New Web Application Security Reviews -- Q1 2017

Customer Success Manager at PeerSpot

Published:May 22, 2017

What do users discuss in their web application security reviews from Q1 2017?

What have their experiences been so far this year?

In the excerpts below, users discuss valuable features and room for improvement from the following solutions:

Continue reading to read the latest web application security feedback from real users.

Imperva Incapsula

Valuable Features

“Thanks to Incapsula, we got easily manageable DDoS protection; HTTP2 and SSL certificates for all the services; CDN in good locations; and we're now sure that our web services can't be exploited remotely because of the WAF feature. Also, we can choose to whitelist/blacklist network(s) access to specific services/resources.”

-- Nikolay Voev

System Administrator

Tech services company with 201-500 employees

Room for Improvement

“Reporting and the main sites dashboard could use refinement. We have a lot of sites, and scrolling through the dashboard becomes cumbersome.”

-- Steven Tipton

Application Security Architect

Hospitality company with 1,001-5,000 employees

CloudFlare

Valuable Features

“DNS Management is the most valuable feature of the product on the free plan, and the CDN options are robust on the business plan.

It offers single-point DNS management for all of the company’s domains that might be registered with different registrars.

Refreshing the site cache is very fast and easy, and the developer’s mode is also a great feature.”

-- Adrian Volcoff

Online Marketing & Development Manager

Engineering company with 501-1,000 employees

Room for Improvement

“For DDoS protection and website downtime, it would be nice to have a feature to provide email/SMS alerts that can be implemented like Pingdom and other solutions.”

-- Aum e Hani

Manager Web Development

Engineering company with 1,001-5,000 employees

Checkmarx

Valuable Features

“The ability to identify a vulnerability, the optimal place for remediation and the correct syntax is very valuable. This feature helps ensure that the software fix is comprehensive and effective.”

-- Robert V. Jones

Founder

Tech company with 51-200 employees

Room for Improvement

“Implementing a blackout time for any user or teams -- needs improvement. I need to place limits for some users or teams within a specific time frame. For example, between 02:00 to 06:00. They can't start any scanning during that time, even if they have scanner privileges.”

-- Yafes Duygulutuna

Penetration Tester

Turkcell

F5 BIG-IP

Valuable Features

“I have been working on the LTM and GTM line and both of the products are awesome. I would consider the WideIP and Zone Runner feature of GTM extremely useful. While LTM has SNAT and Virtual IP that keeps its pride going.

For the overall product, I would say provisioning is a good feature. There are other modules, too, which are good and people might want to try, such as APM and ASM. They are used for firewall and SSL VPN.”

-- Girish Vyas

Lead Customer Engineer - Service Delivery

Comms service provider with 501-1,000 employees

Room for Improvement

“The ASM administration is quite complex. I’m a technical GUI – not UX – expert. They did improve the ASM administration in each version, but added new features too.

The topic itself is pretty complex, so it’s not easy to provide a nice and clean interface. There are a lot of references and dependences in between the different sub areas.”

-- A Team Leader Mainframe & Web Services

Financial services firm with 501-1,000 employees

Fortinet FortiWeb

Valuable Features

“Great IPS and web filter for small remote locations, with VPNs for tunneling to the corporate network, makes this device a solid choice for many sites.”

-- Alberto E. Luna Rodriguez

Senior Communications Analyst

Energy/utilities company with 501-1,000 employees

Room for Improvement

“It would be great if FortiWeb could provide web forms like Microsoft TMG. (For example, OWA Exchange portal or SharePoint portal.) Many of our customers are looking forward to this functionality.”

-- Rafig Feizullayev

Head of Security

Tech company with 1,001-5,000 employees

Read more of the latest 2017 web application security reviews by IT Central Station users.

Explore related topics

Web Application Firewall (WAF)

Product comparison that may be of interest to you

Cloudflare

56 Reviews

Imperva DDoS

74 Reviews

Buyer's Guide

Web Application Firewall (WAF)

April 2024

Download Free Report

Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF). Updated: April 2024.

DOWNLOAD NOW

768,415 professionals have used our research since 2012.

