Rodrigo GarciaPhysical Designer at Semtech Corporation
George OndegoManager, IS Security & Infrastructure at Fintech Kenya Limited
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The initial setup was very straightforward. Deployment took about ten minutes or less."
"The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match."
"The security firewall plus the features that protect against database injections or scripting,"
"The most valuable feature is the scalability because it automatically scales up or scales down as per our requirements."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"AWS has flexibility in terms of WAF rules."
"This product supplies options for web security for applications accessing sensitive information."
"Its best feature is that it is on the cloud and does not require local hardware resources."
"The compliance is the most valuable aspect."
"It mitigates all of the availabilities of risks around web applications."
"There are some features that are configured by default, so even without doing much, it can still provide a level of protection."
"The solution is very scalable. It is one of the most important features. You can also expand resources and features as well."
"Data masking is the most valuable feature of this solution."
"The dynamic profiling of websites is the solution's most valuable feature. The security is also good."
"Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
"If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."
"They should work to define more threats, add more security, and make it more compliant with more security companies."
"The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively."
"For now, there is no feature to protect against attack of the bad bots"
"I would like to be able to view a graphical deployment map in the user interface that will give me an overview of the configuration and help to determine whether I have missed any steps."
"It's a bit difficult to apply the right rules for the right security."
"When users choose the free service, there isn't great support available to them."
"The technical support does not respond to bugs in the coding of the product."
"The pricing model is complicated."
"It's a complicated tool to keep."
"Their portal is very limited and needs improvement."
"It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."
"The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you."
"Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved."
"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."
"I think that better bot protection is needed in this solution."
"The user interface could be better."
"AWS is not that costly by comparison. They are maybe close to $40 per month. I think it was between $29 or $39."
"It has a variable pricing scheme."
"We are kind of doing a POC comparison to see what works best. Pricing-wise, AWS is one of the most attractive ones. It is fairly cheap, and we like the pricing part. We're trying to see what makes more sense operation-wise, license-wise, and pricing-wise."
"It's quite affordable. It's in the middle."
"Everybody complains about the price of this solution."
"The cost of this solution depends on the platform."
"The price of this solution is a little bit high compared to competitors."
"There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
"There is a license for this solution and we purchase the license annually with no additional fees."
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.
Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.
Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.
Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.
AWS WAF is ranked 3rd in Web Application Firewall (WAF) with 11 reviews while Imperva Web Application Firewall is ranked 7th in Web Application Firewall (WAF) with 11 reviews. AWS WAF is rated 8.2, while Imperva Web Application Firewall is rated 8.8. The top reviewer of AWS WAF writes "Use this product to make it possible to deploy web applications securely". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Useful out-of-the-box threat protection, not too complex, and has good technical support". AWS WAF is most compared with Microsoft Azure Application Gateway, F5 BIG-IP, Akamai Kona Site Defender, Cloudflare and Fortinet FortiWeb, whereas Imperva Web Application Firewall is most compared with F5 BIG-IP, Imperva Incapsula, Fortinet FortiWeb, Microsoft Azure Application Gateway and Barracuda Web Application Firewall. See our AWS WAF vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.