No more typing reviews! Try our Samantha, our new voice AI agent.

Imperva Application Security Platform Valuable Features

reviewer2818155 - PeerSpot reviewer
reviewer2818155
Senior Associate at a tech vendor with 10,001+ employees

The best features Imperva Application Security Platform offers include the ADC. Imperva releases their policies every 15 or 20 days, and we have almost covered all the OWASP Top 10 related issues.

In my day-to-day work, the ADC helps because Imperva updates the latest signatures, latest policies, and whatever the latest alerts have been found, creating their policies without requiring us to do a lot of work. I simply update the ADC, and whatever new policies are in Imperva are reflected on our platform as well. This allows me to communicate to the organization that we have the up-to-date policies regarding the latest attacks that have been identified.

Imperva Application Security Platform impacts our organization positively in many ways, such as protecting our applications. Additionally, during compliance audits, I can show what attacks we have prevented and how Imperva helps us mitigate threats. There is also bot protection and CAPTCHA features. I recall a time when we were facing attacks on an application; I identified the issue, and based on that, I created a rate-limiting policy on Imperva, which significantly helped our organization.

View full review »
ST
Stephen Tanimowo
Senior Cybersecurity Consultant at Cyberoutcome Limited

Some of the best features are the policy tuning, where you are able to tune policies the right way without stress or much hassle. The DDoS protection, the OWASP Top 10 feature, and the bot protection feature are also excellent. The API security feature is particularly valuable because most attackers do not try to come in from where it is expected. Most attackers attack the API that is being used on a platform.

The policy tuning is one of the easiest features that I know. Once you are trying to customize a policy, you just need to understand what kind of policy you are trying to customize, go through the right place from the security to policies, then create a policy. For example, you might be trying to set a policy to make sure that it does not save credit cards on a particular platform or website. That is basically one of the simplest ways of ensuring policy tuning works fine. It is one of the easiest features and I believe it has done a great deal for me in the aspect of operating Imperva Application Security Platform.

View full review »
Nigus Machin Amare - PeerSpot reviewer
Nigus Machin Amare
CTO at Malam Engineering PLC

For the fast response of signature-based comparisons, traffic will be matched against the solutions stored in the database to release actions if similarities occur. However, the main drawback for signature-based approaches happens when there is a new zero-day attack that is not in the database. Solutions usually include integrity with lab environments so that zero-day attack signatures are sent through subscriptions to provide the latest updates.

The comparison for API protection varies across solutions. For F5, API protection is part of WAF, and similarly for Fortinet. While Imperva Application Security Platform has basic features as part of WAF, its dedicated API protection solution is a strong point.

View full review »
Buyer's Guide
Imperva Application Security Platform
July 2026
Learn what your peers think about Imperva Application Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,016 professionals have used our research since 2012.
AL
Alianamarie Lachica
Soc Analyst at Cineplex Inc

The most helpful feature of Imperva Application Security Platform that we have been using is the dashboard, especially the alerts and the traffic reporting. We used it to provide a specific report and summary of what we saw on the specific website, specific attacks, and specific activities or events that were unusual or common. This allowed us to know if we needed to investigate something or if it was just a common occurrence.

Imperva Application Security Platform did improve our efficiency, especially during calls and meetings. We could provide a specific summary of reporting that we could share with the board or stakeholders to show what we saw every single day and what we were dealing with. They could see the clearer picture and bigger picture of what we were dealing with every single day, especially in terms of Imperva or the web application platform.

Based on the reporting that Imperva Application Security Platform provided us, it really did help save time. We were able to provide summarized reports, especially to the VP of the cyber security department who is not into the more technical aspects and wants to have a clearer picture through graphs. Imperva was able to provide specific graphs for each day. We could show him that there was a spike specifically for this website, and he could ask what about the other days and other times, and we could clearly show it to him. This gave him a clearer idea of the traffic or the incidents we were dealing with related to Imperva.

View full review »
reviewer2835783 - PeerSpot reviewer
reviewer2835783
Cyber Security Product Owner at a energy/utilities company with 10,001+ employees

What I found most effective about Imperva's WAF is that it has predefined rules covering many use cases, including compliance rules for PCI DSS and local country compliance. The customized rules based on application threats proved to be very useful, along with a good dashboard that, although somewhat complicated for beginners, becomes easy to manage at an expert level with good API integration and effective threat intelligence to detect threats.

After discussing the WAF, I believe Imperva has made significant advancements in its Cloud WAF offerings, which can now effectively protect against bot and DDoS attacks. This showcases a good advantage of being part of the Thales cybersecurity group while expanding its product range in the Cloud WAF space.

Imperva Application Security Platform has positively impacted my organization by providing strong protection for web applications, as many big companies in the UK use Imperva WAF as an essential protection layer, illustrating its effectiveness.

View full review »
MP
P Mayuranathan
Cybersecurity Consultant at Accenture Singapore Services Pte Ltd

The best features of Imperva Application Security Platform include its ease of use, as it offers both on-premises and cloud options, with minimal maintenance downtime during patching due to the recommended three gateways setup, allowing for resource monitoring while upgrading.

Imperva Application Security Platform positively impacts my organization by reducing CVE-related issues significantly, as we monitor and learn from reports generated during collaboration with respective teams.

We track the reduction in CVE-related issues through weekly and monthly meetings using Imperva Application Security Platform reports. Initially, there were over 1,500 vulnerabilities, but we managed to fix almost all of them within three months, leaving only two low severity issues outstanding.

