Try our new research platform with insights from 80,000+ expert users

Imperva Web Application Firewall vs NGINX App Protect comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 1, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Imperva Web Application Fir...
Ranking in Web Application Firewall (WAF)
7th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
No ranking in other categories
NGINX App Protect
Ranking in Web Application Firewall (WAF)
15th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
24
Ranking in other categories
Container Security (21st), API Security (2nd)
 

Mindshare comparison

As of June 2025, in the Web Application Firewall (WAF) category, the mindshare of Imperva Web Application Firewall is 5.8%, down from 6.7% compared to the previous year. The mindshare of NGINX App Protect is 1.8%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Web Application Firewall (WAF)
 

Featured Reviews

Mitesh D Patel - PeerSpot reviewer
Effectively defends against threats like cross-site scripting (XSS), SQL injection, and others
It does bring value. For example, consider a BFSI customer. Their application is critical and represents their brand. Without a WAF, an attack could take their application down, harming their reputation. It leads to hampering the customer's workflow. With an Imperva WAF, they protect against attacks like DDoS or SQL injection, ensuring their application remains available and customers are happy. That's the main benefit for both the customer and the organization. The impact depends on the customer's use case. If their business primarily operates online, a CDN is beneficial for traffic optimization. Moreover, the integration options depend on the specific use case of our customers. Generally, integration capabilities are good with SIEM (Security Information and Event Management) parts.
Tomaz Sobczak - PeerSpot reviewer
Signature-based detection, DOS protection, and bot protection
NGINX App Protect is easier to automate and configure, or manage from an API. This is good for securing applications. However, it's not suitable for more complex tasks. NGINX App Protect positively impacted performance changes. There's a cache or it works like a proxy, so it can speed up applications. It can also offload some functions from servers, which NGINX can handle faster.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Learning mode and custom policies are helpful features."
"The solution is stable."
"I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel."
"The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."
"Imperva Web Application Firewall is stable."
"The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security."
"The solution is cloud-based and offers us good uptime. It has combined web and API security. Therefore, with one license, you access both application security and also API security."
"The most important feature I have found to be the ease in how to do the backup and restores."
"Overall, I rate NGINX App Protect between eight and nine."
"We were looking for a product that is capable of complete automation and a container based solution. It's working."
"I would say that the most valuable feature is the ability to operate in a DevOps environment and to be configured through API and pipeline by the developers themselves."
"The initial setup was simple and took three to four days."
"It is a very good tool for load balancing."
"It's very easy to deploy."
"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
 

Cons

"The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year."
"One potential improvement for Imperva is enhancing its alert system."
"Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis."
"Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved."
"It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that."
"It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."
"The tool's UI is complicated. It would be best to have a more accessible UI dashboard to make the job easier."
"The UI interface needs improvement."
"The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary."
"Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time."
"NGINX App Protect could improve security."
"The solution needs to be improved in the e-commerce portal."
"I encountered issues with NGINX App Protect while trying to upgrade custom rules."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."
"They could provide a better user interface."
 

Pricing and Cost Advice

"It is very costly, but the return on investment is very high. Its cost was around $70,000, and we got it back in just six months."
"We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive."
"There are a couple of different licensing models."
"Imperva Web Application Firewall's pricing is expensive."
"Everybody complains about the price of this solution."
"The solution's pricing is an issue."
"The tool is expensive."
"The price of Imperva Web Application Firewalls is expensive compared to others."
"The price of NGINX App Protect is not much different from the products that fall under the leader category of Gartner Magic Quadrant."
"The price of NGINX App Protect is approximately $3,000 annually. All of our licenses are observed by a managed service partner."
"The licensing fees for this solution are pretty expensive for what it does, but there is no alternative."
"There are not any additional costs we had to pay to use NGINX App Protect."
"Our licensing costs are about $40,000 a year."
"NGINX App Protect is expensive."
"The solution's price is reasonable."
"There are no additional fees."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
857,162 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
12%
Insurance Company
8%
Manufacturing Company
7%
Computer Software Company
17%
Financial Services Firm
14%
Comms Service Provider
9%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...
What is your experience regarding pricing and costs for NGINX App Protect?
I don't know the pricing yet because in my other project, I was not part of the buying side and I was just starting to look at options.
What needs improvement with NGINX App Protect?
It would be better if it were easier to implement and if there was more information from F5 regarding hardware requirements and specifications to deploy the service, to avoid disruptions after impl...
 

Also Known As

No data available
NGINX WAF, NGINX Web Application Firewall
 

Overview

 

Sample Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Information Not Available
Find out what your peers are saying about Imperva Web Application Firewall vs. NGINX App Protect and other solutions. Updated: June 2025.
857,162 professionals have used our research since 2012.