Try our new research platform with insights from 80,000+ expert users

AWS WAF vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS WAF
Average Rating
8.0
Reviews Sentiment
7.6
Number of Reviews
59
Ranking in other categories
Web Application Firewall (WAF) (1st)
Tenable.io Web Application ...
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
Application Security Tools (19th)
 

Mindshare comparison

AWS WAF and Tenable.io Web Application Scanning aren’t in the same category and serve different purposes. AWS WAF is designed for Web Application Firewall (WAF) and holds a mindshare of 9.3%, down 13.4% compared to last year.
Tenable.io Web Application Scanning, on the other hand, focuses on Application Security Tools, holds 1.3% mindshare, down 1.5% since last year.
Web Application Firewall (WAF)
Application Security Tools
 

Featured Reviews

Kavin Kalaiarasu - PeerSpot reviewer
AWS's cloud-native security simplifies rule enforcement but needs better DDoS integration
The dashboarding could be improved, and the default metrics provided by AWS WAF could be upgraded. The rate at which AWS updates their managed rule sets could be better. Features like bot protection or DDoS mitigation, available with other WAF vendors, do not come natively with AWS WAF. Instead, they are part of AWS Shield. Providing DDoS protection as part of their WAF solution would be beneficial.
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The automation of blocking for security attacks is valuable, with AWS applying rate limiting."
"This product supplies options for web security for applications accessing sensitive information."
"AWS WAF has a lot of integrated features and services. For example, there are security services that can be integrated very well for our customers."
"Stable and scalable web application firewall. Setting it up is straightforward."
"The customized billing is the most valuable feature."
"The product's initial setup phase was very simple."
"They filter a lot of attacks out."
"One common use case is using detection protection for enhancing security models in AWS. Another use case is implementing log analysis and response recovery procedures for email services."
"The most effective feature of the product is the ability to scan the entire environment."
"The solution is stable."
"We can get detailed information about vulnerabilities."
"The solution's instant reports feature is the most effective for detecting threats."
"All the features are valuable to us as they offer cutting-edge scanning methods and address the latest issues with a contemporary approach. Tenable.io Web Application Scanning is highly stable. I rate it a nine out ten. Since the solution works on the Cloud, it's highly scalable. I rate the scalability a nine out of ten. The setup of the solution is straightforward. The Return on Investment is substantial. I recommend the solution to all."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"I would recommend Tenable.io Web Application Scanning to others."
"It has good unified web application scanning and exposure management."
 

Cons

"When users choose the free service, there isn't great support available to them."
"The solution's pricing could be improved."
"We need more support as we go global."
"The dashboarding could be improved, and the default metrics provided by AWS WAF could be upgraded."
"We must monitor and clean up the WAF manually."
"We should be able to do proper whitelisting."
"We have issues with reporting, troubleshooting, and analytics. AWS WAF needs to bring costs down."
"One area that could be improved is the DDoS protection."
"It isn't easy to manage vulnerabilities in Tenable."
"The reporting has a very limited customization capability."
"Sometimes it lags with different cloud environments."
"The platform's technical support services could be better."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"The solution's dashboards could be improved and made more user-friendly."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
 

Pricing and Cost Advice

"There are no costs in addition to the standard licensing fees."
"The product’s pricing is reasonable."
"The price is average."
"The pricing is good and manageable."
"AWS WAF has reasonable pricing."
"I rate the product price a five on a scale of one to ten, where one is high price, and ten is low price"
"It's cheap."
"AWS WAF has reasonable pricing."
"The pricing is okay."
"Tenable.io Web Application Scanning is expensive for small businesses."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"I rate the product's pricing a four out of ten."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
860,632 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
9%
Government
5%
Financial Services Firm
14%
Computer Software Company
12%
Government
12%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What are the limitations of AWS WAF vs alternative WAFs?
Hi Varun, I have had experienced with several WAF deployments and deep technical assessments of the following: 1. Imperva WAF 2. F5 WAF 3. Polarisec Cloud WAF Typical limitations on cloud WAF is t...
How does AWS WAF compare to Microsoft Azure Application Gateway?
Our organization ran comparison tests to determine whether Amazon’s Web Service Web Application Firewall or Microsoft Azure Application Gateway web application firewall software was the better fit ...
What do you like most about AWS WAF?
The most valuable feature of AWS WAF is its highly configurable rules system.
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
 

Also Known As

AWS Web Application Firewall
No data available
 

Overview

 

Sample Customers

eVitamins, 9Splay, Senao International
IMDEX
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF). Updated: June 2025.
860,632 professionals have used our research since 2012.