View full review »
Sayan Gupta - PeerSpot reviewer
Sayan Gupta
SOC Analyst L1 at CMS-IT-SERVICES-PVT-LTD
Imperva Application Security Platform offers impressive features. I am using the WAF, which blocks each alert based on signature-based attacks. That is the most impressive aspect I have experienced.

There are many alerts in Imperva Application Security Platform. For example, there is an OWASP Top 10 alert called SSRF, which is server-side request forgery. If someone attempts to access the server, the WAF blocks that SSRF alert, or RCE, Remote Code Execution alert, blocking immediately based on the signature, not only by the payload or the IP address. That is very effective.

Imperva Application Security Platform has positively impacted my organization because every time an attacker uses a malicious payload or malicious signature that is already included in the signature database of the WAF application or Imperva application, the application directly blocks that particular signature immediately. This capability can help any organization achieve better security outcomes.

View full review »
Ravindra Reddy - PeerSpot reviewer
Ravindra Reddy
SOC Analyst at PwC

I interact with Imperva Application Security Platform by checking the action taken by Imperva Application Security Platform and also configuring the rules. It effectively works on blocking according to the rules we specify. It is the best tool for detection and mitigation of current web-related attacks.

In my experience, the best features of Imperva Application Security Platform include blocking malicious requests and checking the status of those requests. Each and every detail taken by Imperva Application Security Platform, I can note down, and I can take decisions.

The level of detail in the status reports from Imperva Application Security Platform is one hundred percent helpful for my work.

Imperva Application Security Platform positively impacts my organization by helping to mitigate web-related attacks. Our clients' web applications are kept very secure and safe.

View full review »
DA
DOYIN ABIODUN
Head of Tech at CRC Credit Bureau Limited

The best features Imperva Application Security Platform offers include DDoS protection, anti-DDoS capabilities, and connection protection against different malicious web attacks.

Imperva Application Security Platform has positively impacted my organization, as before its introduction, I usually had a lot of logs on my router, with many foreign attempts from anonymous IPs trying to gain access, including a lot of brute force logs. The CPU of the router would struggle with what it wasn't supposed to be doing while legitimate users suffered. Since implementing Imperva Application Security Platform WAF, as mentioned earlier, only legitimate traffic reaches the server and the router to request what they need, and of course, the response is given. This allows us to accommodate more legitimate traffic, faster and more securely.

While I can't provide a specific metric at this moment as I'm not in front of my system, I can confidently say that we have significantly noticed improved performance in terms of latency, an increased number of requests we can handle, and a reduction in attack attempts.

View full review »
KS10 - PeerSpot reviewer
KS10
Senior Presales Consultant at Techlab security

I have experience with the real-time traffic inspection feature of Imperva Application Security Platform, and it helps with network security.

I believe the reputational analysis in Imperva Application Security Platform is effective for blocking security threats before impact. I also believe that behavioral and signature-based techniques help to improve threat detection accuracy.

I see valuable benefits from advanced detection and traffic profiling during DDoS attacks, and I track some metrics related to DDoS protection performance.

View full review »
reviewer2818005 - PeerSpot reviewer
reviewer2818005
IT Security Analyst & Engineer (Project, Remote) Australia-Europe at a manufacturing company with 10,001+ employees

The best features Imperva Application Security Platform offers are for speed and protection. There is runtime and zero protection, and we have the sub and sub plus protection.

The speed and protection features of Imperva Application Security Platform help my team day-to-day by providing safe and clear access to the website. For example, my company is a multinational company that experiences many attacks, such as DDoS attacks, hitting the general website of the company before. The protection protects all of the websites in Imperva, so accessing the website is safer right now, not disrupted by DDoS attacks.

Imperva Application Security Platform has positively impacted my organization by making the website more secure. It reduces the DDoS attacks and reduces the attacks from threat actors, including SQL Injection and zero-day attacks, by using dynamic application profiling from Imperva. This is very helpful for my company as it reduces the incidents from the website.

View full review »
reviewer1247523 - PeerSpot reviewer
reviewer1247523
Head of Sales Services Department at a comms service provider with 51-200 employees

Over the seven years, the most valuable features of Imperva DDoS that I have found are related to DDoS attacks, which are a group of attacks, and not all of them can be resolved on the endpoint level before the website. Using the web firewall before the website is a common use case to protect against malicious requests to the website.

I have utilized Imperva's Intelligent Traffic Filtering feature. This feature helps me understand how the attack is progressing and what is happening inside the requests to our website. It allows me to granularly grant or deny access to certain parts of our website. This helps when we know our customers and the types of requests that can be sent from them, enabling us to block some malicious requests.

Imperva DDoS has User Behavior Analytics and Threat Intelligence on its board, and this helps us to be protected proactively. Imperva DDoS connects to its database of threats, storing whole information about attacks all over the world in one simple engine. Everyone can use this feature, which can connect to this engine and get information about what is going on at the world level. That is the way to be protected at the company's level.

The integration capabilities of Imperva DDoS are very easy and simple. We can run it in 2 hours.

View full review »
DU
Diego Uchofen
Ingeniero Preventa at Imperia

Imperva Application Security Platform allows you to enhance your application security posture. Among the best features that Imperva Application Security Platform offers, the policies are very dynamic, and it also has profiling at the application level that allows you to work in this mode.

I would like to highlight especially the ThreatRadar feature, which is an additional subscription, and ThreatRadar helps with threat intelligence by allowing you to block advanced attacks as well as mitigate risks more effectively.

