Fortinet FortiAppSec Cloud vs Imperva Application Security Platform comparison

Fortinet and Imperva are both solutions in the Distributed Denial-of-Service (DDoS) Protection category. Fortinet is ranked #37, while Imperva is ranked #4 with an average rating of 8.3. Additionally, 100% of Fortinet users are willing to recommend the solution, compared to 95% of Imperva users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 22, 2026

The Imperva Application Security Platform and Fortinet FortiAppSec Cloud are competing in application security. While Imperva offers more comprehensive security features, Fortinet excels with competitive pricing and customer support, giving it an advantage in those areas.

Features: Imperva Application Security Platform features robust threat intelligence, automated security management, and adaptive threat detection. Fortinet FortiAppSec Cloud integrates threat protection with cloud-focused security features and highlights comprehensive threat protection.

Ease of Deployment and Customer Service: Fortinet FortiAppSec Cloud is known for its streamlined cloud deployment model and responsive customer service, facilitating quick implementation and support resolution. Imperva provides a detailed deployment strategy with in-depth support insights, although it may require more effort during deployment.

Pricing and ROI: Imperva Application Security Platform incurs higher setup costs but offers continued ROI through its security functionalities. Fortinet FortiAppSec Cloud adopts a competitive pricing model, focusing on affordability and quick ROI, making it attractive for initial investments.

To learn more, read our detailed Distributed Denial-of-Service (DDoS) Protection Report (Updated: March 2026).

Buyer's Guide

Distributed Denial-of-Service (DDoS) Protection

March 2026

Download the complete report

Helped 884,797 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cloudflare

Featured Reviews

M.A. Faisal

General Manager at bKash Limited

Advanced protection has secured critical web workloads and provides clear traffic visibility

From a security perspective, there remains a security loophole, as some browsers in the market can bypass the Turnstile solution, which requires approximately 40 seconds to do so. From a performance perspective, this is acceptable. We also tried Google reCAPTCHA, and that can also be bypassed. From a security perspective, I would say neither solution is completely secured. Regarding uptime, we have faced a couple of incidents due to Cloudflare in recent years, so I cannot say we receive 100% uptime for our region. We sometimes face challenges, including downtime and other issues. As a result, we are not receiving 100% uptime from Cloudflare's solution. Since most of our customers are in this region, we need alternatives. We need something more competitive than Cloudflare. Unfortunately, in Bangladesh, Cloudflare has three points of presence already, and we cannot find any other solution provider in Bangladesh as an alternative, which presents another challenge. Competitor solutions have more attack signatures, which ensure better security compared to Cloudflare's predefined configurations. Customers do not have options to modify any configuration parameters in Cloudflare, whereas other competitor solutions, such as F5 Distributed Cloud, allow customers to tune configurations according to their requirements. Cloudflare could improve in this area. Additionally, regarding visibility, Cloudflare has static visibility, but they could adopt dynamic graph features for their customers.

Read full review

Mohamed Fouad

Cybersecurity Team Leader at EMAK For Computer Manufacturing (ECM)

Web protection has improved security posture and prevents advanced bot and zero-day attacks

In my opinion, the best features of Fortinet FortiAppSec Cloud are usability and price, which are the two strongest features from Fortinet security products. We use the advanced bot mitigation, which supports credential stuffing, account takeover prevention, and stopping layer 7 DDoS and OWASP Top 10 attacks. With the bot mitigation in Fortinet FortiAppSec Cloud, we control end users whenever they connect to our website, checking that they are not bots and allowing access only after verification. We run AI detection in a testing phase, using both basic and advanced security measures, including API security and XML protection. AI helps by providing machine learning that suggests which policies need tuning and which signatures need to be added to our policy. Fortinet FortiAppSec Cloud's adaptability to traffic patterns helps mitigate zero-day vulnerabilities through machine learning. Fortinet FortiAppSec Cloud helps our organization by relying on Fortinet threat intelligence, which provides information on newly emerging zero-day attacks, allowing us to run signatures to stop these attacks. We utilize the dynamic learning capabilities for threat updates.

