We performed a comparison between AWS WAF vs. Imperva Web Application Firewall based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: AWS WAF and Imperva Web Application Firewall come out about equal in this comparison. AWS WAF has a slight edge when it comes to pricing, but Imperva Web Application Firewall has a slight edge when it comes to support.
"It is Amazon. Everything is scalable. It is beyond what we need."
"This product supplies options for web security for applications accessing sensitive information."
"The most valuable feature is the way it blocks threats to external applications."
"Their technical support has been quite good."
"The security firewall plus the features that protect against database injections or scripting,"
"The most valuable features are the geo-restriction denials and the web ACL."
"We do not have to maintain the solution."
"The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match."
"Imperva is easy to use and deploy. The UI is excellent."
"The configurability of the tools and the ease of operation to be the most valuable feature of Imperva."
"The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications."
"The solution is stable."
"The solution has been quite stable. I have not seen any bugs at all."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise."
"Very scalable and very stable firewall for web applications, with a good interface in its cloud version. Mitigation is its most valuable feature. The technical support for this product is also good."
"The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively."
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"We don't have much control over blocking, because the WAF is managed by AWS."
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure."
"The setup is complicated."
"It is sometimes a lot of work going through the rules and making sure you have everything covered for a use case. It is just the way rules are set and maintained in this solution. Some UI changes will probably be helpful. It is not easy to find the documentation of new features. Documentation not being updated is a common problem with all services, including this one. You have different versions of the console, and the options shown in the documentation are not there. For a new feature, there is probably an announcement about being released, but when it comes out, there is no actual documentation about how to use it. This makes you either go to technical support or community, which probably doesn't have an idea either. The documentation on the cloud should be the latest one. Finding information about a specific event can be a bit challenging. For this solution, not much documentation is available in the community. It could be because it is a new tool. Whenever there is an issue, it is just not that simple to resolve, especially if you don't have premium support. You have pretty much nowhere to look around, and you just need to poke around to try and make it work right."
"The cost management has room for improvement."
"The solution should identify why it blocks particular websites."
"Their portal is very limited and needs improvement."
"The tool's UI is complicated. It would be best to have a more accessible UI dashboard to make the job easier."
"The Imperva Web Application Firewall automations are good, but there is still room for improvement with them."
"It's a complicated tool to keep."
"I think that better bot protection is needed in this solution."
"An improvement for Imperva WAF would be to reduce the number of false positives and create more strong use cases based on AI/ML or behavioral analytics."
"It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."
"It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size. Learning capability of the device is quite weak."
More Imperva Web Application Firewall Pricing and Cost Advice →
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 51 reviews while Imperva Web Application Firewall is ranked 6th in Web Application Firewall (WAF) with 44 reviews. AWS WAF is rated 8.2, while Imperva Web Application Firewall is rated 8.6. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Imperva Web Application Firewall writes "Offers simulation for studying infrastructure and hybrid infrastructure protection". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Cloudflare Web Application Firewall and Fortinet FortiWeb, whereas Imperva Web Application Firewall is most compared with F5 Advanced WAF, Microsoft Azure Application Gateway, Fortinet FortiWeb, Azure Front Door and Akamai App and API Protector. See our AWS WAF vs. Imperva Web Application Firewall report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.