Imperva Application Security Platform positively impacts us because we have a critical website, so by placing a WAF of Imperva's quality, it allows us to have visibility and granular control over the various attacks that can occur on the website.

A concrete improvement I have seen thanks to Imperva Application Security Platform is that it has decreased the level of connections to the final server. The specific improvement is that the connections that reach the server are fewer because Imperva is already filtering them at the WAF stage.

View full review »
reviewer2833269 - PeerSpot reviewer
reviewer2833269
Cybersecurity Specialist at a healthcare company with 1,001-5,000 employees

Imperva Application Security Platform offers features such as Attack Analytics.

Attack Analytics has helped us understand what traffic is being received by our applications, and based on that, we have created the policies. The false positives have been reduced, saving a lot of time for us to work on other important tasks rather than wasting time on addressing those false positives.

Imperva Application Security Platform has considerably improved our web application security posture and it has also helped us design our applications with security as the primary concern. Before using Imperva Application Security Platform, we received many attacks, such as command injection attacks, SQL injection attacks, and even though we were using a niche web application firewall, we were not able to tackle those attacks. After moving to Imperva Application Security Platform, these attacks have been prevented significantly, and the attacks on the initial level have been considerably reduced.

View full review »
reviewer2817948 - PeerSpot reviewer
reviewer2817948
Senior Technical Consultant at a tech vendor with 11-50 employees

Imperva Application Security Platform offers customization of security policies, allowing me to create policies tailored to my environment.

The rate limiting policy in Imperva Application Security Platform works based on usage numbers and has proven valuable for our operations.

Imperva Application Security Platform is user-friendly, and I can maintain a customized dashboard to monitor the utilization of all gateways in day-to-day operations.

Imperva Application Security Platform serves as the base pillar for applications to grant or deny access appropriately.

From a compliance perspective, Imperva Application Security Platform has been an improvement, as it has passed all compliance processes.

View full review »
reviewer2541525 - PeerSpot reviewer
reviewer2541525
Principal Cyber Prevent and Defense Engineer at a comms service provider with 1,001-5,000 employees

It's very simple to implement. It works right out of the box once you integrate the application. It does the learning for you and starts applying relevant signatures. 

It's effective in protecting against different kinds of attacks. For example, it can mitigate DDoS attacks and block application layer attacks like SQL injection, HTTP, and cross-site scripting attacks. The latency is pretty low.

View full review »
BS
Bhupesh-Sharma
Large account Manager at Softcell Technologies Limited

The bot management features are very effective, as they help filter unwanted traffic using keywords. Imperva's ability to filter out non-genuine traffic provides a significant improvement to security and performance.

View full review »
BS
Bhupesh-Sharma
Large account Manager at Softcell Technologies Limited

The solution can be configured in just a couple of minutes. It ensures 99.7% availability for my applications. It provides an additional layer of security for web applications and other applications, including mobile applications. It protects my environment and helps maintain my reputation in the market.

View full review »
Mitesh D Patel - PeerSpot reviewer
Mitesh D Patel
Senior Technical Consultant- Cyber Security at Ivalue Infosolution

While a Web Application Firewall (WAF) doesn't directly protect against viruses, it's crucial for application security. 

It defends against threats like cross-site scripting (XSS), SQL injection, and others. This safeguards your application or website.

View full review »
reviewer2351487 - PeerSpot reviewer
reviewer2351487
Technical Consultant - Presales at a tech services company with 51-200 employees

There are many features. There is ease of deployment. You can deploy the Imperva Web Application Firewall in two to three minutes. After that, you have to set the policies. For setting policies, you have toggle buttons. You can turn something on or off.

Writing rules is very easy. There is a toggle button. You do not have to write the parsers and rules. You do not have to be well-versed in it. Anybody who works with the Imperva console for a month can master the solution.

View full review »
Chetan Chawla - PeerSpot reviewer
Chetan Chawla
Lead Product Security Architect at a tech vendor with 1,001-5,000 employees

I worked as a consultant for the customer and was part of a design and deployment team for Imperva API Security.

View full review »
DerrickAkankwasa - PeerSpot reviewer
DerrickAkankwasa
Cyber Security Engineer at Isolutions Associates Ltd (ISOLS)

For Linux protection, the most important feature is layer seven DDoS protection, which focuses on application-level threats. Imperva does offer layer three DDoS protection, but that's less common in my region. 

View full review »
reviewer2398995 - PeerSpot reviewer
reviewer2398995
Senior DevOps Consultant at a computer software company with 10,001+ employees

Imperva DDoS helps us automate production. The client had specific requirements for a cloud project in the financial sector.

View full review »
RiaanDu Preez - PeerSpot reviewer
RiaanDu Preez
Senior Cyber Security Specialist Architect at a outsourcing company with 11-50 employees

We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.

View full review »
EG
Elmano Francisco Gonga
IT Security Analyst at Banco de Fomento Angola

The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications. This is crucial because it shields web applications from attacks. Another notable feature is its use of artificial intelligence for better security. Additionally, Imperva offers simulation for studying infrastructure and hybrid infrastructure protection, which are beneficial for overall security. However, the standout feature remains its knowledge base, as, without adequate attack signature knowledge, security can be compromised.

View full review »
reviewer2586675 - PeerSpot reviewer
reviewer2586675
Security Consultant at a university with 1,001-5,000 employees

The valuable features of Imperva WAF include its effective security breach prevention through automatically updating rules. The support team answers cases quickly as well.

