My first question would be if you are currently using any Web Application Firewall (WAF). 

Let's say, for example, you are using AWS as well. If you are already using AWS, I would advise against switching to Reblaze. Not because Reblaze is not good but because AWS WAF provides more comprehensive protection for your assets. Reblaze is catching up, and they are nearly there, but AWS WAF is currently more advanced. However, if you are using Google's WAF or any other vendor, then I would recommend considering Reblaze as the second-best option. 

In my opinion, AWS is the number one choice, and Reblaze ranks as the second-best among all the vendors I have tested so far. Reblaze stands out due to its ease of use and the flexibility it offers in customizing rule sets.

Ten being the best, I would rate Reblaze somewhere between seven and a half and eight. They are still evolving as a product. I have previous experience using AWS WAF in another company, and I know how good it is. If you are in an AWS environment, I would recommend AWS WAF. 

However, if you are not in an AWS environment or have the freedom to choose, Reblaze is a viable option. You cannot use AWS WAF on platforms like GCP or Azure, for example. That's why I say Reblaze is still developing. Their bot management capabilities are not yet at the same level, and their support is not fully refined either. We had to schedule calls on Sundays and sometimes late at night. But when it comes to value for money, Reblaze is a great choice. It is more cost-effective than AWS WAF and performs better than the other options available to us.

The suitability of this product depends on the specific circumstances of the business. If you're a small business owner running a simple operation I wouldn't recommend opting for it, as it might be a tad pricey for an entry-level scenario. To the best of my knowledge, they didn't offer a free tier the last time I checked, so the initial cost for even the most basic configuration might be a bit steep for a small-scale setup. There are alternative products available, some of which offer free or very affordable options. These alternatives often come with reduced functionality compared to what this product offers, but they can serve as cost-effective replacements. For instance, Amazon provides a basic Web Application Firewall (WAF) as part of their services, which, while not as robust as what this product offers, provides a level of protection for your online services. For medium to large businesses seeking robust support and a comprehensive product to safeguard their platform, this product is a solid choice as it generally offers above-average satisfaction and a comprehensive range of features that can effectively protect your online assets. It ultimately depends on your unique needs. I would rate it nine out of ten.

Go ahead and use it. We took a chance because, when we started with Reblaze, it was a young company. With a young company, you don't know if it will be there in two years. It was risky because to implement the system takes six months. To move to another platform would take another six months. So it was a risk. Today, there is no risk. Reblaze stands on its own. Its income is stable from customers. It's not only investors' money today. Reblaze has a lot of customers and its teams are much bigger.

My primary advice is to have the coding team, the programming team, with you from the first minute, because they will need to support you. It's not just an IT task. It seems to be, but it's not. It's also a task for the programming team. You will need QA resources which, in most cases, are provided by the programming team. You also need architecture teams. You need to work much more closely with all these teams than we initially thought, when implementing this kind of solution.

Look at 

• how much time you can save and the resources required
• the stability and 
• the support.

Those are the three main factors for me. And in these three factors, Reblaze excels.

Just do it. Try it first, but do it. It's very easy to implement and very easy to understand. If you are a simple site it will be very easy to implement and if you have very complex sites, including web applications and mobile applications, with the SDK they provide for iOS and Android, there is 100 percent coverage of requirements.

The biggest lesson we have learned from using this solution is that sometimes, when you have an entrepreneurial company with fire in its eyes and one that is willing to push and give you the best, you can trust it and grow with it, especially when they are very responsive to your needs and ready to change and add features very fast.

We have three internal administrators working on the product and there are five or six viewers, who have different roles and who monitor the activities. We have one full-time employee who works on the product and monitors and improves rules, as needed. He is a cyber security administrator.

The biggest thing we've learned from using this solution is that "it doesn't always have to be hard."

Know what your site's profile is and listen to Reblaze. They will put you into a learning mode to identify what they are seeing and what your normal traffic looks like and what traffic is suspicious. Work with them. As long as you work well with Reblaze, you will get a good solution out of it.

Reblaze has just made things simpler for us. We have them in fairly complex setups with the hybrid solution, which is in Google and AWS. They deployed it, they maintain it. All we do is make sure that it is operating as expected. We scan it weekly, just to be sure, but they are a trusted resource.

We've got system engineers, security engineers, and some network engineers all using this system and all of the different instances. We also have a third-party on the casino product, which is helping us to support that instance.

We will have to do some maintenance about once every three to six months, in general, for major upgrades. That would usually involve a system engineer and a security engineer. Beyond that, the rules and the other methods that they are using for DDoS protection are fairly automated. We may tweak the rules here and there if we see a specific issue that we are sensing, but it is fairly low maintenance.

I rate this solution eight out of ten. I will never, never recommend any company to use any specific solution. I will always tell them to choose what is best for them, but I will give them my opinion on which programs I value. I always say which program I prefer but I will never say that it is the only solution because it will present me as biased and not a trusted advisor. I prefer to say what I like about the program, and then the person can choose what works best for him.

They provide a solution for something that I have no time to do. Reblaze provides us with a solution we can count on. It is a company that will provide you with the solution you need, and you can count on them to do the right thing.

We don't need anyone for deployment and maintenance of the solution. It runs by itself.

I would rate Reblaze at nine out of ten because it needs a little bit of improvement, such as the interface and alerts on-the-fly.

Try it on your real production data and try it for more than just one week. You need to sit with a person who knows how to operate it. It's really simple to operate, but you need to learn it.

Reblaze has taught me a lot about how to use my web application; how to think about my users and what they need. The biggest lesson I've learned is that, in security testing, you need to maintain things all the time. It will sound a little bit cliché, but it's a cat-and-mouse game. Reblaze helps with this game because it's effective and you can change it all the time and you can see what is changing in real-time. In the game of cat-and-mouse it's a good solution.

I rate Reblaze at eight out of ten. Nothing is perfect. Producing security products is really hard and there is a lot more to do. Compared to other products in the category, it's really different. It's a little bit more convenient, simpler. The people behind Reblaze have learned a lot by participating in security games. You need a lot of knowledge when you're dealing with web applications.

I know Reblaze really well. I hear Microsoft has good products but I don't have experience with them. I would say that Reblaze is good but you should evaluate all of your options. 

You should do the configuration correctly and work according to the product's best practices. 

I would rate it an eight out of ten. 

I would rate this solution an eight out of 10.