No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Shield vs Imperva Application Security Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 22, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Ranking in Distributed Denial-of-Service (DDoS) Protection
2nd
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
79
Ranking in other categories
CDN (1st), WAN Optimization (4th), Web Application Firewall (WAF) (10th), Managed DNS (1st), Domain Name System (DNS) Security (5th), Cloud Security Posture Management (CSPM) (15th)
AWS Shield
Ranking in Distributed Denial-of-Service (DDoS) Protection
5th
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Imperva Application Securit...
Ranking in Distributed Denial-of-Service (DDoS) Protection
4th
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
147
Ranking in other categories
CDN (2nd), Web Application Firewall (WAF) (1st), Bot Management (1st), API Security (1st)
 

Mindshare comparison

As of July 2026, in the Distributed Denial-of-Service (DDoS) Protection category, the mindshare of Cloudflare is 12.9%, down from 19.1% compared to the previous year. The mindshare of AWS Shield is 2.9%, down from 6.3% compared to the previous year. The mindshare of Imperva Application Security Platform is 8.2%, up from 7.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Distributed Denial-of-Service (DDoS) Protection Mindshare Distribution
ProductMindshare (%)
Cloudflare12.9%
Imperva Application Security Platform8.2%
AWS Shield2.9%
Other76.0%
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

M.A. Faisal - PeerSpot reviewer
General Manager at bKash Limited
Advanced protection has secured critical web workloads and provides clear traffic visibility
From a security perspective, there remains a security loophole, as some browsers in the market can bypass the Turnstile solution, which requires approximately 40 seconds to do so. From a performance perspective, this is acceptable. We also tried Google reCAPTCHA, and that can also be bypassed. From a security perspective, I would say neither solution is completely secured. Regarding uptime, we have faced a couple of incidents due to Cloudflare in recent years, so I cannot say we receive 100% uptime for our region. We sometimes face challenges, including downtime and other issues. As a result, we are not receiving 100% uptime from Cloudflare's solution. Since most of our customers are in this region, we need alternatives. We need something more competitive than Cloudflare. Unfortunately, in Bangladesh, Cloudflare has three points of presence already, and we cannot find any other solution provider in Bangladesh as an alternative, which presents another challenge. Competitor solutions have more attack signatures, which ensure better security compared to Cloudflare's predefined configurations. Customers do not have options to modify any configuration parameters in Cloudflare, whereas other competitor solutions, such as F5 Distributed Cloud, allow customers to tune configurations according to their requirements. Cloudflare could improve in this area. Additionally, regarding visibility, Cloudflare has static visibility, but they could adopt dynamic graph features for their customers.
Pranav Telang - PeerSpot reviewer
DGM at Airtel Digital
Has enabled multi-layered threat mitigation but still lacks deeper visibility for advanced application attacks
AWS Shield has limited coverage as it only protects against common and high-volume network and transport layer attacks, such as SYN floods. It does not provide inherent protection against more sophisticated layer 7 attacks such as HTTP floods. In such cases, integration with WAF is necessary, which results in additional costs for customers. To protect layer 7, layer 4, and layer 3, customers must implement both solutions. The service also has difficulties with static detection thresholds, which may not be sensitive enough to detect smaller application-specific attacks. While AWS Shield is a key security service, AWS should enhance their expert support with 24/7 response for complex attacks, which is currently limited.
reviewer2818155 - PeerSpot reviewer
Senior Associate at a tech vendor with 10,001+ employees
Application protection has improved and reporting and dashboards still need refinement
I believe Imperva Application Security Platform should have a more interactive wizard. While the dashboard is good, it could be more eye-catching. Based on my perspective, I recommend modifying the dashboards, especially the main dashboard where I can see the traffic hit count, alerts, and other latest information. In terms of reporting, I find it challenging to create reports; in my earlier days, it was difficult. Over time, I have learned how to create reports, but it should be easier to do so. I have used other tools such as firewalls or SolarWinds, where creating a report is straightforward and does not take much time, unlike in Imperva, where I have to add many elements. Modifications in the integration aspects would also be beneficial.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If someone is looking for a secure and optimized wrapper over an open website, I would suggest CloudFlare services."
"The API gives us the ability to remote control our DNS settings."
"It is easier to configure and develop documentation to see how we have configured firewalls."
"Another reason it's awesome is that you don't need your server to handle every request."
"New and innovative way to protect the client's data."
"I have used it to bring enterprise-grade features to my small business clients at low or no cost."
"Cloudflare's DNS services deliver the best performance in terms of speed and reliability."
"If you don't want to spend too much time hosting your own DNS server or managing the domain, Cloudflare is a great way to rapidly get websites and services online."
"The solution's ease of use is the most valuable feature."
"AWS Shield is aligned with the web application firewall (WAF), and they work seamlessly together, primarily working with Elastic Load Balancer, CloudFront, and Route 53 for CDN and DNS services protection."
"I am impressed with the product's multiple features like security."
"AWS Shield offers numerous protection features that are crucial at the application layer, safeguarding users from distributed denial of service attacks, man-in-the-middle assaults, and hacker orchestrations."
"The solution operates smoothly at its baseline level, and we do not encounter any issues at that level."
"It is quite scalable, and we have not faced any issues with its scalability."
"I recommend AWS Shield because it has proven helpful in tracking DDoS attacks within both my past and present environments, and without AWS Shield, a business could face potential losses, as this tool helps in identifying and mitigating fake traffic that disrupts applications, ultimately supporting business continuity."
"If most of your internet presence from your application side is in AWS, AWS Shield is a great option."
"Thanks to Incapsula, we got easily manageable DDoS protection; HTTP2 and SSL certificates for all the services; CDN in good locations; and we're now sure that our web services can't be exploited remotely because of the WAF feature."
"We were so impressed with the effectiveness of the solution and the assistance that we received from support that we subscribed to their service in an ongoing basis, which has proven to be reliable and simple to use."
"I find the configurability of the tools and the ease of operation to be the most valuable feature of Imperva."
"There are a number of features that are valuable such as the account takeover and various antivirus features."
"Imperva DDoS is fairly stable, and its availability is quite high."
"The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand."
"The features that are most valuable are the protection against denial-of-service attacks and all kinds of other internet attacks."
"This implementation helped our organization a lot in handling web attacks by hackers and other malicious intruders."
 

