New Web Application Security Reviews -- Q1 2017

What do users discuss in their web application security reviews from Q1 2017?

What have their experiences been so far this year?

In the excerpts below, users discuss valuable features and room for improvement from the following solutions:

Continue reading to read the latest web application security feedback from real users.

Imperva Incapsula

Valuable Features

“Thanks to Incapsula, we got easily manageable DDoS protection; HTTP2 and SSL certificates for all the services; CDN in good locations; and we're now sure that our web services can't be exploited remotely because of the WAF feature. Also, we can choose to whitelist/blacklist network(s) access to specific services/resources.”

-- Nikolay Voev

System Administrator

Tech services company with 201-500 employees

Room for Improvement

Reporting and the main sites dashboard could use refinement. We have a lot of sites, and scrolling through the dashboard becomes cumbersome.”

-- Steven Tipton

Application Security Architect

Hospitality company with 1,001-5,000 employees


Valuable Features

DNS Management is the most valuable feature of the product on the free plan, and the CDN options are robust on the business plan.

It offers single-point DNS management for all of the company’s domains that might be registered with different registrars.

Refreshing the site cache is very fast and easy, and the developer’s mode is also a great feature.”

-- Adrian Volcoff

Online Marketing & Development Manager

Engineering company with 501-1,000 employees

Room for Improvement

“For DDoS protection and website downtime, it would be nice to have a feature to provide email/SMS alerts that can be implemented like Pingdom and other solutions.”

-- Aum e Hani

Manager Web Development

Engineering company with 1,001-5,000 employees


Valuable Features

“The ability to identify a vulnerability, the optimal place for remediation and the correct syntax is very valuable. This feature helps ensure that the software fix is comprehensive and effective.”

-- Robert V. Jones


Tech company with 51-200 employees

Room for Improvement

Implementing a blackout time for any user or teams -- needs improvement. I need to place limits for some users or teams within a specific time frame. For example, between 02:00 to 06:00. They can't start any scanning during that time, even if they have scanner privileges.”

-- Yafes Duygulutuna

Penetration Tester



Valuable Features

“I have been working on the LTM and GTM line and both of the products are awesome. I would consider the WideIP and Zone Runner feature of GTM extremely useful. While LTM has SNAT and Virtual IP that keeps its pride going.

For the overall product, I would say provisioning is a good feature. There are other modules, too, which are good and people might want to try, such as APM and ASM. They are used for firewall and SSL VPN.”

-- Girish Vyas

Lead Customer Engineer - Service Delivery

Comms service provider with 501-1,000 employees

Room for Improvement

“The ASM administration is quite complex. I’m a technical GUI – not UX – expert. They did improve the ASM administration in each version, but added new features too.

The topic itself is pretty complex, so it’s not easy to provide a nice and clean interface. There are a lot of references and dependences in between the different sub areas.”

-- A Team Leader Mainframe & Web Services

Financial services firm with 501-1,000 employees

Fortinet FortiWeb

Valuable Features

Great IPS and web filter for small remote locations, with VPNs for tunneling to the corporate network, makes this device a solid choice for many sites.”

-- Alberto E. Luna Rodriguez

Senior Communications Analyst

Energy/utilities company with 501-1,000 employees

Room for Improvement

“It would be great if FortiWeb could provide web forms like Microsoft TMG. (For example, OWA Exchange portal or SharePoint portal.) Many of our customers are looking forward to this functionality.”

-- Rafig Feizullayev

Head of Security

Tech company with 1,001-5,000 employees

Read more of the latest 2017 web application security reviews by IT Central Station users.

Related Categories: Web Application Firewall (WAF)