImage?

SubImage is built with security as a first principle.

Agentless: Nothing to install on your systems or workloads.

Read-only access: We use the minimum necessary permissions.

No secrets stored: We never retain your credentials.

Your environment stays in your control—we simply analyze what's already there, and help you reduce risk without adding it, and without impacting performance.

SubImage
Platform
ProductPricingBook a Demo
Company
MissionCareers
Contact Us
Resources
DocumentationBlogChangelogTrust CenterStatus