Cons

"I have found CloudFlare's support to be unresponsive at times, and not very helpful with providing technical details for issues that we have reported over the years."
"Honestly the product has not really improved the way of my organisation."
"They lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem."
"Cloudflare's console should be made more user-friendly."
"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."
"Flexible SSL is nothing more than an illusion of security that you're presenting to your visitors."
"The Cloudflare load balancing capability hasn't really helped in enhancing my website's uptime and resiliency because we don't really get that much traffic; it's mostly remote users, and web hosting is done by a web hosting service."
"Cloudflare does not have an on-premise solution. If they had different approaches they could be better suited to accommodate more customers, such as on-premise and hybrid deployments. For example, hybrid deployments would be useful where you could move the traffic from the enterprise to the cloud."
"AWS Shield Standard requires improvement, particularly regarding its dashboard since it currently provides limited coverage against comprehensive DDoS attacks."
"Perhaps the time required to detect anomalies can be reduced. Presently, it takes some time to determine whether a situation is normal or abnormal."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it."
"The product should give users more flexibility to customize their security policies according to their requirements."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it. It could be improved in terms of architecture requirements and then ongoing support requirements as a secondary component to it. People tend to set up things like this, and they just expect it to work without the care and feeding that needs to go back into it either from an application team or a network environment team."
"The time taken to detect anomalies must be reduced."
"The network has been experiencing frustrating performance issues today, which is not typical for Nigeria."
"AWS Shield has limited coverage as it only protects against common and high-volume network and transport layer attacks, such as SYN floods."
"Caching rules are really basic now and lots of space for improvement here."
"I would like to see automated reporting to improve visibility."
"The dashboard is not accessible on occasion."
"It would be better if we were able to manage and apply changes to multiple websites/web applications, and search WAF logs for multiple websites, via the Incapsula dashboard."
"One potential improvement for Imperva is enhancing its alert system."
"Support is one thing I wish Imperva could improve."
"There is nothing specific where the application firewall is falling short."
"Our support is currently coming from the US, and it is not very good."
 