View full review »
reviewer2584497 - PeerSpot reviewer
reviewer2584497
Manager, Information Technology Network Security at a financial services firm with 201-500 employees

Empower administration is user-friendly, and we do not need much for managing day-to-day operations. It is easy to use and has good security. Also, it is very customizable, especially for controlling web browsers and devices.

View full review »
RullySaputra - PeerSpot reviewer
RullySaputra
Technical Consultant at Truvisor

Imperva Cloud WAF would be the most powerful option. It uses cloud-based signatures, which are constantly updated. This is different from the on-premises version, where the signature updates might be less frequent.

Imperva has basic reporting templates. We can use those, and we can also create custom reports. However, customization is limited to labels and structure – we can't change the actual content of the reports. For that, we need to use Imperva Compass.

Overall, I would rate the user experience an eight out of ten, with ten being good experience. 

View full review »
FG
Fedhasa Gelalcha
Director, Information System Security at a financial services firm with 201-500 employees

The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network.

View full review »
TF
Tom Foale
CTO at Klaatu IT Security Ltd

We can look after an entire what used to be a Class C network/24. Now, they could do single IP addresses, so they can protect a single IP address, and they have a three-second SLA to stop an attack. They back that up with a very large amount of money as well, so you've got a guarantee on it.

View full review »
PreethamSingh - PeerSpot reviewer
PreethamSingh
Principal Cloud Architect at a computer software company with 5,001-10,000 employees

Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services.

View full review »
reviewer2308284 - PeerSpot reviewer
reviewer2308284
Solutions Engineer at a tech services company with 1,001-5,000 employees

If the clients have requirements for APIs and microservices, we can offer such services with the help of the solution. We can offer it as a security solution that protects APIs and microservices. Imperva’s real-time monitoring makes it very easy for administrators to monitor their existing web applications.

View full review »
RiaanDu Preez - PeerSpot reviewer
RiaanDu Preez
Senior Cyber Security Specialist Architect at a outsourcing company with 11-50 employees

If something goes wrong, there is a quick switch between nodes, wherever there's an attack against a specific area. The security setup is reasonably easy. It's easy to do setups, rules, and integrations. The backend team is also willing to help if there are questions that we cannot answer.

View full review »
reviewer2159601 - PeerSpot reviewer
reviewer2159601
Manager- Secure Web Defense- Perimeter Security at a financial services firm with 10,001+ employees

Imperva DDoS is fairly stable, and its availability is quite high. I haven't faced any downtime or system instability issues with the solution.

View full review »
reviewer2179638 - PeerSpot reviewer
reviewer2179638
Application Security Engineer at a insurance company with 10,001+ employees

I am impressed with the product's automatic bot mechanism. It also gives us the control to create our own custom bot rules. 

View full review »
Rakesh-Gogane - PeerSpot reviewer
Rakesh-Gogane
Principal Security Architect at Nagarro

Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code.

View full review »
Claudio Colombo - PeerSpot reviewer
Claudio Colombo
CTO at Sorint.Lab

Imperva is easy to use and deploy. The UI is excellent.

View full review »
Anuraj Nair - PeerSpot reviewer
Anuraj Nair
Presales Engineer at SNSIN

The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself.

View full review »
Fairuz Zazli - PeerSpot reviewer
Fairuz Zazli
Lead Client Service Manager at Nexagate Sdn Bhd

One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise. Either way, you can use it, and it's quite easy. 

It's quite easy to deploy. It is also a self-managed service. It's quite straightforward.

They do provide updates on a quarterly or half-yearly basis.

View full review »
BI
Ben Izra Dacudao
Sales Executive at EVVO LABS

Imperva Incapsula has many valuable features. One, it protects the top 10 OWAS vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code.

View full review »
reviewer1281888 - PeerSpot reviewer
reviewer1281888
IT Senior Manager at a outsourcing company with 10,001+ employees

The most valuable features are DDoS protection. The Incapsula environment helps us monitor all the web activity. All the web activity is passed through their WAF cloud services, then that can help us to monitor those activities. That can help protect against DDoS hacking.

View full review »
AD
Amarildo De Mattos
Global Network and Cyber Security Project Manager at a manufacturing company with 10,001+ employees

I find the configurability of the tools and the ease of operation to be the most valuable feature of Imperva.

View full review »
reviewer1358583 - PeerSpot reviewer
reviewer1358583
Application Security Engineer at a insurance company with 10,001+ employees

The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security.

View full review »
reviewer1581819 - PeerSpot reviewer
reviewer1581819
Solutions Architect at a security firm with 51-200 employees

It's very pretty easy to onboard the URL. One of the unique features included with Imperva is its advanced bot protection. In addition the base licensing modules with most of the features.

In terms of features, Imperva is quite good; it outperforms its competitors.

View full review »
EW
Etienne WEHRLE
CDN & Cybersecurity Engineer - Web performance & security at CDN Tech / Ecritel

-WAF protection works almost out-of-the-box

-Anti-DDoS mitigation in less than 1s, I saw it many time in production, I can say it works

-CDN has high performances, and the Smart Caching mode is really "smart" (you can do some efficient caching even if you're not a specialist)

-It's a unique interface for managing security and performance aspects, we don't need to go through multiples providers to manages these aspects.

View full review »
reviewer1358583 - PeerSpot reviewer
reviewer1358583
Application Security Engineer at a insurance company with 10,001+ employees

The most valuable feature is that it is cloud-based and we do not need to have an appliance for it in house.  

View full review »
AU
Andrey Ustynov
Data analyst at Kyivstar

Protection is the best solution since it has profile functionality.

