Is an ASE required for PCI SAQ A-EP compliance? or as long as the web application is correctly secured, simply using 'standard' Web Apps will provide the necessary network security required for compliance.
Our design would have Application Gateway in front of the Web Apps and the web application would use Azure SQL.
Thanks for your help