• Home
  • AWS WAF vs. Imperva DDoS

AWS WAF vs Imperva DDoS comparison

Cancel
You must select at least 2 products to compare!
Amazon Web Services (AWS) Logo
AWS WAF
Read 52 AWS WAF reviews
17,303 views|13,553 comparisons
82% willing to recommend
Imperva Logo
Imperva DDoS
Read 74 Imperva DDoS reviews
2,665 views|2,250 comparisons
94% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
AWS WAF vs. Imperva DDoS
March 2024
Executive Summary

We performed a comparison between AWS WAF and Imperva DDoS based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed AWS WAF vs. Imperva DDoS Report (Updated: March 2024).
Download the complete report
772,422 professionals have used our research since 2012.
Featured Review
Kolawole-Olowoporoku
Easy to configure and stable solution
We use it in the production environment. From time to time, we can see the metrics for the generated traffic on both the WAF and the infrastructure... Read more →
Anonymous User
Researched AWS WAF but chose Imperva DDoS: There is not too much to know but that it is one of the best products of this type that you can get
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The web solution effectively protects from vulnerabilities and cyber attacks.""The product's initial setup phase was very simple.""The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications.""The most valuable feature is the capability to limit access based on geographical location by restricting specific IP addresses.""The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match.""The security firewall plus the features that protect against database injections or scripting,""The solution's initial setup process is easy.""We do not have to maintain the solution."

More AWS WAF Pros →

"Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this.""There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well.""We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.""The setup of Imperva DDoS was easy.""It is an effective threat mitigation tool.""Setup was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured.""Imperva DDoS is fairly stable, and its availability is quite high.""On the real time, you can see live traffic, which is flowing into our website."

More Imperva DDoS Pros →

Cons
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure.""They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats.""In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications.""The product could be improved by expanding the weightage units of rules.""The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on.""They should work to define more threats, add more security, and make it more compliant with more security companies.""This solution could be improved if the configuration steps were more specific to WAF, compared to other cloud services.""It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."

More AWS WAF Cons →

"I would like to have support for SSL management and secure DNS.""It would be beneficial to include vulnerability management in the solution, similar to what they have for their on-premise solution.""Imperva should have more points of presence in Africa.""A limited tool if you're looking to customize.""Some maintenance must be performed by our IT team.""The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side.""We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local.""It needs to be improved every time there are new attacks."

More Imperva DDoS Cons →

Pricing and Cost Advice
  • "It's an annual subscription."
  • "There are no costs in addition to the standard licensing fees."
  • "There are different scale options available for WAF."
  • "AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
  • "It has a variable pricing scheme."
  • "We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
  • "It's quite affordable. It's in the middle."
  • "The pricing should be more affordable, especially as it pertains to small clients."

    • More AWS WAF Pricing and Cost Advice →

  • "For enterprise contracts you will be in touch with a dedicated account manager who will guide you regarding licensing."
  • "​Although the pricing can be a little high, it is worth the protection and security that it offers.​"
  • "The data packages are higher than our needs so we end up paying for data that we don't use."
  • "The cost is on par with other solutions such as Cloudflare and Akamai."
  • "It is not expensive compared to the other similar solutions in this category."
  • "It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
  • "The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay."
  • "It is expensive."

