We can help! See how in our AWS Shoto Case Study

Curious how Builder.ai helped Shoto Inc? Read this case study.

Greig Robertson

Digital Content Lead
· 2 minute read

Who is Builder.ai?

We are on a mission to unlock everyone’s potential with the power of software! Our combined approach of AI, automation and talented humans means that your background, tech knowledge or budget will never hold you back.

Learn more about us

How Builder.ai helped Shoto Inc. gain more visibility with AWS and provided them enhanced continuous security?

Client: Shoto

After starting with a third-party, cloud platform as a service, Shoto decided to switch to Amazon Web Services (AWS) because it offered greater flexibility and better integration across Shoto’s deployment stack. However with this improved visibility and performance gain, Shoto had to rethink their security strategies to safeguard their applications from any unauthorised, unwanted access. This was also important since they were storing users private photos which required enhanced security which should be realtime and automated.

Business challenges

Delivering a fast, simple, and private photo-sharing experience was the goal at Shoto, but in the early days, when things went wrong with various security issues and attempted compromise attempts. They just had basic security group setup but no audit or security standards defined or compiled with. This made them lack in-terms of industry standards for a private photo-sharing application.

Customer requirements

  • Enhanced continuous security
  • CIS Compliance
  • Auditing Capabilities
  • Proactive notification of security events


Shoto runs 30 hosts primarily using Amazon Elastic Compute Cloud. Its deployment stack includes Ruby on Rails, MongoDB, and Redis. The company also relies on Amazon Simple Storage Service for storing photos.


In order to ensure continuous enhanced security compliance we used the following main tools :-

For monitoring resources and checking compliance:

  • AWS Security Hub
  • AWS Cloudtrail
  • AWS Config
  • AWS Guard Duty

For triggering notifications when resources stop being complaint or configuration changes:

  • AWS CloudWatch and SNS

For Storage of the logs for historical analysis:

  • AWS S3 Standard

Compliance is checked periodically, at least every 24 hours.

For providing enhanced security to the instances we used AWS KMS service to encrypt the databases at rest. Along with that we switched to IAM roles to ensure that instances could run AWS services on behalf of the user.



Business Outcome:

Enhanced Continuous Security: This was achieved by utilising AWS Guard Duty, which continuously scanned all logs and provided a collective findings in 1 central dashboard, making it easier to manage and action on. All logs as a matter of process were stored in AWS S3.

CIS Compliance : This was achieved by utilising AWS Security hub, which gives a comprehensive view of the high-priority security alerts and compliance status.

Auditing Capabilities: This was achieved utilising AWS Config which enables Shoto Team to assess, audit, and evaluate the configurations.

Join the Builder.ai community

Stay up-to-date with the latest industry trends

By proceeding you agree to Builder.ai's privacy policy and terms and conditions

Greig Robertson

Digital Content Lead

Greig is the Digital Content Lead at Builder.ai and a University of Bristol History grad. He has 5+ years’ experience in B2B SaaS, creating data-driven, human-friendly content for high-growth tech startups. When Greig needs a dopamine hit, he checks Builder.ai’s keyword rankings.

Table of contents

Your apps made to order

Trusted by the world's leading brands

BBC logoMakro logoVirgin Unite logoNBC logoFujitsu logo
Your apps made to order

Related articles

10 Myths About Cloud Computing

10 Myths About Cloud Computing

Are you curious about what’s true and what’s not around cloud computing?

Cloud, what? Answering your burning questions about the cloud

Cloud, what? Answering your burning questions about the cloud

Over the last several years, one word has dominated: “cloud.”

6 common challenges when migrating to the cloud

6 common challenges when migrating to the cloud

Want to save time and money? Read on, Builders.

Real success stories from real customers

See how companies like yours used Builder.ai’s app platform to help them achieve their business goals

How we helped the BBC run a world-class event experience

BBC Click producers needed an app that enabled their live audience to interact with polls and questions, which Builder.ai delivered in double-quick time.

How we saved Makro 98.3% on order management software costs

Asia’s largest cash and carry needed software that could scale with their rapid growth, so we built them something that allowed them to onboard new customers without technical hiccups.

How we helped Moodit’s users “crowdsource” positivity

With our help, Dr Hassan Yasin created a mental health app designed to help children and adolescents express their worries and improve their social connectedness.

Got questions?

Head to our FAQ page for in-depth answers

Read FAQs