View full review »
Roi-Nahari - PeerSpot reviewer
Roi-Nahari
CTO at CyberApp

The solution has the best volumetric DDoS attacks feature.

View full review »
IOANNIS  Katsaounis - PeerSpot reviewer
IOANNIS Katsaounis
Solutions Architect at Uni Systems

I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel

View full review »
Kevin Juma - PeerSpot reviewer
Kevin Juma
Technology Operations Manager, Global IT at a tech services company with 11-50 employees

The Imperva Web Application Firewall feature I have found the most valuable is the ease of deployment. The solution's customer service is good as well. 

View full review »
Sonny Bernard - PeerSpot reviewer
Sonny Bernard
Security Consultant at FPG Technologies and Solutions LTD

The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand.

View full review »
reviewer1946217 - PeerSpot reviewer
reviewer1946217
Manager at a tech services company with 1,001-5,000 employees

The solution integrates seamlessly with other tools and has a good alert mechanism. 

The solution provides good protection against OWASP top-ten attacks.

View full review »
Akhilesh Mishra - PeerSpot reviewer
Akhilesh Mishra
Technical Lead Pre-Sales at M.TECH Solutions India Pvt. Ltd.

The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis.

View full review »
reviewer1484703 - PeerSpot reviewer
reviewer1484703
CEO at a tech services company with 1-10 employees

Imperva is really amazing, feature wise and performance wise.

Integration with IBM AS/400 and Db2 is okay.

View full review »
reviewer1803495 - PeerSpot reviewer
reviewer1803495
SOAR Consultant at a tech services company with 1,001-5,000 employees

The mitigation feature is what I find most valuable in Imperva Web Application Firewall. The interface of the cloud version of this solution is also good.

View full review »
TA
Tesfa Alazar
Chief Information Security Consultant at V-Tech

There are a number of features that are valuable such as the account takeover and various antivirus features.

View full review »
SS
SumedhSalve
GA Consultant Cyber Security at a tech services company with 51-200 employees

Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva.

It is quite proficient in terms of logs reports, and it provides tight control for policy configuration. So, there can't be any unwanted applications on the internal LAN site. It is quite restrictive, which is a plus point. The sizing of an application is quite easy to understand while we are configuring and deploying Imperva.

View full review »
LR
LuisRodriguez1
Support Manager at Sefisa

There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well.

View full review »
it_user1670508 - PeerSpot reviewer
it_user1670508
Director at IT Big Bang

Imperva makes it easier for us to put everything in code; we use Terraform to deploy our infrastructure. 

View full review »
KL
Karthik Ls
Team Lead Senior Technical Engineer at a tech services company with 51-200 employees

Imperva is a good solution.

It has fewer false positives. It is very simple to maintain the device. It is also simple to configure. You don't need to have any HTTP knowledge or understand the HTTP programming languages when it comes to configuring the device.

View full review »
reviewer1059231 - PeerSpot reviewer
reviewer1059231
Technical Account Manager at a tech services company with 201-500 employees

The product is very good. 

It's so easy to do the deployment. The installation is very straightforward. You can't even compare it to others on the market. It's that easy.

The features on offer are very nice.

The solution is stable.

The licensing setup makes the product easy to scale. 

The pricing is very good. 

View full review »
reviewer1597650 - PeerSpot reviewer
reviewer1597650
Security Engineering at a computer software company with 5,001-10,000 employees

As a system, it's very effective at blocking potentially malicious items. The security is very good.

The solution can scale.

The stability has been pretty good.

Technical support is helpful.

The initial setup is rather straightforward.

View full review »
reviewer1538052 - PeerSpot reviewer
reviewer1538052
Manager Technique at a computer software company with 11-50 employees

DDoS protection and WAF are the most valuable features. It is easy to deploy a service. It is easy and quick to deploy to a new website.

View full review »
it_user1563954 - PeerSpot reviewer
it_user1563954
Senior Software Developer at a computer software company with 1,001-5,000 employees

The solution offers good security against a variety of web attacks.

The protection from DDoS attacks is very useful. The DDoS attack is a very powerful attack that can harm a company's services. If an application is deployed to any web server or database our service will slow and will go down. A user would not be able to access our service until we can fix the issue. It's a deal if a company can avoid getting hit with DDoS attacks and having something that can effectively protect a company is extremely useful.

The solution has been quite stable. I have not seen any bugs at all.

View full review »
reviewer1529571 - PeerSpot reviewer
reviewer1529571
Acquisitions Leader at a healthcare company with 10,001+ employees

The most important feature I have found to be the ease in how to do the backup and restores.

View full review »
reviewer1499046 - PeerSpot reviewer
reviewer1499046
Vice President, Global IT Security at a insurance company with 5,001-10,000 employees

The solution is very good at intercepting traffic before it gets to our data centers. It saves us some security hits and top-level bad guy stuff. It's very good at protecting us. It keeps anything malicious off of our infrastructure.

View full review »
reviewer1422225 - PeerSpot reviewer
reviewer1422225
CTO at a tech services company with 11-50 employees

Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it.

The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product. 

View full review »
reviewer1407915 - PeerSpot reviewer
reviewer1407915
Information System Security Manager at a pharma/biotech company with 10,001+ employees

I'm very happy with the solution. The most valuable aspect of it is that it blocks all types of attacks.

View full review »
reviewer1262313 - PeerSpot reviewer
reviewer1262313
Solutions Architect at a financial services firm with 201-500 employees

The solution's most valuable aspect is that it is easy to configure. 

