Fortinet FortiWeb vs. Wallarm

Fortinet FortiWeb is ranked 5th in Web Application Security with 9 reviews vs Wallarm which is ranked 6th in Web Application Security with 5 reviews. The top reviewer of Fortinet FortiWeb writes "L-7 protection safeguards legacy servers/applications without changing application code". The top reviewer of Wallarm writes "Active threat detection and adaptive rules are the most valuable for us". Fortinet FortiWeb is most compared with F5 BIG-IP, FortiADC and Blue Coat Protecting Web Applications. Wallarm is most compared with Cloudflare, Imperva Incapsula and Imperva SecureSphere Web Application Firewall. See our Fortinet FortiWeb vs. Wallarm report.
You must select at least 2 products to compare!
Fortinet FortiWeb Logo
10,029 views|5,460 comparisons
Wallarm Logo
1,164 views|380 comparisons
Most Helpful Review
Find out what your peers are saying about Fortinet FortiWeb vs. Wallarm and other solutions.
309,677 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).The most valuable feature is the web application firewall (WAF).Fortinet FortiWeb has improved my organization by protecting our customer's web infrastructure environment.We were able to protect our web servers from outside attacks.Other than the additional security with exploit protection, we have simpler certificate handling, as we can keep internal servers using internal certificates continuously distributed and updated by Active Directory Group Policy, while the public certificates become updated only in a single place, FortiWeb itself.SSL Offloading simplifies the public certificate handling and brings additional protection features.L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code.Auto Learn feature: Makes policy additions or deletions for my customers very simple​

Read more »

Helps us to monitor situation in regards to attacks to our sites and prevents a lot of them.

Read more »

FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.​Their support needs improvement.The false positives are annoying.​I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted.​Centralized management of multiple devices, and GUI improvement, could reduce the learning curve.The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions.Centralized configuration using FortiManager – like what exists for NGFW FortiGate appliances - would improve the configuration.HA Architecture needs improvement. I would improve it by working on AP HA.

Read more »

The biggest problem for us was the stability and speed using the first version of Wallarm. Now, it is fine.

Read more »

Pricing and Cost Advice
​The pricing is reasonable.​It really pays off to buy licences for multiple years​.Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.Cheaper than others.FortiWeb can be purchased in VM mode for a lower price and the same features.

Read more »

​Pricing must be cheaper than the competition and the licensing must be good.​

Read more »

Use our free recommendation engine to learn which Web Application Security solutions are best for your needs.
309,677 professionals have used our research since 2012.
Avg. Rating
Avg. Rating
Top Comparisons
Compared 27% of the time.
Compared 17% of the time.
Compared 30% of the time.
Compared 27% of the time.

FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

Next Gen Web Application Firewall with real-time Threat Verification

Founded in 2013, Wallarm provides its award-winning application security solution to hundreds of enterprises and SaaS providers worldwide. Wallarm's hybrid architecture makes it uniquely suited for cloud applications, companies following CI / CD practices and micro-services. Unlike legacy WAF solutions which require signatures and manual configuration of security rules, Wallarm uses machine learning to analyzes traffic and create adaptive security rules to protect both applications and APIs. To help make security more manageable, Wallarm supplements passive protection with active verification of vulnerabilities to distinguish exploitable incidents from noise.

Learn more about Fortinet FortiWeb
Learn more about Wallarm
Sample Customers
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AGAcronis: enterpise backup solutions; SEMrush: SEO services; QIWI: NASDAQ-listed payment system; Xsolla: in-games payment system; WarGaming: huge online gaming company; BPC: Banking Technologies
Top Industries
Financial Services Firm38%
Comms Service Provider13%
Mining And Metals Company13%
Local Government13%
Consumer Goods22%
Energy/Utilities Company15%
Financial Services Firm13%
Software R&D Company9%
No Data Available
Company Size
Small Business35%
Midsize Enterprise15%
Large Enterprise50%
Small Business33%
Midsize Enterprise25%
Large Enterprise41%
No Data Available
Find out what your peers are saying about Fortinet FortiWeb vs. Wallarm and other solutions.
309,677 professionals have used our research since 2012.
We monitor all Web Application Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email