Take Azure web apps, and it's deployment slots for continuous deployment, couple it with SQL technologies, and add the security features from security center, and the analytics from applications insight and you got an award-winning combination that just works.
Things you might want to take a look at:
* App Service Advisor: provides insights for improving app experience on the App Service platform.
* Application Insights.
* Deployment slots.
* MySQL in-app (not intended for prod!)
And of course, do check the advanced tools for command line access.
Once again, not that I dislike it but it's more of a budget thing, if you want true security for your web exposed PaaS web application, you will want to add a WAF into the mix, however depending on usage (traffic) it can get a bit pricey.
Also, bear in mind that if you add a WAF you also get DDOS protection for free.
Start with a small and budget-friendly plan and scale accordingly.
A PCI compliant Cloud / PaaS based solution.