Try our new research platform with insights from 80,000+ expert users

Imperva Application Security Platform vs Sucuri comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 17, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Ranking in Distributed Denial-of-Service (DDoS) Protection
1st
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
76
Ranking in other categories
CDN (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (13th)
Imperva Application Securit...
Ranking in Distributed Denial-of-Service (DDoS) Protection
6th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
133
Ranking in other categories
CDN (7th), Web Application Firewall (WAF) (20th)
Sucuri
Ranking in Distributed Denial-of-Service (DDoS) Protection
20th
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
6
Ranking in other categories
Web Application Firewall (WAF) (26th), Domain Name System (DNS) Security (13th)
 

Featured Reviews

Carlos Alam Hernandez Baruch - PeerSpot reviewer
Fast and secure deployments simplify operations for government and fintech clients
It is a fast and secure DNS. It is very easy to deploy, and my customers are happy with this tool. Additionally, the CDN performance in Mexico is excellent, providing fast service and tools. It offers reliability during high-traffic periods, ensuring no impact on the environment. It helps my clients avoid using on-premise boxes, simplifying operations as they only use the prices on Cloudflare.
Bhupesh-Sharma - PeerSpot reviewer
Enhanced network security with effective threat filtering and good bot managing features
We use Imperva DDoS protection to safeguard our network from multiple attacks. It is especially useful to protect websites or applications by redirecting traffic to eliminate threats Imperva DDoS increases our uptime to 99.99% by filtering and managing traffic to ensure only genuine traffic…
David Shlingbaum - PeerSpot reviewer
Simple solution and good WAF
Sucuri could provide help for specific security alerts in-line instead of requiring users to search for it in the help section. Users get errors or EBAs, and if they want to read about it, they need to find it in the help section of the site. It would be more helpful to allow users to see more information and tips immediately from within the alert.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The attacker won't have details since my public IP is anonymous. It offers us good privacy."
"I get a lot of value from Cloudflare's API because it enables you to build a separate environment inside the solution. You can create a domain for performing test requests before you move to the production environment and connect various domains."
"It is easier to configure and develop documentation to see how we have configured firewalls."
"It's very user-friendly."
"It's a great product because it's scalable, has great coverage, and is mature with good defenses against DDoS attacks."
"The most valuable feature is its usability."
"The UI is good."
"Cloudflare has many features."
"We can prevent attacks or issues even before they happen."
"It blocks all types of attacks."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"There are a number of features that are valuable such as the account takeover and various antivirus features."
"The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand."
"The solution can be configured in just a couple of minutes."
"The compliance is the most valuable aspect."
"The solution is cloud-based and offers us good uptime. It has combined web and API security. Therefore, with one license, you access both application security and also API security."
"I use it as a WAF, which is basically a web firewall to monitor and block traffic to our web server."
"The initial setup was straightforward. Straight forward because the plugin can simply be installed and then it does its job. It's not complex, there is no learning curve. The online scan is simple, you put in the website address and the scan gives us a report on the browser itself. It's simple to use."
"The most valuable part is the analytics and visualization."
"Domain name scanning since it allows us to scan all our domain names and determine whether it has malware or if is reported as phishing."
"It significantly eases the workload and streamlines the initial setup required to protect a website."
"The initial setup was very easy."
 

