Imperva Web Application Firewall vs NGINX App Protect comparison

Imperva and F5 are both solutions in the Web Application Firewall (WAF) category. Imperva is ranked #7 with an average rating of 8.8, while F5 is ranked #15 with an average rating of 8.6. Imperva holds a 5.8% mindshare in WAF, compared to F5’s 1.8% mindshare. Additionally, 97% of Imperva users are willing to recommend the solution, compared to 95% of F5 users who would recommend it.

Imperva Web Application Fir...

Read 52 Imperva Web Application Firewall reviews

4,789 Views
2,294 Comparison Views

97% willing to recommend

NGINX App Protect

Read 24 NGINX App Protect reviews

1,737 Views
834 Comparison Views

95% willing to recommend

Imperva Web Application Fir...

NGINX App Protect

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Jan 1, 2025

Imperva Web Application Firewall and NGINX App Protect are competitors in the web application security market. Imperva holds an edge with its advanced features and ease of deployment, while NGINX is favored for its flexibility and open-source nature.

Features: Imperva Web Application Firewall includes advanced attack validation, threat radar, and virtual patching, which enhance day-to-day operations. Its profiling capabilities reduce false positives by tailoring to specific web applications. Additionally, its scalable security offers seamless integration. NGINX App Protect provides flexibility with command-line control, auto-learning, bot protection, and force protection for HTTP session management. Its reverse proxy capability and open-source nature make it appealing to environments requiring robust traffic management.

Room for Improvement: Imperva needs to simplify policy management and improve the user interface. Users find policy differentiation challenging, and there's a need for better bot protection and support documentation. NGINX App Protect requires a user-friendly interface and support improvements. Users also find its license model complex and expensive, with a need for better signature updates and policy automation.

Ease of Deployment and Customer Service: Imperva offers diverse deployment models, including on-premises, public cloud, and hybrid cloud, with generally positive customer support. However, users suggest enhanced response time and technical expertise. NGINX App Protect also offers varied deployment options but faces criticism for high complexity in diverse infrastructures. Its technical support is considered less responsive, complicating deployments.

Pricing and ROI: Imperva is considered expensive but delivers high ROI, particularly in critical sectors. Users cite licensing complexity and costs as barriers but view it as a valuable investment. NGINX App Protect is also seen as costly, with prices comparable to leading solutions. Its instance-based approach offers some flexibility, though overall costs can increase rapidly. It is often considered a cheaper alternative to advanced WAFs, providing essential security features.

To learn more, read our detailed Imperva Web Application Firewall vs. NGINX App Protect Report (Updated: June 2025).

Buyer's Guide

Imperva Web Application Firewall vs. NGINX App Protect

June 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Imperva Web Application Fir...

Ranking in Web Application Firewall (WAF)

7th

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

No ranking in other categories

NGINX App Protect

Ranking in Web Application Firewall (WAF)

15th

Average Rating

8.4

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Container Security (21st), API Security (2nd)

Mindshare comparison

As of June 2025, in the Web Application Firewall (WAF) category, the mindshare of Imperva Web Application Firewall is 5.8%, down from 6.7% compared to the previous year. The mindshare of NGINX App Protect is 1.8%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Web Application Firewall (WAF)

Featured Reviews

Mitesh D Patel

Senior Technical Consultant- Cyber Security at Ivalue Infosolution

Effectively defends against threats like cross-site scripting (XSS), SQL injection, and others

It does bring value. For example, consider a BFSI customer. Their application is critical and represents their brand. Without a WAF, an attack could take their application down, harming their reputation. It leads to hampering the customer's workflow. With an Imperva WAF, they protect against attacks like DDoS or SQL injection, ensuring their application remains available and customers are happy. That's the main benefit for both the customer and the organization. The impact depends on the customer's use case. If their business primarily operates online, a CDN is beneficial for traffic optimization. Moreover, the integration options depend on the specific use case of our customers. Generally, integration capabilities are good with SIEM (Security Information and Event Management) parts.

Read full review

Tomaz Sobczak

Security System Engineer at Ascomp S.A.

Signature-based detection, DOS protection, and bot protection

NGINX App Protect is easier to automate and configure, or manage from an API. This is good for securing applications. However, it's not suitable for more complex tasks. NGINX App Protect positively impacted performance changes. There's a cache or it works like a proxy, so it can speed up applications. It can also offload some functions from servers, which NGINX can handle faster.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."

"There are some features that are configured by default, so even without doing much, it can still provide a level of protection."

"The tool's profiling feature maps all the web application directories and related components on the profile directory. It has improved the security of my client's website applications."

"Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance."

"If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency."

"The most important feature I have found to be the ease in how to do the backup and restores."

"The solution is very scalable. It is one of the most important features. You can also expand resources and features as well."

"Imperva Web Application Firewall is stable."

More Imperva Web Application Firewall pros

"It has the best documentation features."

"The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution."

"The most valuable feature of NGINX App Protect is the reverse proxy."

"It is a very good tool for load balancing."

"NGINX App Protect is stable."

"We were looking for a product that is capable of complete automation and a container based solution. It's working."

"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."

"The policies are flexible based on the technologies you use."