Read full review

reviewer1247523

Head of Sales Services Department at a comms service provider with 51-200 employees

Solution ensures website availability and proactive threat mitigation

Over the seven years, the most valuable features of Imperva DDoS that I have found are related to DDoS attacks, which are a group of attacks, and not all of them can be resolved on the endpoint level before the website. Using the web firewall before the website is a common use case to protect against malicious requests to the website. I have utilized Imperva's Intelligent Traffic Filtering feature. This feature helps me understand how the attack is progressing and what is happening inside the requests to our website. It allows me to granularly grant or deny access to certain parts of our website. This helps when we know our customers and the types of requests that can be sent from them, enabling us to block some malicious requests. Imperva DDoS has User Behavior Analytics and Threat Intelligence on its board, and this helps us to be protected proactively. Imperva DDoS connects to its database of threats, storing whole information about attacks all over the world in one simple engine. Everyone can use this feature, which can connect to this engine and get information about what is going on at the world level. That is the way to be protected at the company's level. The integration capabilities of Imperva DDoS are very easy and simple. We can run it in 2 hours.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution is stable, and the DNS servers are simple to use."

"The overall experience with Cloudflare is positive, with a rating of eight out of ten."

"Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications."

"DDoS attacks target unprotected machines. Cloudflare detects and stops these attacks using internal systems. It identifies incoming DDoS attacks, issuing challenges or blocking them immediately."

"The most valuable feature of Cloudflare DNS is its global reach and it is always evolving."

"The features of Cloudflare were found to be more beneficial and led to the decision to utilize it over other options."

"I get a lot of value from Cloudflare's API because it enables you to build a separate environment inside the solution. You can create a domain for performing test requests before you move to the production environment and connect various domains."

"Easier http to https redirect using page rules"

More Cloudflare pros

"We have seen a reduction in incidents and a good return on investment from Fortinet FortiAppSec Cloud, with our return on investment around 60%."

"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."

"It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF."

"Imperva monitors all traffic, even customer access, to the web application. Then, Imperva uses features like signatures to identify attacks like cross-site scripting or SQL injection."

"It works right out of the box once you integrate the application."

"The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network."

"Imperva is easy to use and deploy. The UI is excellent."

"The solution is cloud-based and offers us good uptime. It has combined web and API security. Therefore, with one license, you access both application security and also API security."

"The dynamic profiling of websites is the solution's most valuable feature. The security is also good."

More Imperva Application Security Platform pros

Cons

"Cloudflare's free plan is limited to 5,000 records for their free plan. They should increase that. For example, if I create a domain called abc.com and a subdomain called a.abc.com, my record count will be two. I can make a maximum of 5,000 subdomains. However, if we use our own DNS hosted on another provider, there is no limit. Their free plan also lacks name server customization."

"Latencies are always a problem."

"The timing aspect can lead to it being considered overpriced. This is a particular concern we have with Cloudflare, as they may struggle with accurately detecting the client."

"An integrated SSO feature would be useful for Cloudflare DNS."

"The Cloudflare load balancing capability hasn't really helped in enhancing my website's uptime and resiliency because we don't really get that much traffic; it's mostly remote users, and web hosting is done by a web hosting service."

"We have noticed multiple instances where Cloudflare falsely indicates that our servers are down, even when there is no actual load on them. This makes it challenging for us to identify the exact issue."

"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."

"There are some issues with the CDN services."

More Cloudflare cons

"Real-time traffic analysis has posed an issue for us because we did not see logs for legitimate traffic."

"The only disadvantage of Imperva is that it is a pretty costly solution."

"The Imperva Web Application Firewall automations are good, but there is still room for improvement with them."

"The process to upgrade from one version to another can be a lot simpler than it is currently."

"Sometimes, it takes a bit of time for the technical staff of the solution to get back to our company with a resolution for our problems."

"I would like the solution to improve its support response time."

"Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis."

"The support for the on-premises version needs improvement."

"On the negative side, API security mainly supports cloud-based solutions, while most of my customers prefer on-prem setups, so achieving high performance with on-prem solutions would be beneficial."

More Imperva Application Security Platform cons

Pricing and Cost Advice

"That is one of the great features. I was able to access the majority of the features and services for free."

"A free version of the solution is available."

"I think the pricing is competitive. I think as far as licensing is concerned it's pretty straightforward because it's based on domain. It's just that sometimes domains could be tricky with some customers."

"The solution is expensive when compared to other products but offers unlimited bandwidth."

"The tool is a premium product, so it is very expensive."

"When you compare Cloudflare DNS to other solutions, such as Akamai, the price is reasonable."

"Cloudflare's pricing is not much higher and is good for middle-level organizations."

"The product's pricing is cheap."

More Cloudflare pricing and cost advice

Information not available

"We have an issue with Imperva Incapsula in the Iraqi market because of the high price."

"It is expensive."

"The price is high compared to other solutions like FortiWeb."

