Imperva Web Application Firewall OverviewUNIXBusinessApplication

Imperva Web Application Firewall is the #7 ranked solution in our list of top Web Application Firewalls. It is most often compared to AWS WAF: Imperva Web Application Firewall vs AWS WAF

What is Imperva Web Application Firewall?

Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.

Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection.

Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.

Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.

Buyer's Guide

Download the Web Application Firewall (WAF) Buyer's Guide including reviews and more. Updated: September 2021

Imperva Web Application Firewall Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

Imperva Web Application Firewall Video

Pricing Advice

What users are saying about Imperva Web Application Firewall pricing:
  • "There are a couple of different licensing models."
  • "The cost of this solution depends on the platform."
  • "There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
  • "The price of this solution is a little bit high compared to competitors."
  • "There is a license for this solution and we purchase the license annually with no additional fees."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
KL
Team Lead Senior Technical Engineer at a tech services company with 51-200 employees
Real User
Simple to maintain, easy to configure, and easy to scale

What is our primary use case?

I am a distributor for Imperva. We provide solutions for our customers. This solution is mainly used to protect websites. When it is deployed on the cloud it is used for traffic redirection and URL redirection functionality. It is also used for dual location blocking and security for the policies that are being applied.

Pros and Cons

  • "It has fewer false positives"
  • "The support for the on-premises version needs improvement."

What other advice do I have?

You should understand the customer's website, what their website is. They need to configure the ciphers properly. Many engineers are not able to complete the project because they don't understand the customer's environment. Before doing an implementation, understand the customer's environment. The ciphers need to be configured properly. Some Imperva engineers are not able to complete the projects because they understand the customer's environment. Know the ciphers being used and match the ciphers. You must ensure the same ciphers are being matched in the backend load balances. If the backend…
RK
Senior Software Developer at a computer software company with 1,001-5,000 employees
Real User
Top 20
Stable, protects well against a variety of attacks, especially DDoS

What is our primary use case?

We primarily use the solution for database security. Basically, the solution is a web application firewall that is used to protect against multiple types of attacks online. It is used for web attacks - mostly DDoS attacks, cross-site scripting attacks, or SQL injection attacks. There is also multiple HTTP protocol compliance. If there is any violation it will be detected by this application. It is used for detecting an illegal file type, illegal URL, or bots. The solution can prevent a geolocation attack also. If any application is not allowed from certain countries, it will not allow access… more »

Pros and Cons

  • "The solution has been quite stable. I have not seen any bugs at all."
  • "Sometimes our web application firewall will slow down."

What other advice do I have?

We use the solution's latest version. We have a partnership with Imperva within our company. I'd rate the solution at a nine out of ten. We've been mostly quite happy with its capabilities.
Find out what your peers are saying about Imperva, Fortinet, Amazon and others in Web Application Firewall (WAF). Updated: September 2021.
535,919 professionals have used our research since 2012.
RN
CTO - Consulting Services at a tech services company with 51-200 employees
Real User
Dual perspective of positive and negative security makes for optimal protection

What is our primary use case?

For some time now, I have been the CTO of a consulting company and our main issue is web application security. We also handle database security. This is one of the solutions that we implement for our clients. The primary use of this solution is the protection of applications.

Pros and Cons

  • "Compared to other web application firewalls in the market, Imperva does things in the most accurate way."
  • "I think that better bot protection is needed in this solution."

What other advice do I have?

Overall, Imperva is a pretty good product. I am working with the development team for Imperva in Israel, and I have submitted some feature requests for things that I think should be changed. Everything that should be fixed, we have a discussion on it and it is probable that these things will be fixed. My advice to anybody who is implementing this solution is to first go and learn the attack surfaces because you need to protect the assets from attack. In order to do this, you need to understand the attacks. Let's say that a good defense is a good offense. The biggest lesson that I have learned…
BD
CTO at a tech services company with 11-50 employees
Real User
Top 20
It is easy to deploy, manage, and expand

Pros and Cons

  • "Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product."
  • "They can provide an option to create reports, automatically import the entire report, and create rules again. In a real-life crisis, it would be helpful to be able to import a report and generate security rules from that report. I should be able to create a simple query and import the reports automatically. It can maybe also tell us the format of the report."

What other advice do I have?

In Turkey, we mostly have on-premises deployments. There are some Azure Amazon projects, but it is mostly deployed on-premises. It is not so easy to send Incapsula solutions to Turkey. I would recommend this solution. It is easy to manage and expand. I would rate Imperva SecureSphere Web Application Firewall a ten out of ten.
SO
Security Engineering at a computer software company with 5,001-10,000 employees
Real User
Top 20
Straightforward to set up with good technical support and stability

What is our primary use case?

My experience is to integrate this application. It's a firewall. You must connect it with the traffic the infrastructure must be routed through this firewall in order to block and search for any problems with the applications.

Pros and Cons

  • "The solution can scale."
  • "In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy."

What other advice do I have?

Imperva has different three parts - the Web Application Firewall (WAF), Incapsula for cloud, and DAM for database firewalls. This is in one central monitor. We aren't using the latest version of the solution. We use the solution as a customer as well as an integrator. I'd rate the solution at a ten out of ten. It's very good. We've been quite happy with its overall capabilities.
DK
Technical Account Manager at a tech services company with 201-500 employees
Reseller
Top 10Leaderboard
Easy to deploy with good cost savings and great scaling potential

Pros and Cons

  • "The solution is stable."
  • "I loved the approach of the cloud. The cloud has a lot of new features, like advanced web protection and DDoS protection. If those could also be on-boarded onto the on-prem versions, that would be ideal. They need to pay attention to both deployment options and not just favor one."

What other advice do I have?

We are resellers and we are based in Kenya. We're actually doing the whole suite. I'm working with Database Security and I'm also doing the Web Application Firewall, both of which are on-prem and on the cloud. I'm also doing the DRA. It's the best in breed in terms of a solution you can put in place. I'd rate the solution at an nine out of ten. We're quite happy with its overall capabilities.
Mustafa Okay
Senior Security Engineer at a tech services company with 11-50 employees
Real User
Top 20
Provides good network transparency and integrates well with other products

What is our primary use case?

We are a solution provider and Imperva is one of the products that we implement for our clients. They use it as an application firewall.

Pros and Cons

  • "If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."
  • "The user interface could be better."

What other advice do I have?

My advice to anybody who is considering this solution is that if they want a stable product with good scalability then they can choose Imperva. The price is a little bit higher than that of the competitors, which largely impacts whether customers choose Imperva. In fact, if you don't care about budget then Imperva is the only solution for an application firewall. My only complaint is that the user interface could be better. I would rate this solution a nine out of ten.
SS
Acquisitions Leader at a healthcare company with 10,001+ employees
Real User
Top 5Leaderboard
Reliable, and has easy backup and restore functions

What is our primary use case?

We are using this solution for backing up all of our day-to-day use data and the ability to restore it when we want. For example, when there is a catastrophe or disaster.

Pros and Cons

  • "The most important feature I have found to be the ease in how to do the backup and restores."
  • "The process to upgrade from one version to another can be a lot simpler than it is currently."

What other advice do I have?

My advice is to follow the three, two, one backup rule, this solution is very suitable for this. Make sure you are defining your mean time for recovery of the backup, and try to see that it makes the mean time. I rate Imperva Web Application Firewall a nine out of ten.
See 1 more Imperva Web Application Firewall Reviews
Buyer's Guide
Download our free Web Application Firewall (WAF) Report and find out what your peers are saying about Imperva, Fortinet, Amazon, and more!