
The way we work with Bishop Fox is more like a partnership -- we collaborate closely with them to make sure each release has no vulnerabilities, but also to stay on top of security best practices, which we implement as part of our ongoing engineering and QA process.
In addition to our engagement with Bishop Fox, Shotgun stores files on the Amazon Web Services (AWS) platform, which complies with MPAA content security best practices, and we’ve adjusted our software to comply with MPAA policies. Cloud-based implementations of Shotgun are currently in use on productions from all of the major studios. And now that we’ve joined Autodesk, we have a team of eight engineers focused solely on improvements to the platform (security & performance), while other teams are working on new features.
We know that studios are in a tight spot in terms of security. Extremely compressed project timelines and the need to collaborate with globally distributed teams require the use of use cloud-based processes, while their clients’ strict requirements for securing intellectual property challenge many online methods for data sharing. We’re making big investments in security so our clients can have confidence in our tools and can demonstrate to their clients in turn that Shotgun is secure and approved for use.