Pricing and Cost Advice

"We are using the free version."
"There are no additional costs beyond the standard licensing fees."
"The pricing for the service is reasonable, neither excessively cheap nor prohibitively expensive. It aligns well with the value of their solution."
"I believe their performance has improved, but I'd like to refrain from discussing the pricing aspect related to the cloud. The pricing, in my opinion, could be simplified, and I think they should consider reevaluating the pricing for support, as it can be quite high. At times, this cost can make it challenging to choose CARFAGuard or opt for the support."
"We don't have any issues with the price."
"So far I use free tier and happy with it. You can subscribe to business package if needed."
"The price is reasonable."
"We are using the free tier of the solution."
"It depends on your subscription level and the volume that you're spending with AWS. So, it is very relative to the consumption alignment in your subscription level. It is a well-constructed, scalable pricing option, but it is relative to how much you're spending on AWS. Because the more you spend, typically, the more you get off on services like this. I find it to be comparable to other solutions."
"The tool's pricing is good."
"The tool is cheap."
"We pay $3000 per month for the solution."
"The cost depends on traffic each month, so on average, it costs us between US$200 and US$300 per month."
"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."
"We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive."
"The solution's price is high for small companies."
"It is not expensive compared to the other similar solutions in this category."
"Pricing could be more competitive."
"The price of Imperva Web Application Firewalls is expensive compared to others."
"It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
"The data packages are higher than our needs so we end up paying for data that we don't use."
report
Use our free recommendation engine to learn which Distributed Denial-of-Service (DDoS) Protection solutions are best for your needs.
903,147 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
8%
Computer Software Company
8%
Comms Service Provider
16%
Computer Software Company
9%
Financial Services Firm
8%
Manufacturing Company
7%
Financial Services Firm
12%
Manufacturing Company
8%
Computer Software Company
7%
Construction Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise11
Large Enterprise26
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise7
By reviewers
Company SizeCount
Small Business88
Midsize Enterprise25
Large Enterprise70
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What is your experience regarding pricing and costs for Cloudflare DNS?
The pricing, setup cost, and licensing for Cloudflare are a bit on the higher side overall.
What is your experience regarding pricing and costs for AWS Shield?
The pricing structure for AWS Shield is fair, yet it depends on the specific protections chosen. Enabling Shield Adva...
What needs improvement with AWS Shield?
Services always benefit from improvements, including AWS Shield. With respect to the Web Application Firewall, curren...
What is your primary use case for AWS Shield?
What do you use it for? How do you use it?
Which Web Application Firewall (WAF) would you recommend? R&S or Imperva?
Imperva is a strong choice, given their security focus and ongoing R&D into the product in areas such as bot mana...
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provi...
What needs improvement with Imperva DDoS?
I would like to see improvements in the pooling of threats and attacks, possibly to enlarge the scale of indicators o...
 

Also Known As

Cloudflare DNS
No data available
Imperva Bot Management, Imperva Web Application Firewall, Imperva API Security
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
netflix, dow jones, mapbox, pearson, rovio, youview, moviestar planet, asurion, payplug, hour of code
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Find out what your peers are saying about AWS Shield vs. Imperva Application Security Platform and other solutions. Updated: June 2026.
903,147 professionals have used our research since 2012.