Related Questions

Satya Prakash Jha

Regional Sales Manager at a tech company with 501-1,000 employees

Sep 4, 2023

Which product would you choose: A10 Thunder TPS, Cloudflare or Corero?

See 1 answer

Nuwan Chathuranga

Team Lead - Network and Security at Connex Information Technologies

Sep 4, 2023

A10 Thunder TPS and Cloudflare are both security solutions that offer protection against various types of threats. Also, they have more or less similarities in terms of their general objectives, they serve different functions and can complement each other in certain circumstances. 01. If we Take A10 TPS it could provide Layered Security advanced DDoS protection, intrusion prevention, and traffic filtering capabilities at the network level. Cloudflare, on the other hand, offers web application security, content delivery, and DNS protection. Combining both solutions creates a layered security approach, addressing threats at different levels of the network stack. 02. A10 TPS DDOS Protection particularly designed for DDOS mitigation and detection in effective manner. When it comes to Cloudflare it has some enriched DDOS capabilities in their CDN. By combining both the solutions together will help to protect web applications against the volumetric and DDOS attacks. 03. Cloudflare offers load balancing and traffic steering capacities, allowing organizations to deliver traffic effectively all over the multiple data centers. When combined with A10 TPS, it will ensure that legitimate traffic is delivered to your network while malicious traffic is blocked. 04. A10 TPS leverages threat intelligence to recognize, and block known malicious traffic. Cloudflare also will offers threat intelligence and can be configured to work seamlessly with A10 TPS to share their threat intel data while increasing the accuracy of threat detection and response. 05. Cloudflare is content delivery network (CDN), that can help to accelerate to delivery of web content to users in all over the globe. A10 TPS will help to protect the CDN infrastructure from DDoS attacks by assuring uninterrupted content delivery When it comes to the deployment it is important, that the effectiveness of this combination depends on organizational use case, network infrastructure, and security constraints. Proper configuration and continues monitoring are vital to safeguard that both A10 TPS and Cloudflare combination of deployment to protect your assets from many threats. Furthermore, the selection of security solutions should align with organization's specific security policies and compliance requirements.

Read full answer

Ned Capoeira

Works at SNC-Lavalin Group

Dec 15, 2021

What are the pros and cons of F5 BIG-IP Local Traffic Manager (LTM) vs Microsoft Azure Application Gateway for a large construction company?

Hi @SaurabhPal, @Yudi Aritonang, @PradeepKumar11, @Sukun Jain, @Roopesh P and @reviewer1433010, Can you please chime into this question and share your knowledge with @Ned Capoeira?

See 1 answer

Evgeny Belenky

Director of Community at PeerSpot (formerly IT Central Station)

Dec 15, 2021

Hi @SaurabhPal, @Yudi Aritonang, @PradeepKumar11, @Sukun Jain, @Roopesh P and @reviewer1433010, Can you please chime into this question and share your knowledge with @Ned Capoeira?

Read full answer

Netanya Carmi

Content Manager at PeerSpot (formerly IT Central Station)

May 11, 2022

Top 3 Application Delivery Controllers (ADC) Tools 2022

PeerSpot takes a user-centered approach to creating product comparisons that help IT decision-makers arrive at informed decisions. Instead of relying on the word of the companies that create the technological solutions, they go to the users themselves. Real users offer true feedback without any of the partiality that the solutions’ vendors may have. This is a place where peers in the tech world...

Netanya Carmi

Content Manager at PeerSpot (formerly IT Central Station)

Apr 25, 2022

Top 8 Distributed Denial of Service (DDOS) Protection Tools 2022

PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 8 Distributed Denial of Service (DDOS)...

Deena Nouril

Tech Blogger

Aug 5, 2022

What is OWASP Top 10 in 2022

What is OWASP? The OWASP or Open Web Application Security Project is a nonprofit foundation dedicated to improving software security. It operates under an open community model, meaning that anyone can participate in and contribute to OWASP-related online chats and projects. The OWASP ensures that its offerings (online tools, videos, forums, events, etc.) remain free and are easily accessible th...

See 2 comments