The solution keeps itself up to date itself and there's no customization that we need to do. It makes it extremely easy and cut back on the amount of work required, and saves us on man-hours.

The initial setup is fairly easy.

View full review »
Mustapha - PeerSpot reviewer
Mustapha
Senior Security Engineer at a agriculture with 11-50 employees

If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency. This is better than the competitors.

Imperva SecureSphere integrates well with other tools.

View full review »
reviewer1322772 - PeerSpot reviewer
reviewer1322772
Information Security Manager at a transportation company with 1,001-5,000 employees

The most valuable features for us are the DDoS and Bot.

View full review »
SA
OLUWASEGUN ADERIBIGBE
Manager - IT Security at a tech services company with 11-50 employees

For this part of the world, several things are important. It is important that the clients have the features which they get to use to get against bad traffic, of course as this is the reason for the product. But especially for customers in this region, it is also the opportunity to use the service platform. They do not have to own it or maintain it and they may not otherwise have the capacity to deploy this type of solution. Instead, they can pay for it as a service. It works so well here that even some of the banks are using it.  

The most valuable feature is the ability to mitigate bad traffic. I think the highest traffic we would experience can be handled by the Incapsula Cloud WAF because it can scale. So if there is some attack on a website and there is high volume, instead of it disrupting the website and disrupting business operations, it is not a problem for the customer's website. That ability to mitigate problems with the traffic is why the clients use the product to protect their valuable data and customer interactions.  

View full review »
DS
Dian Sabev
Security Expert at a tech services company with 1-10 employees

The most important aspect of the solution is the DDoS feature.

The solution has a very good interface.

Last year, the solution added a lot of additional improvements and functionalities, and for now, the features they have offered us have been great. 

They recently added some account takeover protections that have been really useful.

View full review »
Roi-Nahari - PeerSpot reviewer
Roi-Nahari
CTO at CyberApp

This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.

View full review »
reviewer805227 - PeerSpot reviewer
reviewer805227
Head of IT at a computer software company with 11-50 employees

The dynamic profiling of websites is the solution's most valuable feature. The security is also good.

View full review »
TA
Tesfa Alazar
Chief Information Security Consultant at V-Tech

Data masking is the most valuable feature of this solution. 

View full review »
MS
Directhost465
Director Of Hosting Services at a tech services company with 51-200 employees

I found that it is very easy to set everything up. I like the user-friendly interface.

View full review »
OO
OluwoleOlajide
Cloud Solutions Architect at Snapnet Limited

Data marking is the solution's most valuable feature.

View full review »
JS
Joakim Sörqvist
Senior Systems Engineer - Channel Manager at Exclusive GRP

They're quite easy to install and quite easy to set up. Clients really like that. Especially when you're dealing with the cloud, it's really easy. 

It also has the ability to integrate with other firewalls. That's really important today. Most end-users are looking for something that can integrate with other solutions and with APIs. They're looking for solutions that have an open API. 

View full review »
AJ
AjayJawla
Technical Sales Director at Revere Technologies

The most valuable features for our organization are auditing capabilities and compliances. The product meets the needs of our business model and we can see the health of the architecture at a glance. There are some instances where a client needs to meet with compliances in their industry, and this product is capable of meeting those needs.

View full review »
BM
Srinfosecr67
Sr Associate Information Security at a tech services company with 51-200 employees

The solution has good DDoS protection, and some good common features, such as no attack surfaces, parameter sanitization, and attack analytics.

View full review »
JohnTamakloe - PeerSpot reviewer
JohnTamakloe
Solutions Architect at ostec

The most valuable feature is the out-of-the-box detection engine. It has the ability to detect some of these things without being configured. There are some features that are configured by default, so even without doing much, it can still provide a level of protection.

View full review »
GO
George Ondego
Manager, IS Security & Infrastructure at Fintech Kenya Limited

The most valuable feature of this solution is web application security.

This is a user-friendly solution.

This solution has good performance ratings.

View full review »
NV
Natalia Venegas
Specialist Engineer at Entel Networks S.A

The compliance is the most valuable aspect.

View full review »
OS
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services

It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.

The interface is very user-friendly. You get used to it. It's very convenient.

View full review »
it_user817755 - PeerSpot reviewer
it_user817755
Information Security Analyst at a tech vendor with 10,001+ employees

Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this.

View full review »
it_user818130 - PeerSpot reviewer
it_user818130
System Administrator at a tech services company with 51-200 employees
  1. I like to see the security. On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user. For this feature, I like it because I can see information quickly without going into long logs and details. It is very comprehensive regarding what is going on behind the scenes on the website traffic.
  2. The option saying activity launch. On the activity log, I can see the exact details, the visit, and the threat. If I click on the details, it shows me exactly where it came from, who the user agent is, and what page they tried to enter. Then, it gives me the session. Also, I have the option to put them on the blacklist or the white list. Therefore, I like this option because it is more detailed. If someone causes more than one of the incidents, then they are maybe suspicious, and we want to learn more about it. Here we can get the data, and under the data, we can see the IP addresses, therefore tracking and copying that IP address and putting it under IP lookup.
  3. The dashboard is good and user-friendly. You can easily understand it, even if you don't have any prior knowledge. Looking at it, you can easily see what is happening because it is a very user-friendly menu and user interface. I don't come from this exact background, but it seems I am supposed to manage and work with this stuff. Because of the user interface, I can understand even without having prior knowledge or education of it.
  4. The real-time option is cool as well. On the real time, you can see live traffic, which is flowing into our website. 
View full review »
it_user814458 - PeerSpot reviewer
it_user814458
Manager Business Development at Seguridad América

More than features, the complete solution is valuable for everything it delivers and the protection it offers.

