We performed a comparison between AWS WAF vs. Imperva Web Application Firewall based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: AWS WAF and Imperva Web Application Firewall come out about equal in this comparison. AWS WAF has a slight edge when it comes to pricing, but Imperva Web Application Firewall has a slight edge when it comes to support.
"The most valuable features of AWS WAF are its cloud-native and on-demand."
"The most valuable feature is the capability to limit access based on geographical location by restricting specific IP addresses."
"The stability of AWS WAF is valuable."
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"The solution is stable."
"It is Amazon. Everything is scalable. It is beyond what we need."
"The web solution effectively protects from vulnerabilities and cyber attacks."
"The most valuable feature is the way it blocks threats to external applications."
"The solution has been quite stable. I have not seen any bugs at all."
"There are a number of features that are valuable such as the account takeover and various antivirus features."
"The compliance is the most valuable aspect."
"Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code."
"The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications."
"The solution can scale."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network."
"They should make the implementation process faster."
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"An improvement area would be that it's more of a manual effort when you have to enable rules. That's one of the downsides. If that can be done in an automated way, it would be great. That's a lagging feature currently."
"We haven't faced any problems with the solution."
"It's a bit difficult to apply the right rules for the right security."
"The cost management has room for improvement."
"The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on."
"The UI interface needs improvement."
"It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size. Learning capability of the device is quite weak."
"I would like the solution to improve its support response time."
"I don't really use it and therefore can't speak to areas of improvement."
"It is complicated to integrate the solution's on-cloud version with other platforms."
"There could be some limitations that from the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go. Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering."
"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."
"The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you."
More Imperva Web Application Firewall Pricing and Cost Advice →
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 46 reviews. AWS WAF is rated 8.0, while Imperva Web Application Firewall is rated 8.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Cloudflare Web Application Firewall and Fortinet FortiWeb, whereas Imperva Web Application Firewall is most compared with F5 Advanced WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb, Azure Front Door and Prisma Cloud by Palo Alto Networks. See our AWS WAF vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.