Hi! We're SubImage, a YC-backed cybersecurity startup. We use graph theory to map out customer environments, helping them find and fix vulnerabilities before they get hacked.

Our tech is built around an open source tool called Cartography that we created at Lyft and donated to the Linux Foundation. It’s used by over 70 companies - including 7 in the Fortune 100 - to make sense of complex infra across AWS, Okta, GitHub, and more.

We're a small, fast-moving team passionate about security, infra, and AI. Before starting SubImage, we've worked at places like Lyft, Anthropic, and the NSA.

We’re looking for hackers - not just in the YC “I went to a hackathon once” sense, but also in the “I break into shit” sense.

At SubImage, we map out customer environments so that they can see misconfigurations and attack paths and fix them before they get hacked. Think about us as The Marauder’s Map from Harry Potter, but for cloud security.

If you’re a self-starter who loves learning about how things work one level deeper, you’ll enjoy this internship, and we’ll love your perspective on how to improve our product.

We’re YC-backed, open source-rooted, and small enough that you’ll work directly with the founders.

You might work on:

• Security research: find scary cloud vulns, highlight them using our product, blog/make videos about it
• Building and scaling data ingestion pipelines
• Developing AI agents for natural language search
• Modeling complex access relationships in graph databases
• A modern infra stack with Terraform and containers
• Finding ways to better present security insights in our next.js frontend
• Tech debt for days (jk)

You’ll like this if you:

• Want to build real tools that serious companies use
• Love learning about security, infra, or LLMs
• Want a public-facing portfolio of open source contributions

We’re a small team based in downtown San Francisco and this internship is fully in-person.

P.S.

If you read this thread and act on its advice, you will probably be ahead of 95% of applicants to this posting.

We ingest data from cloud APIs like AWS, Okta, and GitHub into a connected graph, requiring scalable pipelines, access modeling, and evolving our architecture to meet growing customer demands.

On top of the graph, we’ve built a natural language interface that lets users ask questions like:

• “What compute instances are exposed to the internet that I don’t know about?”
• “What attack paths are possible if this engineer’s laptop was stolen?”

Our stack includes:

• Languages: Python, TypeScript
• Databases: Neo4j, DynamoDB
• Infra: Docker, AWS, Terraform
• Core concepts: Graph theory, security engineering, LLM engineering (natural language search)