This is not a simple question to answer here. If you are developing the application using .net core, start here https://docs.microsoft.com/en-us/aspnet/core/security/?view=aspnetcore-3.0. This will give you some information on securing the app. Once you move to Azure, you will need to look at how to host the application and the controls that be put in place. Take a look here https://docs.microsoft.com/en-us/azure/security/develop/secure-develop it will provide some information on what to look at.
Microsoft also has a solution called Azure DevSecOps kit. https://azsk.azurewebsites.net/ this can be integrated into your development to help check that your code is secure.
In addition, try doing the standard approach.
Use HTTPS for all connections
Azure Keyvault for secrets and connection strings. Do not store secrets in code.
Application Insights for tracking what is happening in your app.
Capture logs to Log Analytics
Use encryption when storing data
Develop the code using products like Azure DevOps, so the pipelines can deployment but also scan the code for security issues
Hope this helps.