We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The dynamic profiling of websites is the solution's most valuable feature. The security is also good."
"Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
"If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."
"Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product."
"The most important feature I have found to be the ease in how to do the backup and restores."
"The solution has been quite stable. I have not seen any bugs at all."
"The solution can scale."
"The solution is stable."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."
"I think that better bot protection is needed in this solution."
"The user interface could be better."
"They can provide an option to create reports, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report."
"The process to upgrade from one version to another can be a lot simpler than it is currently."
"Sometimes our web application firewall will slow down."
"In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy."
"I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"It would be great if there were a dashboard that is more user-friendly."
"The cost of this solution depends on the platform."
"The price of this solution is a little bit high compared to competitors."
"There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
"There is a license for this solution and we purchase the license annually with no additional fees."
"There are a couple of different licensing models."
"The pricing is okay."
Earn 20 points
Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.
Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.
Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.
Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.
Tenable.io Web Application Scanning safely, accurately and automatically scans your web applications, providing deep visibility into vulnerabilities and valuable context to prioritize remediation.
Imperva Web Application Firewall is ranked 7th in Web Application Firewall (WAF) with 9 reviews while Tenable.io Web Application Scanning is ranked 21st in Application Security with 2 reviews. Imperva Web Application Firewall is rated 9.0, while Tenable.io Web Application Scanning is rated 7.6. The top reviewer of Imperva Web Application Firewall writes "Simple to maintain, easy to configure, and easy to scale". On the other hand, the top reviewer of Tenable.io Web Application Scanning writes "Good reporting and integration, but it needs a user-friendly dashboard". Imperva Web Application Firewall is most compared with AWS WAF, F5 BIG-IP Local Traffic Manager (LTM), Imperva Incapsula, Fortinet FortiWeb and Cloudflare, whereas Tenable.io Web Application Scanning is most compared with PortSwigger Burp Suite Professional, Acunetix by Invicti, Qualys Web Application Scanning and Veracode.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.