View full review »
it_user663045 - PeerSpot reviewer
it_user663045
Cyber and Information Security Officer at a energy/utilities company with 10,001+ employees
  • Learning mode.
  • Custom policies.
  • Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.
View full review »
it_user162618 - PeerSpot reviewer
it_user162618
Security Consultant at a security firm with 501-1,000 employees

The ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action.

It is handy to retrieve and download the logs to line up separate actions to identify possible intruder behaviour.

View full review »
it_user316611 - PeerSpot reviewer
it_user316611
Head Of Information Security at IronFX Global Limited

IncapRules is one of the most valuable features, as you can create your own security and access control rules on top of your security policy. Using IncapRules we were able to easily block Layer 7 DDoS attacks several times.

Real-time monitoring is also a great tool, as you may watch several parameters in real time.

View full review »
it_user638760 - PeerSpot reviewer
it_user638760
System Administator at a tech services company with 201-500 employees
  • DDoS protection
  • CDN
  • WAF
  • Good API for managing services
View full review »
it_user623562 - PeerSpot reviewer
it_user623562
Application Security Architect at a hospitality company with 10,001+ employees

Hands down, the WAF is the most valuable feature; being able to identify, block, whitelist or blacklist as needed, are all valuable.

View full review »
Syed Ubaid Ali Jafri - PeerSpot reviewer
Syed Ubaid Ali Jafri
Head of Cyber Defense & Offensive Security at Habib Bank Limited

Content monitoring is a marvelous feature that I haven't seen in other Web Application Firewalls. It also has a good content filter. We do a lot of penetration testing on our servers, and the Imperva standalone solution for identifying a payload and its signature by deep analysis was very good.

View full review »
it_user577338 - PeerSpot reviewer
it_user577338
Sr. Consultant at a tech services company with 51-200 employees

The most valuable feature is the grouping of multiple targets via the scan policy. It is valuable because of the large number of targets and governmental requirements to conduct periodic scans.

View full review »
it_user569916 - PeerSpot reviewer
it_user569916
Network and Security Engineer at a consumer goods company with 1,001-5,000 employees
  • Very easy to configure, which quickly allows us to add significant security to our websites.
  • Nice dashboard, which shows us details about traffic, security, performance, real-time utilization and an activity log.
  • Easy to configure caching, content optimization and other advanced settings, which allows us to improve the customer experience if necessary, or keep the defaults if any change is unnecessary.
View full review »
it_user609369 - PeerSpot reviewer
it_user609369
Service Manager at a tech services company with 51-200 employees
  • Easy-to-set-up CDN with PCI-level IDS/IPS
View full review »
it_user561657 - PeerSpot reviewer
it_user561657
Systems & Infrastructure Architect at a insurance company with 1,001-5,000 employees
  • Bad-IP blocking and signature-based blocking for web application security
View full review »
SB
Sudesh Kumar Bhadouria
Technical Consultant at a tech services company with 10,001+ employees
  • Extensive cache control like cache purging and cache rule propagation
  • Availability features
  • Cross-datacenter solution (active and passive environments)
  • CDN and DDoS protection with 24/7 support
View full review »
it_user574089 - PeerSpot reviewer
it_user574089
Security Architect at a financial services firm with 501-1,000 employees

Infrastructure protection (anti-DDoS): Imperva anti-DDoS protection has the well-known value of having lots of distributed nodes around the world, making it the best value for DDoS protection. They also include protection against almost all known DDoS attack methods.

View full review »
it_user601449 - PeerSpot reviewer
it_user601449
AVP Product Development and Architecture at a media company with 1,001-5,000 employees

WAF configuration is the most valuable feature.

View full review »
AM
Muhammad Nurazhan Moin
Senior Web Manager at a university with 501-1,000 employees

Incapsula:

  • Strength of DDoS and WAF
  • Simple dashboard
  • Analytics
  • SSL

CloudFlare:

  • Ease of use
  • Simple dashboard
  • DNS management
  • CDN
  • SSL
View full review »
it_user573036 - PeerSpot reviewer
it_user573036
Client Relations Coordinator at a marketing services firm

I like the interface, customer service, and info updates.

View full review »
it_user573036 - PeerSpot reviewer
it_user573036
Client Relations Coordinator at a marketing services firm

Customer Support has been the biggest help in dire situations. Their control panel is nice but support has been the best.

View full review »
it_user571794 - PeerSpot reviewer
it_user571794
Network Security Consultant at a tech consulting company with 51-200 employees

IncapRules, Login Protect & CDN are the most valuable features of Incapsula.

View full review »
it_user570156 - PeerSpot reviewer
it_user570156
Director at a tech company with 51-200 employees
it_user570582 - PeerSpot reviewer
it_user570582
Information Security Consultant at a tech services company with 51-200 employees

Load balancing and DDoS protection.

View full review »
it_user571110 - PeerSpot reviewer
it_user571110
System Adminisrator at a tech services company with 51-200 employees

Security rules and DDoS protection.

View full review »
it_user508662 - PeerSpot reviewer
it_user508662
IT & DevOps Engineer at a comms service provider with 501-1,000 employees

We are using Incapsula as our web application firewall and for DDoS protection, and it performs really well at its job. Incapsula packs some great features, such as SSL support, content caching and the ability to 'play' with the rules as much as you'd like.

