No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Shield vs Imperva Application Security Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 22, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Ranking in Distributed Denial-of-Service (DDoS) Protection
2nd
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
79
Ranking in other categories
CDN (1st), WAN Optimization (4th), Web Application Firewall (WAF) (10th), Managed DNS (1st), Domain Name System (DNS) Security (5th), Cloud Security Posture Management (CSPM) (15th)
AWS Shield
Ranking in Distributed Denial-of-Service (DDoS) Protection
5th
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Imperva Application Securit...
Ranking in Distributed Denial-of-Service (DDoS) Protection
4th
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
147
Ranking in other categories
CDN (2nd), Web Application Firewall (WAF) (1st), Bot Management (1st), API Security (1st)
 

Mindshare comparison

As of July 2026, in the Distributed Denial-of-Service (DDoS) Protection category, the mindshare of Cloudflare is 12.9%, down from 19.1% compared to the previous year. The mindshare of AWS Shield is 2.9%, down from 6.3% compared to the previous year. The mindshare of Imperva Application Security Platform is 8.2%, up from 7.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Distributed Denial-of-Service (DDoS) Protection Mindshare Distribution
ProductMindshare (%)
Cloudflare12.9%
Imperva Application Security Platform8.2%
AWS Shield2.9%
Other76.0%
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

M.A. Faisal - PeerSpot reviewer
General Manager at bKash Limited
Advanced protection has secured critical web workloads and provides clear traffic visibility
From a security perspective, there remains a security loophole, as some browsers in the market can bypass the Turnstile solution, which requires approximately 40 seconds to do so. From a performance perspective, this is acceptable. We also tried Google reCAPTCHA, and that can also be bypassed. From a security perspective, I would say neither solution is completely secured. Regarding uptime, we have faced a couple of incidents due to Cloudflare in recent years, so I cannot say we receive 100% uptime for our region. We sometimes face challenges, including downtime and other issues. As a result, we are not receiving 100% uptime from Cloudflare's solution. Since most of our customers are in this region, we need alternatives. We need something more competitive than Cloudflare. Unfortunately, in Bangladesh, Cloudflare has three points of presence already, and we cannot find any other solution provider in Bangladesh as an alternative, which presents another challenge. Competitor solutions have more attack signatures, which ensure better security compared to Cloudflare's predefined configurations. Customers do not have options to modify any configuration parameters in Cloudflare, whereas other competitor solutions, such as F5 Distributed Cloud, allow customers to tune configurations according to their requirements. Cloudflare could improve in this area. Additionally, regarding visibility, Cloudflare has static visibility, but they could adopt dynamic graph features for their customers.
Pranav Telang - PeerSpot reviewer
DGM at Airtel Digital
Has enabled multi-layered threat mitigation but still lacks deeper visibility for advanced application attacks
AWS Shield has limited coverage as it only protects against common and high-volume network and transport layer attacks, such as SYN floods. It does not provide inherent protection against more sophisticated layer 7 attacks such as HTTP floods. In such cases, integration with WAF is necessary, which results in additional costs for customers. To protect layer 7, layer 4, and layer 3, customers must implement both solutions. The service also has difficulties with static detection thresholds, which may not be sensitive enough to detect smaller application-specific attacks. While AWS Shield is a key security service, AWS should enhance their expert support with 24/7 response for complex attacks, which is currently limited.
reviewer2818155 - PeerSpot reviewer
Senior Associate at a tech vendor with 10,001+ employees
Application protection has improved and reporting and dashboards still need refinement
I believe Imperva Application Security Platform should have a more interactive wizard. While the dashboard is good, it could be more eye-catching. Based on my perspective, I recommend modifying the dashboards, especially the main dashboard where I can see the traffic hit count, alerts, and other latest information. In terms of reporting, I find it challenging to create reports; in my earlier days, it was difficult. Over time, I have learned how to create reports, but it should be easier to do so. I have used other tools such as firewalls or SolarWinds, where creating a report is straightforward and does not take much time, unlike in Imperva, where I have to add many elements. Modifications in the integration aspects would also be beneficial.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Cloudflare is the GUI. You are able to control the solution very well through the interface. There is a lot of functionality that is embedded in the service."
"The most valuable feature of Cloudflare DNS is its global reach and it is always evolving."
"From what I've seen so far, there are no negatives to report as of yet"
"Its ease of integration with Office 365 and the fact that it's a good product compared to what I had before"
"The most valuable feature is its usability."
"Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations."
"The UI is good."
"We're partners with Cloudflare; this solution is the best product and it does not charge you for any kind of attack on your traffic, only for good traffic, and it can mitigate up to 30 TBPS of DDoS attacks."
"If most of your internet presence from your application side is in AWS, AWS Shield is a great option."
"The solution's ease of use is the most valuable feature."
"The solution operates smoothly at its baseline level, and we do not encounter any issues at that level."
"It is integrated with AWS. So, it gives you a good first step."
"AWS Shield is aligned with the web application firewall (WAF), and they work seamlessly together, primarily working with Elastic Load Balancer, CloudFront, and Route 53 for CDN and DNS services protection."
"AWS Shield offers numerous protection features that are crucial at the application layer, safeguarding users from distributed denial of service attacks, man-in-the-middle assaults, and hacker orchestrations."
"I recommend AWS Shield because it has proven helpful in tracking DDoS attacks within both my past and present environments, and without AWS Shield, a business could face potential losses, as this tool helps in identifying and mitigating fake traffic that disrupts applications, ultimately supporting business continuity."
"We have integrated the tool with Active Directory. The most important feature is that it's transparent and doesn't degrade the performance of our solution. Additionally, it's easy to configure, which is crucial for us. It's easy to use and set up and stops attacks on our servers. We haven't encountered any attack problems because the solution stops them in real-time. AWS Shield specifically focuses on defending against denial-of-service attacks, making it a great solution for that type of threat."
"It is the best tool for detection and mitigation of current web-related attacks."
"It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF."
"There are a number of features that are valuable such as the account takeover and various antivirus features."
"Scalability has been pretty good, our European traffic has doubled and our sales have gone up along with our stability."
"Imperva is one of the best, if not the best, and almost every feature in Imperva Application Security Platform works really fine and addresses what enterprises are battling, shaping the security culture of the digital world."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"Imperva anti-DDoS protection has the well-known value of having lots of distributed nodes around the world, making it the best value for DDoS protection."
"Integration with IBM AS/400 and Db2 is okay."
 

