Thales announced the Controlled Availability of Imperva for Google Cloud, bringing the industry’s most trusted application security platform directly into Google Cloud. Designed to operate within Google Cloud, the new offering enables organizations to protect web applications and APIs by leveraging Google Cloud’s Service Extension traffic, preserving existing pipelines, integrations, and monitoring workflows.
As enterprises accelerate cloud adoption, development teams increasingly standardize on native cloud services to improve speed and reduce operational complexity. Many security solutions, however, require external routing that introduces latency and friction. At the same time, native cloud security tools often lack the depth required to protect mission-critical applications at scale, creating friction between development and security teams.
“Organizations shouldn’t have to choose between performance, simplicity, and protection,” said Tim Chang, Global Vice President and General Manager, Imperva Application Security at Thales, “With Imperva for Google Cloud, security is part of the cloud infrastructure, delivering enterprise-grade protection without disrupting how applications are built and delivered.”
Security Built into the Cloud, Not Bolted On
Rather than forcing enterprises to bolt protection on after the fact, Imperva for Google Cloud embeds advanced application security directly into the infrastructure that developers already rely on. By aligning with Google Cloud’s native architecture, Thales enables security that scales with modern application development, supporting faster innovation while maintaining the level of protection required for high-value digital services.
Security Built for Modern Applications
Imperva for Google Cloud integrates directly with Google Cloud Load Balancing using Private Service Connect, allowing traffic to remain within Google Cloud’s network while being inspected and protected.
Key capabilities include:
- Deployment without disruption — No DNS changes, SSL management, or re-architecture required
- Immediate protection with minimal tuning — High-confidence protection from day one, with policies updated daily by a dedicated threat research team
- Resilient architecture — No single point of failure; applications remain available even during disruption
- Automation-first design — API-driven deployment with Terraform support for DevOps workflows
- Reduced operational complexity for DevOps and security teams
