We have an internal application exposed via gcp\'s internal load balancer. I want to protect it from ddos and other OWASP common vulnerabilities like SQL injection, Corss-site s