    • More Imperva DDoS Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    772,422 professionals have used our research since 2012.
    Comparison Review
    Anonymous User
    CloudFlare vs Incapsula: Web Application Firewall
    CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web Application Firewall (WAF) solutions: Incapsula and Cloudflare. This test was designed to bypass security controls in place, in any possible way, circumventing whatever filters they have. Given the rise in application-level attacks, the goal of the test was to provide IT managers of online businesses with a comparison of these WAFs against real-world threats in simulated real-world conditions. Zero Science Lab is a Macedonian Information Security Research and Development Laboratory that specializes in information security hardening, consulting, network security, vulnerability research, software and hardware security assessment, penetration testing, malware analysis, forensics and much more - https://www.zeroscience.mk Background In February 2013, we conducted the first comparative pentest analysis of the CloudFlare, Incapsula and ModSecurity Web Application Firewall (WAF) solutions. The goal of a WAF is to block hacker attacks / unwanted malicious traffic to your web application with as few false positives as possible. Since then, all three vendors had replied to the findings, applying patches to the discovered bypasses and improving their products to protect their… Read more →
    Questions from the Community
    What are the limitations of AWS WAF vs alternative WAFs?
    Top Answer:Hi Varun I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF… more »
    Read all 2 answers   →
    How does AWS WAF compare to Microsoft Azure Application Gateway?
    Top Answer:Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit for… more »
    What do you like most about AWS WAF?
    Top Answer:The most valuable feature of AWS WAF is its highly configurable rules system.
    Read all 40 answers   →
    What do you like most about Imperva Incapsula?
    Top Answer:We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
    Read all 25 answers   →
    What is your experience regarding pricing and costs for Imperva Incapsula?
    Top Answer:The solution is very affordable. It's based on the traffic utilization, the average traffic utilization, not the DDoS traffic. Therefore, if you're being DDoSed, you don't pay extra for the absorption… more »
    Read all 13 answers   →
    What needs improvement with Imperva Incapsula?
    Top Answer:It’s hard to think of an improvement. The three-second service level agreement is already better than the competition. You would ordinarily say something like API protection. However, they've got that… more »
    Read all 21 answers   →
    Ranking
    1st
    out of 82 in Web Application Firewall (WAF)
    Views
    17,303
    Comparisons
    13,553
    Reviews
    30
    Average Words per Review
    415
    Rating
    8.4
    18th
    out of 82 in Web Application Firewall (WAF)
    Views
    2,665
    Comparisons
    2,250
    Reviews
    4
    Average Words per Review
    485
    Rating
    8.3
    Comparisons
    Also Known As
    AWS Web Application Firewall
    Imperva Incapsula
    Learn More
    Amazon Web Services (AWS)
    Imperva
    Overview

    AWS Web Application Firewall (WAF) is a firewall security system that monitors incoming and outgoing traffic for applications and websites based on your pre-defined web security rules. AWS WAF defends applications and websites from common Web attacks that could otherwise damage application performance and availability and compromise security.

    You can create rules in AWS WAF that can include blocking specific HTTP headers, IP addresses, and URI strings. These rules prevent common web exploits, such as SQL injection or cross-site scripting. Once defined, new rules are deployed within seconds, and can easily be tracked so you can monitor their effectiveness via real-time insights. These saved metrics include URIs, IP addresses, and geo locations for each request.

    AWS WAF Features

    Some of the solution's top features include:

    • Web traffic filtering: Get an extra layer of security by creating a centralized set of rules, easily deployable across multiple websites. These rules filter out web traffic based on conditions like HTTP headers, URIs, and IP addresses. This is very helpful for protection against exploits such as SQL injection and cross-site scripting as well as attacks from third-party applications.
    • Bot control: Malicious bot traffic can consume excessive resources and cause downtime. Gain visibility and control over bot traffic with a managed rule group. You can easily block harmful bots, such as scrapers and crawlers, and you can allow common bots, like search engines and status monitors.
    • Fraud prevention: Effectively defend your application against bot attacks by monitoring your application’s login page with a managed rule group that prevents hackers from accessing user accounts using compromised credentials. The managed rule group helps protect against credential stuffing attacks, brute-force login attempts, and other harmful login activities.
    • API for AWS WAF Management: Automatically create and maintain rules and integrate them into your development process.
    • Metrics for real-time visibility: Receive real-time metrics and captures of raw requests with details about geo-locations, IP addresses, URIs, user agents, and referrers. Integrate seamlessly with Amazon CloudWatch to set up custom alarms when events or attacks occur. These metrics provide valuable data intelligence that can be used to create new rules that significantly improve your application protections.
    • Firewall management: AWS Firewall Manager automatically scans and notifies the security team when there is a policy violation, so they can swiftly take action. When new resources are created, your security team can guarantee that they comply with your organization’s security rules.

    Reviews from Real Users

    AWS WAF stands out among its competitors for a number of reasons. Two major ones are its user-friendly interface and its integration capabilities.

    Kavin K., a security analyst at M2P Fintech, writes, “I believe the most impressive features are integration and ease of use. The best part of AWS WAF is the cloud-native WAF integration. There aren't any hidden deployments or hidden infrastructure which we have to maintain to have AWS WAF. AWS maintains everything; all we have to do is click the button, and WAF will be activated. Any packet coming through the internet will be filtered through.”

