Azure Security Baseline, Container Security and Blue Team Enablement for a Trading Corporation

Background

An international trading corporation with approximately 500 employees had largely migrated its infrastructure to Azure without establishing a comprehensive security concept for the cloud environment. Containerised applications were running in Azure Kubernetes Service but were not systematically scanned for vulnerabilities. A dedicated security team for detecting and handling security incidents in the cloud did not exist. Management recognised the need for action and decided to build both the technical safeguards and the organisational capabilities in parallel.

Measures

Wenske Cyber Solutions was commissioned to design and implement a comprehensive cloud security strategy. We developed and implemented an Azure Security Baseline that defines mandatory security configurations for all cloud resources. For the container environment, we integrated AKS and ACR with CrowdStrike Cloud Security (CSPM) to automatically detect misconfigurations and vulnerabilities. Container images are now scanned in the CI/CD pipeline before reaching production, complemented by runtime protection and policy enforcement. In parallel, we developed a CSPM concept with clear responsibilities, escalation paths, and reporting structures. To enable the internal Blue Team, we designed and delivered training sessions and workshops for security, platform, and DevOps teams, focusing on cloud detection, incident handling, and monitoring.

Results

The corporation now has a consistently secured Azure environment with binding security standards. Vulnerabilities in container images are detected before they reach production systems. CSPM reporting provides management with a continuous overview of the security posture. The internal Blue Team is operationally capable and independently detects, assesses, and handles security events.