Cons

"The solution could use more analytics on the backend to give us more insights into everything. More reports would be helpful."
"We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor."
"Support response time could be improved."
"Cloudflare could offer a better view or maybe dashboards of the main resources used in the client."
"There could be more courses with engineers. I like e-learning, however, having a specialist in a classroom is more comfortable for me."
"The pricing could be improved."
"Areas like how assessment, discovery, and payload are dealt with and how it all comes into your organization can be considered when trying to make suggestions to Cloudflare for improvements."
"There might be helpful if there was some web application firewall feature."
"An improvement for Imperva WAF would be to reduce the number of false positives and create more strong use cases based on AI/ML or behavioral analytics."
"A limited tool if you're looking to customize."
"One potential improvement for Imperva is enhancing its alert system."
"I think that better bot protection is needed in this solution."
"Imperva always needs to adjust to new versions of cyber attacks, it needs to be faster, improve the resiliency of the software of the solution."
"The rules surrounding the making of web applications could be improved."
"The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year."
"It's quite expensive."
"In terms of improvement, the cost factor is always there."
"The main improvement I would like to see is support for .NET applications. If they could include this feature, I would include more sites in the protection."
"I would rate this solution an eight out of ten. The reason is that we have found sometimes customers or Google saying that there is something wrong with the website but Sucuri says that the site is clean so we do have to look at the site manually which means that the Sucuri scan does not pick up anything and everything."
"Confident score: Currently it does not have one and there are cases that most websites flagged are false-positives."
"It would greatly benefit customers if they implemented an online chat or messaging system for quicker assistance."
"Sucuri could provide help for specific security alerts in-line instead of requiring users to search for it in the help section."
 

Pricing and Cost Advice

"The product's pricing is minimal compared to other products."
"A free version of the solution is available."
"The solution has many features but there are ones that you need to pay for. Sometimes you have to find out which is available for free and which you have to pay for."
"The price is reasonable."
"The tool is a premium product, so it is very expensive."
"The pricing for the service is reasonable, neither excessively cheap nor prohibitively expensive. It aligns well with the value of their solution."
"So far I use free tier and happy with it. You can subscribe to business package if needed."
"When you compare Cloudflare DNS to other solutions, such as Akamai, the price is reasonable."
"It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
"There are a couple of different licensing models."
"Imperva Web Application Firewall is expensive."
"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
"The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay."
"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."
"For enterprise contracts you will be in touch with a dedicated account manager who will guide you regarding licensing."
"There is a license or subscription renewal that our customers pay."
"The ROI has been very good. Because of the solution, I have a tax break. The site developers were not always experienced people. We used to pay more for cleaning up the site when it was infected. Now, we have peace of mind knowing that the solution will clean up the site and that we won't have to go through the unnecessary process of restoring it from a backup. The protection on the WAF and the measures for backups have also prevented our site from going down."
"I’d simply say it’s really worth it."
"Sucuri offers different plans, both the standard plan and an advanced plan. So there are different plans to choose from."
"It stands out as a more cost-effective option compared to other cloud-based security services like Cloudflare or JetPass."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
867,497 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Comms Service Provider
11%
Financial Services Firm
10%
Manufacturing Company
7%
Financial Services Firm
14%
Computer Software Company
13%
Manufacturing Company
9%
Comms Service Provider
6%
Computer Software Company
11%
Financial Services Firm
8%
Comms Service Provider
8%
Real Estate/Law Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise8
Large Enterprise25
By reviewers
Company SizeCount
Small Business83
Midsize Enterprise25
Large Enterprise61
No data available
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
Which Web Application Firewall (WAF) would you recommend? R&S or Imperva?
Imperva is a strong choice, given their security focus and ongoing R&D into the product in areas such as bot mana...
What do you like most about Imperva Incapsula?
We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing, setup costs, and licensing of Imperva DDoS are reasonable for the amount of technical capabilities provi...
What do you like most about Sucuri?
The initial setup was very easy.
What is your experience regarding pricing and costs for Sucuri?
The pricing is very reasonable. Sucuri offer other features as an add-on, such as backup, but these have an additiona...
What needs improvement with Sucuri?
The main improvement I would like to see is support for .NET applications. If they could include this feature, I woul...
 

Also Known As

Cloudflare DNS
Imperva Bot Management, Imperva Web Application Firewall, Imperva API Security
No data available
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
The Loft Salon, Tom McFarlin, WPBeginner, Taylor Town, Everything Everywhere, Financial Ducks in a Row, Chubstr, Real Advice Gal, Sujan Patel, Wallao, List25, School the World
Find out what your peers are saying about Imperva Application Security Platform vs. Sucuri and other solutions. Updated: September 2025.
867,497 professionals have used our research since 2012.