We can help! See how in our AWS Shoto Case Study

Curious how Builder.ai helped Shoto Inc? Read this case study.

Greig Robertson

Digital Content Lead
· 2 minute read

Who is Builder.ai?

We are on a mission to unlock everyone’s potential with the power of software! Our combined approach of AI, automation and talented humans means that your background, tech knowledge or budget will never hold you back.

Learn more about us

How Builder.ai helped Shoto Inc. gain more visibility with AWS and provided them enhanced continuous security?

Client: Shoto

After starting with a third-party, cloud platform as a service, Shoto decided to switch to Amazon Web Services (AWS) because it offered greater flexibility and better integration across Shoto’s deployment stack. However with this improved visibility and performance gain, Shoto had to rethink their security strategies to safeguard their applications from any unauthorised, unwanted access. This was also important since they were storing users private photos which required enhanced security which should be realtime and automated.

Business challenges

Delivering a fast, simple, and private photo-sharing experience was the goal at Shoto, but in the early days, when things went wrong with various security issues and attempted compromise attempts. They just had basic security group setup but no audit or security standards defined or compiled with. This made them lack in-terms of industry standards for a private photo-sharing application.

Customer requirements

  • Enhanced continuous security
  • CIS Compliance
  • Auditing Capabilities
  • Proactive notification of security events


Shoto runs 30 hosts primarily using Amazon Elastic Compute Cloud. Its deployment stack includes Ruby on Rails, MongoDB, and Redis. The company also relies on Amazon Simple Storage Service for storing photos.


In order to ensure continuous enhanced security compliance we used the following main tools :-

For monitoring resources and checking compliance:

  • AWS Security Hub
  • AWS Cloudtrail
  • AWS Config
  • AWS Guard Duty

For triggering notifications when resources stop being complaint or configuration changes:

  • AWS CloudWatch and SNS

For Storage of the logs for historical analysis:

  • AWS S3 Standard

Compliance is checked periodically, at least every 24 hours.

For providing enhanced security to the instances we used AWS KMS service to encrypt the databases at rest. Along with that we switched to IAM roles to ensure that instances could run AWS services on behalf of the user.



Business Outcome:

Enhanced Continuous Security: This was achieved by utilising AWS Guard Duty, which continuously scanned all logs and provided a collective findings in 1 central dashboard, making it easier to manage and action on. All logs as a matter of process were stored in AWS S3.

CIS Compliance : This was achieved by utilising AWS Security hub, which gives a comprehensive view of the high-priority security alerts and compliance status.

Auditing Capabilities: This was achieved utilising AWS Config which enables Shoto Team to assess, audit, and evaluate the configurations.

Join the Builder.ai community

Stay up-to-date with the latest industry trends

By proceeding you agree to Builder.ai's privacy policy and terms and conditions

Greig Robertson

Digital Content Lead

Greig is the Digital Content Lead at Builder.ai and a University of Bristol History grad. He has 5+ years’ experience in B2B SaaS, creating data-driven, human-friendly content for high-growth tech startups. When Greig needs a dopamine hit, he checks Builder.ai’s keyword rankings.

Table of contents

Your apps made to order

Trusted by the world's leading brands

BBC logoMakro logoVirgin Unite logoNBC logoFujitsu logo
Your apps made to order

Related articles

10 Myths About Cloud Computing

10 Myths About Cloud Computing

Are you curious about what’s true and what’s not around cloud computing?

Greig Robertson

· 5 minute read
Cloud, what? Answering your burning questions about the cloud

Cloud, what? Answering your burning questions about the cloud

Over the last several years, one word has dominated: “cloud.”

Greig Robertson

· 4 minute read
6 common challenges when migrating to the cloud

6 common challenges when migrating to the cloud

Want to save time and money? Read on, Builders.

Greig Robertson

· 5 minute read

Related case studies

C-DIT (KITE Project)

CDIT Kite Project AWS Cloud Case Study - Builder Cloud

Check out how we helped C-DIT (KITE Project), Kerala government’s classroom tool for teachers and students – to improve server response time by 60%.

C-DIT (Chief Minister’s Distress Relief Fund)

C-DIT (Chief Ministers's Distress Relief Fund) - Case Study

Builder.ai developed a solution for C-DIT with Infrastructure which was highly available, scalable and agile to handle such huge load with minimal manual intervention.


Frankfinn AWS Cloud Migration Case Study - Builder Cloud

Check out how we helped Frankfinn – the number 1 cabin crew training institute – migrate their Windows-based applications to the AWS cloud.

Got questions?

Head to our FAQ page for in-depth answers

Read FAQs