"For enterprise contracts you will be in touch with a dedicated account manager who will guide you regarding licensing."

"There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."

"The cost of this solution depends on the platform."

"Imperva Web Application Firewall is expensive."

"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."

More Imperva Application Security Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Distributed Denial-of-Service (DDoS) Protection solutions are best for your needs.

See recommendations

884,797 professionals have used our research since 2012.

Comparison Review

it_user68487

Security Expert with 51-200 employees

Nov 6, 2013

CloudFlare vs Incapsula: Web Application Firewall

CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…

Read full review

Top Industries

By visitors reading reviews

Financial Services Firm

10%

Comms Service Provider

10%

Computer Software Company

Manufacturing Company

No data available

Financial Services Firm

12%

Manufacturing Company

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	46
Midsize Enterprise	8
Large Enterprise	26

No data available

By reviewers
Company Size	Count
Small Business	84
Midsize Enterprise	25
Large Enterprise	62

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...

See all answers

Which would you choose - Cloudflare DNS or Quad9?

Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...

See all answers

What do you like most about Cloudflare?

Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.

See all answers

Ask a question

Earn 20 points

Which Web Application Firewall (WAF) would you recommend? R&S or Imperva?

Imperva is a strong choice, given their security focus and ongoing R&D into the product in areas such as bot mana...

See all answers

What is your experience regarding pricing and costs for Imperva DDoS?

The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provi...

See all answers

What needs improvement with Imperva DDoS?

I would like to see improvements in the pooling of threats and attacks, possibly to enlarge the scale of indicators o...

See all answers

Comparisons

Quad9 vs Cloudflare

Compared 44% of the time

Akamai vs Cloudflare

Compared 4% of the time

Azure Front Door vs Cloudflare

Compared 2% of the time

Myra Security DDoS Protection vs Cloudflare

Compared 2% of the time

Fastly vs Cloudflare

Compared 2% of the time

More Cloudflare Competitors

Fortinet FortiWeb vs Fortinet FortiAppSec Cloud

Compared 21% of the time

OpenText Dynamic Application Security Testing vs Fortinet FortiAppSec Cloud

Compared 10% of the time

Cloudflare Web Application Firewall vs Fortinet FortiAppSec Cloud

Compared 10% of the time

Aryaka Unified SASE Platform vs Fortinet FortiAppSec Cloud

Compared 9% of the time

Akamai App and API Protector vs Fortinet FortiAppSec Cloud

Compared 7% of the time

More Fortinet FortiAppSec Cloud Competitors

Fortinet FortiWeb vs Imperva Application Security Platform

Compared 6% of the time

Akamai vs Imperva Application Security Platform

Compared 6% of the time

F5 Advanced WAF vs Imperva Application Security Platform

Compared 3% of the time

AWS WAF vs Imperva Application Security Platform

Compared 3% of the time

Microsoft Azure Application Gateway vs Imperva Application Security Platform

Compared 3% of the time

More Imperva Application Security Platform Competitors

Product Reports

Buyer's Guide

Cloudflare

March 2026

Download Cloudflare product report

Buyer's Guide

Web Application Firewall (WAF)

March 2026

Download Fortinet FortiAppSec Cloud product report

Buyer's Guide

Imperva Application Security Platform

March 2026

Imperva Application Security Platform report

Download Imperva Application Security Platform product report

Also Known As

Cloudflare DNS

No data available

Imperva Bot Management, Imperva Web Application Firewall, Imperva API Security

Overview

Cloudflare enhances web performance and security with features like CDN caching and DDoS mitigation while providing easy DNS management and intuitive setup through its user-friendly dashboard.

Cloudflare is recognized for its comprehensive web security and performance solutions. Speed improvements are achieved through caching mechanisms and DDoS protection, combining ease of DNS management with flexible page rules. The robust analytics and threat insight tools provide valuable data, assisted by a user-friendly dashboard allowing quick setup and configuration. An API offers dynamic DNS settings ensuring low latency and high performance across the globe.

What are Cloudflare's key features?

CDN Caching: Enhances website speed through content delivery network caching.
Web Application Firewall: Protects websites from online threats.
DDoS Mitigation: Shields against distributed denial-of-service attacks.
DNS Management: Offers easy-to-use and flexible domain management.
SSL Certificates: Ensures secure connections between users and servers.
Analytics: Provides insights with robust analytics tools.

What benefits and ROI should users evaluate?