Cons

"Regarding uptime, we have faced a couple of incidents due to Cloudflare in recent years, so I cannot say we receive 100% uptime for our region."
"The timing aspect can lead to it being considered overpriced. This is a particular concern we have with Cloudflare, as they may struggle with accurately detecting the client."
"Cloudflare doesn't have a reverse lookup. We can only do a DNS lookup to get the IP address from the hostname. It doesn't work if you want to look up the hostname from an IPA address."
"Honestly the product has not really improved the way of my organisation."
"The product support needs to be accessible from more places, a wider area of coverage."
"For the free and Pro plans, Cloudflare could use a simple bot to provide information to users. This would improve support, especially for less advanced users who utilize the free components."
"Cloudflare does not have an on-premise solution. If they had different approaches they could be better suited to accommodate more customers, such as on-premise and hybrid deployments. For example, hybrid deployments would be useful where you could move the traffic from the enterprise to the cloud."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it."
"The network has been experiencing frustrating performance issues today, which is not typical for Nigeria."
"The product is expensive."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it. It could be improved in terms of architecture requirements and then ongoing support requirements as a secondary component to it. People tend to set up things like this, and they just expect it to work without the care and feeding that needs to go back into it either from an application team or a network environment team."
"The product needs to improve its logs and reports to make it read better."
"There is an area for improvement regarding health checks. AWS Shield does not come with its own health check functionality."
"The product should give users more flexibility to customize their security policies according to their requirements."
"AWS Shield Standard requires improvement, particularly regarding its dashboard since it currently provides limited coverage against comprehensive DDoS attacks."
"There’s nothing that’s missing in terms of features."
"In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy."
"An improvement for Imperva WAF would be to reduce the number of false positives and create more strong use cases based on AI/ML or behavioral analytics."
"The API is lackluster but especially for customers."
"The solution needs to improve Integration with third parties for their on-prem deployment models. The integration is not that good yet."
"Latency concerns customers, especially in regions like East and West Africa, where traffic has to travel to South Africa before returning."
"Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself."
"HTML minification could be improved. The actual HTML minification does not provide the maximum HTML minification nor provides the best result."
 