    Imperva DDoS is a solution that offers protection for web applications and websites and all their associated business-critical data from cyberattacks. The cloud-based application delivery service helps improve user experiences by improving their performance. Through its security platform, Imperva DDoS also provides DDoS mitigation, a web application firewall, and a global load balancer, and includes a content delivery network — all designed to maximize performance.

    Imperva DDoS Features

    Imperva DDoS has many valuable key features. Some of the most useful ones include:

    • API security
    • Web application firewall
    • Bot management
    • Application delivery
    • Runtime protection (RASP)
    • Discovery and assessment
    • Data protection
    • Data risk analytics
    • Data privacy
    • Application delivery control (ADC)
    • Content delivery network (CDN)
    • DDoS mitigation
    • Global server load-balancing (GSLB)
    • Web application firewall (WAF)
    • Client-side protection
    • Runtime protection

    Imperva DDoS Benefits

    There are several benefits to implementing Imperva DDoS. Some of the biggest advantages the solution offers include:

    • Reduce web application risk: Imperva DDoS includes automatic policy creation and fast rule propagation that give your IT and security departments the ability to use third-party code without risk while working at the pace of DevOps.
    • Security from edge to database: Imperva DDoS’s WAF feature secures from edge to database, so the traffic you receive is only the traffic you want.
    • Safeguard sensitive and personal data: Imperva DDoS provides visibility into sensitive and personal data, with the controls to protect that data and the ability to unify management across cloud, on-premises, and in hybrid environments to help accommodate changing threats, new regulations, and challenging audits.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Imperva DDoS users.

    PeerSpot user, Etienne W., CDN & Cybersecurity Engineer - Web performance & security at CDN Tech / Ecritel, says, “It is a good solution that allows us to protect websites. It is stable, scalable, quick and easy to use.” He goes on to explain, “WAF protection works almost out-of-the-box. The Anti-DDoS mitigation in less than 1s, I saw it many times in production, I can say it works. CDN has high performances, and the Smart Caching mode is really "smart" (you can do some efficient caching even if you're not a specialist). Its unique interface for managing security performance and ease of use are the most valuable features of this solution."

    An IT Senior Manager at an outsourcing company mentions, “The most valuable features are DDoS protection. The Incapsula [Imperva DDoS] environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.”

    Another PeerSpot reviewer, Ben D., Sales Executive at EVVO LABS, comments, "Imperva Incapsula [DDoS] has many valuable features. One, it protects the top 10 OWASP vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."

    A Solutions Architect at a financial services firm states, “The solution's most valuable aspect is that it is easy to configure. The solution keeps itself up to date itself and there's no customization that we need to do. It makes it extremely easy and cuts back on the amount of work required, and saves us on man-hours.”

    Sample Customers
    eVitamins, 9Splay, Senao International
    Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
    Top Industries
    REVIEWERS
    Computer Software Company25%
    Manufacturing Company13%
    Media Company8%
    Financial Services Firm8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm13%
    Manufacturing Company7%
    Comms Service Provider6%
    REVIEWERS
    Financial Services Firm19%
    Non Tech Company11%
    Marketing Services Firm8%
    Insurance Company8%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company16%
    Manufacturing Company7%
    Comms Service Provider6%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise20%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise14%
    Large Enterprise63%
    REVIEWERS
    Small Business49%
    Midsize Enterprise13%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise14%
    Large Enterprise62%
    Buyer's Guide
    AWS WAF vs. Imperva DDoS
    March 2024
    Free Report: AWS WAF vs. Imperva DDoS
    Find out what your peers are saying about AWS WAF vs. Imperva DDoS and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    772,422 professionals have used our research since 2012.

    AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Imperva DDoS is ranked 18th in Web Application Firewall (WAF) with 74 reviews. AWS WAF is rated 8.0, while Imperva DDoS is rated 8.8. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and F5 Silverline Managed Services, whereas Imperva DDoS is most compared with Cloudflare, Akamai, Arbor DDoS, Radware DefensePro and Fastly. See our AWS WAF vs. Imperva DDoS report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.