Enhanced Security: Strengthening web security with DDoS and firewall protection.
Speed Improvement: Faster content delivery with CDN caching.
Operational Simplicity: Simplifies website optimization through a user-friendly interface.
Scalable Solutions: Scales with global reach, lowering latency for improved performance.
Cost Efficiency: Offers layers of valuable functionality with pricing options.

Cloudflare finds utility across industries for DNS management and defense mechanisms. Its content delivery network assures fast content distribution and fortified security. Businesses integrate features like web application firewalls, load balancing, end-to-end SSL, and zero trust to protect websites from cyber threats while ensuring resilience and reliable performance.

Cloudflare

Fortinet FortiAppSec Cloud is a comprehensive security offering, designed to protect applications across cloud environments. It focuses on providing advanced security measures that cater to the needs of enterprises looking for robust application protection.

Fortinet FortiAppSec Cloud leverages an array of sophisticated technologies to offer top-tier security for cloud applications. It safeguards against threats by implementing features such as cutting-edge machine learning models and real-time threat intelligence. This ensures data integrity and application availability, crucial for maintaining normal business operations. By integrating seamlessly into cloud environments, Fortinet FortiAppSec Cloud offers a user-friendly experience that does not compromise on security.

What are the key features of Fortinet FortiAppSec Cloud?

Machine Learning Models: Employs AI for threat detection and prevention, enhancing security efficiency.
Real-Time Threat Intelligence: Offers timely updates to combat emerging threats.
Seamless Cloud Integration: Ensures easy deployment and operation within cloud infrastructures.
Scalability: Adapts to growing business needs, providing consistent security coverage.

What benefits should users expect when evaluating Fortinet FortiAppSec Cloud?

Cost Efficiency: Reduces expenses by preventing security breaches and minimizing downtime.
Enhanced Security Posture: Provides improved protection, reducing vulnerability exposure.
Operational Efficiency: Streamlines management, allowing IT teams to focus on strategic tasks.
Future-Proof Investment: Offers scalable security to meet evolving business demands.

Fortinet FortiAppSec Cloud is widely implemented across industries such as finance, healthcare, and e-commerce. Organizations in these fields benefit from its ability to secure sensitive data and maintain compliance with rigorous industry standards. Its adaptive design ensures that businesses can provide secure and reliable services to their customers at all times.

Fortinet

Imperva Application Security Platform delivers comprehensive and continuous web threat protection. Renowned for its ease of use, it shields web applications and databases from various cyber threats while integrating seamlessly with cloud and on-premises environments.

Imperva Application Security Platform protects web environments by offering advanced security measures against threats like DDoS attacks, SQL injections, and cross-site scripting. As a robust web application firewall, it provides extensive monitoring and bot management capabilities. The platform integrates content delivery networks for enhanced performance and scalability, while real-time traffic analysis ensures consistent protection. Despite its strengths, improvements can be made in policy management and customization options. Users seek better integration with third-party tools and more competitive pricing models. The inclusion of AI for enhanced analytics is also anticipated.

What are the key features of Imperva Application Security Platform?

Correlated Attack Validation: Enhances threat assessment by linking related security events.
Threat Radar: Offers visibility into potential and ongoing threats.
Virtual Patching: Provides protection against vulnerabilities without immediate code changes.
IncapRules: Allows creation of custom security policies.
DDoS Protection: Defends against large-scale distributed denial-of-service attacks.
CDN Integration: Improves content delivery speed and reliability.

What benefits should users look for in reviews?

User-Friendly Administration: Simplifies setup and ongoing management tasks.
Seamless Integration: Ensures smooth operation with existing infrastructure.
Comprehensive Threat Protection: Shields digital assets from a wide range of threats.
Hands-On Support: Provides timely and effective customer service assistance.

Imperva Application Security Platform is implemented in industries needing strong database and application protection. Companies use it to enforce geolocation restrictions and manage bots, benefiting sectors like finance and e-commerce where data security and threat monitoring are critical. Its ability to protect and ensure data accessibility makes it integral to business operations prioritizing cyber resilience.

Imperva

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.

Information Not Available

Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.

Buyer's Guide

Distributed Denial-of-Service (DDoS) Protection

March 2026

Download Free Report

Find out what your peers are saying about Radware, Cloudflare, NETSCOUT and others in Distributed Denial-of-Service (DDoS) Protection. Updated: March 2026.

DOWNLOAD NOW

884,797 professionals have used our research since 2012.

See our list of best Distributed Denial-of-Service (DDoS) Protection vendors, best CDN vendors, and best Web Application Firewall (WAF) vendors.

We monitor all Distributed Denial-of-Service (DDoS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.