Pricing and Cost Advice

"I believe their performance has improved, but I'd like to refrain from discussing the pricing aspect related to the cloud. The pricing, in my opinion, could be simplified, and I think they should consider reevaluating the pricing for support, as it can be quite high. At times, this cost can make it challenging to choose CARFAGuard or opt for the support."
"It's a premium model. You can start at zero and work your way up to the enterprise model, which has a very high pricing level."
"The tool is a premium product, so it is very expensive."
"In terms of licensing costs, we don't pay for licensing for Cloudflare. We only establish communication, then for peering, Cloudflare takes care of the cross-connection in different data centers."
"There are no additional costs beyond the standard licensing fees."
"The product's pricing is cheap."
"That is one of the great features. I was able to access the majority of the features and services for free."
"We are using the free version."
"We pay $3000 per month for the solution."
"The cost depends on traffic each month, so on average, it costs us between US$200 and US$300 per month."
"The tool's pricing is good."
"The tool is cheap."
"It depends on your subscription level and the volume that you're spending with AWS. So, it is very relative to the consumption alignment in your subscription level. It is a well-constructed, scalable pricing option, but it is relative to how much you're spending on AWS. Because the more you spend, typically, the more you get off on services like this. I find it to be comparable to other solutions."
"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
"It is not expensive compared to the other similar solutions in this category."
"There is a license or subscription renewal that our customers pay."
"​Although the pricing can be a little high, it is worth the protection and security that it offers.​"
"Pricing could be more competitive."
"It is a very affordable solution."
"Imperva Web Application Firewall price is higher compared to other solutions. However, everything is included in the price."
"The price of Imperva Web Application Firewalls is expensive compared to others."
report
Use our free recommendation engine to learn which Distributed Denial-of-Service (DDoS) Protection solutions are best for your needs.
904,016 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
10%
Comms Service Provider
10%
Manufacturing Company
8%
Computer Software Company
8%
Comms Service Provider
17%
Computer Software Company
9%
Financial Services Firm
8%
Construction Company
7%
Financial Services Firm
12%
Manufacturing Company
8%
Computer Software Company
7%
Construction Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise11
Large Enterprise26
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise7
By reviewers
Company SizeCount
Small Business88
Midsize Enterprise25
Large Enterprise70
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What is your experience regarding pricing and costs for Cloudflare DNS?
The pricing, setup cost, and licensing for Cloudflare are a bit on the higher side overall.
What is your experience regarding pricing and costs for AWS Shield?
The pricing structure for AWS Shield is fair, yet it depends on the specific protections chosen. Enabling Shield Adva...
What needs improvement with AWS Shield?
Services always benefit from improvements, including AWS Shield. With respect to the Web Application Firewall, curren...
What is your primary use case for AWS Shield?
What do you use it for? How do you use it?
Which Web Application Firewall (WAF) would you recommend? R&S or Imperva?
Imperva is a strong choice, given their security focus and ongoing R&D into the product in areas such as bot mana...
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provi...
What needs improvement with Imperva DDoS?
I would like to see improvements in the pooling of threats and attacks, possibly to enlarge the scale of indicators o...
 

Also Known As

Cloudflare DNS
No data available
Imperva Bot Management, Imperva Web Application Firewall, Imperva API Security
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
netflix, dow jones, mapbox, pearson, rovio, youview, moviestar planet, asurion, payplug, hour of code
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Find out what your peers are saying about AWS Shield vs. Imperva Application Security Platform and other solutions. Updated: June 2026.
904,016 professionals have used our research since 2012.