More NGINX App Protect pros

Cons

"It's a complicated tool to keep."

"I would like the solution to improve its support response time."

"Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself."

"It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."

"Sometimes, support tickets don't get addressed quickly."

"I would like to improve the tool's turnaround time in terms of support."

"They recently separated the WAF and the DAM management gateways in order for each of these to be managed from different areas, so I believe it now requires additional investments for what was previously a single complete solution."

"Sometimes our web application firewall will slow down."

More Imperva Web Application Firewall cons

"I encountered issues with NGINX App Protect while trying to upgrade custom rules."

"The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good."

"The dashboard could provide a more comprehensive view of the status of the connections."

"They could provide a better user interface."

"NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution."

"It's challenging if you need to go for a high throughput."

"Its technical support could be better."

"NGINX App Protect could improve security."

More NGINX App Protect cons

Pricing and Cost Advice

"The cost of this solution depends on the platform."

"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."

"The tool is expensive."

"It's an excellent product, but it can be very costly."

"The solution's pricing is an issue."

"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."

"We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive."

"There are a couple of different licensing models."

More Imperva Web Application Firewall pricing and cost advice

"The price of NGINX App Protect is not much different from the products that fall under the leader category of Gartner Magic Quadrant."

"Our licensing costs are about $40,000 a year."

"There are not any additional costs we had to pay to use NGINX App Protect."

"Really understand the licensing model, because we underestimated that."

"NGINX App Protect is expensive."

"The licensing fees for this solution are pretty expensive for what it does, but there is no alternative."

"There are no additional fees."

"There is a license needed to use NGINX App Protect."

More NGINX App Protect pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

12%

Insurance Company

Manufacturing Company

Computer Software Company

17%

Financial Services Firm

14%

Comms Service Provider

Retailer

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

My recommendation is Imperva.

See all answers

Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?

For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.

See all answers

DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?

You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...

See all answers

What do you like most about NGINX App Protect?

It's very easy to deploy.

See all answers

What is your experience regarding pricing and costs for NGINX App Protect?

I don't know the pricing yet because in my other project, I was not part of the buying side and I was just starting to look at options.

See all answers

What needs improvement with NGINX App Protect?

It would be better if it were easier to implement and if there was more information from F5 regarding hardware requirements and specifications to deploy the service, to avoid disruptions after impl...

See all answers

Comparisons

Microsoft Azure Application Gateway vs Imperva Web Application Firewall

Compared 15% of the time

F5 Advanced WAF vs Imperva Web Application Firewall

Compared 12% of the time

Azure Front Door vs Imperva Web Application Firewall

Compared 10% of the time

AWS WAF vs Imperva Web Application Firewall

Compared 8% of the time

Fortinet FortiWeb vs Imperva Web Application Firewall

Compared 7% of the time

More Imperva Web Application Firewall Competitors

Azure Front Door vs NGINX App Protect

Compared 19% of the time

Microsoft Azure Application Gateway vs NGINX App Protect

Compared 19% of the time

Fortinet FortiWeb vs NGINX App Protect

Compared 15% of the time

F5 Advanced WAF vs NGINX App Protect

Compared 9% of the time

AWS WAF vs NGINX App Protect

Compared 8% of the time

More NGINX App Protect Competitors

Product Reports

Buyer's Guide

Imperva Web Application Firewall

June 2025

Download Imperva Web Application Firewall product report

Buyer's Guide

NGINX App Protect

May 2025

Download NGINX App Protect product report

Also Known As

No data available

NGINX WAF, NGINX Web Application Firewall

Overview

Imperva Web Application Firewall is a versatile solution that protects web applications and databases from various attacks, including DDoS, cross-site scripting, and SQL injection attacks. It offers data security, availability, and access control and can be deployed on-premises or on the cloud.

The solution has good security against web attacks and offers advanced bot protection, API security, and mitigation features. Imperva WAF is easy to configure and deploy; it has good customer service and an excellent user interface.

Imperva

NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

Integrating security controls directly into the development automation pipeline
Applying and managing security for modern and distributed application environments such as containers and microservices
Providing the right level of security controls without impacting release and go-to-market velocity
Complying with security and regulatory requirements

NGINX App Protect offers:

Expanded security beyond basic signatures to ensure adequate controls
F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
Confidently run in “blocking” mode in production with proven F5 expertise
High‑confidence signatures for extremely low false positives
Increases visibility, integrating with third‑party analytics solutions
Integrates security and WAF natively into the CI/CD pipeline
Deploys as a lightweight software package that is agnostic of underlying infrastructure
Facilitates declarative policies for “security as code” and integration with DevOps tools
Decreases developer burden and provides feedback loop for quick security remediation
Accelerates time to market and reduces costs with DevSecOps‑automated security

Sample Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

Information Not Available

Buyer's Guide

Imperva Web Application Firewall vs. NGINX App Protect

June 2025

Free Report: Imperva Web Application Firewall vs. NGINX App Protect

Find out what your peers are saying about Imperva Web Application Firewall vs. NGINX App Protect and other solutions. Updated: June 2025.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our Imperva Web Application Firewall vs. NGINX App Protect report.

See our list of best Web Application Firewall (WAF) vendors.

We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.