Specialty Chemicals Company Multi-Cloud Security Case Study

Multi-Cloud Security Strengthened for a Specialty Chemicals Company

The customer approached us to strengthen multi-cloud security across Azure and AWS. Using Barracuda web security, Fortinet firewall, SAFE, Microsoft Defender, and AWS Security Hub, the engagement closed governance gaps and delivered a resilient, future-ready hybrid-cloud ecosystem.

Customer Overview

Chemical & Petrochemical Customer

A renowned Indian chemical & petro-chemical company, known for its commitment to quality and innovation. With a wide domestic and international reach, it delivers sustainable products while embracing modern practices and expanding its market footprint.

Location

Mumbai, India

Company size

5,001-10,000 Employees

Problem Statements

We identified key problems that need to be addressed to deliver a solution aligned with the customer’s problem

Inconsistent Multi-Cloud Posture

Azure cloud security and AWS security environments were managed separately using distinct tools and policies. Limited cross-cloud visibility made incident correlation and consistent configuration enforcement difficult, weakening the overall multi-cloud security architecture.

Frequent False Positives in WAF Policies

Default WAF rule sets in Barracuda web security and Fortinet firewall were overly restrictive, blocking legitimate traffic. This disrupted critical business applications and created coordination challenges between security and application teams.

Limited Cloud Security Monitoring & Risk Awareness

No centralized dashboard existed for unified monitoring across Microsoft Defender, Security Hub, and firewall telemetry. Manual processes delayed detection and response to potential threats, weakening web security and governance visibility.

Gaps in Server Vulnerability Management

Windows and Linux servers lacked regular Vulnerability Assessment and Penetration Testing (VAPT) and Patching Cycles. Missing patch validation processes created potential audit and compliance risks.

Our Methodology

The approach established a resilient, future-ready hybrid cloud environment, strengthening web security posture, simplifying management, and enabling faster detection and remediation of potential threats.

01 Discovery & Diagnosis

Zarthi conducted an in-depth assessment of the client’s Azure and AWS environments, identifying fragmented security tools, inconsistent configurations, limited cross-cloud visibility, and gaps in firewall, WAF, and server vulnerability management. The evaluation highlighted operational inefficiencies, audit and compliance risks, and opportunities for automating monitoring, incident response, and remediation workflows.

02 Solutioning

Implemented a multi cloud security framework across Azure and AWS, optimizing Fortinet firewall, Barracuda web security, and automating monitoring and remediation using AWS Security Hub. Enforced governance ensured a resilient, compliant, and unified multi cloud security architecture.

03 Execution & Delivery

Application & Network Security Hardening:

Barracuda (Azure): Fine-tuned WAF and Next Generation Firewall (NGF), 30% fewer false positives. Implemented HA with Azure Load Balancer. Resolved bug affecting WA agent on fixed IPs.
Fortinet (AWS): Optimized NGF and WAF for web/API protection. Enhanced VPC segmentation and routing. Integrated telemetry with AWS Security Hub.

Cloud Security Posture Management (CSPM):

Deployed SAFE for cyber risk tracking. Integrated Microsoft Defender (Azure) & AWS Security Hub for continuous monitoring.
Centralized CSPM dashboard for risk scoring, compliance, and automated alerting. Automated high-severity remediation, 25% faster MTTR.

Endpoint & Server Security Management:

Regular VAPT for Windows and Linux servers.
Monthly patching with validation, 100% closure for critical/high vulnerabilities.

Governance & Audit Alignment:

Security Change Review Framework, dual approval for firewall/WAF changes.
Security Risk Register to track issues, mitigation, and closure.
Audit support with detailed evidence and post-resolution validation.

Business Impact

We delivered measurable business outcomes that validate the effectiveness of the solution

75%+

Reduction in WAF false positives through precision rule tuning and validation

80%+

Improvement in overall cloud security posture, as measured through SAFE

90%+

Patch compliance for critical vulnerabilities within SLA

60%+

Faster incident response with automated alert correlation

100%+

Major audit observations, achieving full compliance readiness.

Relevant Industries

Manufacturing

Chemical & Petrochemical

Problem Statements

Business Impact