platoseedplatoseed
Software that maps your infrastructure. Open core alternative to Wiz
SubImage builds maps of your infrastructure to give you visibility on what assets you have and how they relate to each other. This enables any security team to deeply understand their environments and reduce risk. SubImage is a managed offering built around the Cartography open-source project, and is founded by members of Cartography's original team.
SubImage provides an open-core CNAPP solution that maps your entire cloud and on-prem infrastructure to reveal exposures, misconfigurations, and actionable fixes. It positions itself as an open foundations alternative to Wiz, offering a fully managed, agentless platform with a focus on graph-based risk context.
SubImage connects via a secure read-only API to continuously discover and map assets across cloud, SaaS, and on-prem into a single living graph. It offers agentless deployment, asset inventory, flexible integrations with SIEM/SOAR/ticketing, AI-powered explanations of findings, and an open foundation that is fully queryable and extendable. The product emphasizes context-aware remediation paths, transitive risk mapping, least-privilege visibility, and integration-friendly data pipelines, all while being a managed service with no agent maintenance required.
Who it’s for: Security teams and cloud/DevSecOps teams at medium to large enterprises needing full visibility into cloud and on-prem infrastructure, risk-based prioritization, and an open-core, customizable CNAPP solution.
Hiring/traction mentions implied by open-source Cartography ecosystem, active community contributions (Cartography downloads and contributors), and product positioning as a growing CNAPP/open-core alternative.
Co-founder & CEO at SubImage. Former Staff Engineer at Lyft: Created https://cartography.dev, the open source security graph. Built first-of-its-kind container scanning and remediation platform. Former Security Engineer on Microsoft Red Team: did cloud hacking before it was cool. Worked on [REDACTED] at the NSA.
Co-founder at SubImage. Previously Member of Technical Staff at Anthropic and Staff Engineer at Lyft. At Lyft, reported directly to CISO, new grad to Staff Engineer in 4 years. Architected SIEM, insider abuse, and vulnerability management platforms. Graduated from University of Washington CS in 2 years.
The open-core alternative to Wiz
SubImage maps an organization’s infrastructure to identify attack paths and high-impact risks, built on Cartography’s open-source security graph. It offers a hosted solution for security teams to view, prioritize, and remediate risky configurations and access issues across cloud, SaaS, and internal services.
How SubImage’s homepage introduced itself over the years — each line is the page title the web actually saw, linked to that moment’s archived capture.
Zero code network tracer
Continuous offensive security for the enterprise.