View full review »
it_user510588 - PeerSpot reviewer
it_user510588
IT Director at a tech services company with 51-200 employees
  • Hidden origin
  • IP whitelist
  • Country blocking
  • Anti-DDoS
  • Special page protection (two-factor authentication)
View full review »
it_user507306 - PeerSpot reviewer
it_user507306
Digital Solutions Architect | Development Manager | Technical Business Analyst at Corporate SEO
  • Faultless inlining & minification: Every competing product breaks the layout, but we are yet to see Incapsula break a site
  • Installation requires just a CNAME entry, avoiding the risk of email downtime.
  • Instant PCI compliance and protection from the OWASP Top 10 vulnerabilities.
  • CDN & DDoS protection.
View full review »
it_user504216 - PeerSpot reviewer
it_user504216
Systems Administrator at a financial services firm with 501-1,000 employees

The added security is the biggest bonus feature, as our websites are not usually under extreme load but do have highly sensitive data. A good WAF can be difficult enough to configure even without many of the advanced security features that Imperva Incapsula includes: SQL injection prevention, bot attack recognition and notification, and DDoS.

View full review »
it_user298473 - PeerSpot reviewer
it_user298473
Cyber Response Analyst at a insurance company with 1,001-5,000 employees
  • DDoS Protection
  • Load Balancing
View full review »
it_user300444 - PeerSpot reviewer
it_user300444
IT Support Engineer at a tech services company with 51-200 employees
  • It provides real-time traffic analysis.
  • It gives location/hit/page view details.
  • It can easily and instantly block IPs.
  • We can investigate questionable and suspicious IPs.
View full review »
it_user304074 - PeerSpot reviewer
it_user304074
Sales office at a real estate/law firm with 51-200 employees
  • CDN
  • Site performance
View full review »
it_user300540 - PeerSpot reviewer
it_user300540
Associate Manager at a tech services company with 10,001+ employees

The Web Application Firewall (WAF) is very helpful in protecting SQL injections by hackers.

View full review »
it_user302106 - PeerSpot reviewer
it_user302106
Application Development Manager at a financial services firm with 501-1,000 employees

I'd say that the most valuable feature is the ease of use in configuration, the analytics, and the integration with Incapsula’s robot database.

View full review »
it_user300492 - PeerSpot reviewer
it_user300492
Sales Engineer/Major Accounts with 51-200 employees
  • CDN
  • DDoS protection
View full review »
it_user298446 - PeerSpot reviewer
it_user298446
VP R&D with 51-200 employees

The features that are most valuable are the protection against denial-of-service attacks and all kinds of other internet attacks. The presence of Incapsula helps us answer the compliance requirements for IT security, as our clients require IT security compliance, and it's very important to our enterprise customers that we comply with the requirements.

View full review »
it_user298143 - PeerSpot reviewer
it_user298143
Senior Manager, Software Development at a music company with 1,001-5,000 employees
  • Caching and CDN
  • WAF
View full review »
it_user288354 - PeerSpot reviewer
it_user288354
President/General Manager with 51-200 employees
  • Web security
  • Protection against DDoS
  • Easy to use administration portal
  • Reports
  • It’s simple to configure
  • Very effective
  • Easy solution to administer for protecting websites of all sizes
View full review »
it_user182781 - PeerSpot reviewer
it_user182781
Director at a marketing services firm with 51-200 employees
  • Human contact
  • Fast SLA
  • Trustworthy and excellent communication

Highly-functional back office with user friendly reports and intelligence on bad IPS and malicious software is at very high level and very quick. Part of the solutions function is that they have to stay on top of the data intelligence game. They have the first knowledge of break points.

View full review »
it_user279876 - PeerSpot reviewer
it_user279876
IT Manager with 501-1,000 employees
  • DDOS defence
  • Load balancing
  • Security role
View full review »
it_user277947 - PeerSpot reviewer
it_user277947
Online Marketing Manager with 1,001-5,000 employees

Their WAS - I had a problem and I turned to Incapsula. I needed someone to protect the website and they succeeded in this regard.

View full review »
it_user277953 - PeerSpot reviewer
it_user277953
ICT Director with 501-1,000 employees

The Web Application firewall is a valuable feature as the security features are mostly what we're interested in.

View full review »
it_user259980 - PeerSpot reviewer
it_user259980
Network Security Engineer at a tech services company with 501-1,000 employees

I really like the profiling section. I mean that signature based policies are ok and they are maybe the most widespread and common kind of security policy in security appliances, but, the profiling policies are custom tailored on a specific web application. I guess it’s the most valuable, and fresh, aspect about SecureSphere.

View full review »
it_user255885 - PeerSpot reviewer
it_user255885
Senior Security Analyst at a tech services company with 501-1,000 employees

I was involved in the deployment and found that all the features in this product are fantastic, especially the correlated attack validation, threat radar (reputation, fraud), and virtual patching. Those are features that are very useful in day to day operations.

View full review »
it_user1122 - PeerSpot reviewer
it_user1122
Infrastructure Expert at a tech services company with 1,001-5,000 employees
Their solutions are always on, in depth and protect against most all web threats imaginable. View full review »
Fauzan Adhima - PeerSpot reviewer
Fauzan Adhima
Technical Support Engineer at PT. Sinergy Informasi Pratama

The tool's profiling feature maps all the web application directories and related components on the profile directory. It has improved the security of my client's website applications. 

View full review »
EM
Edgar-Mwangi
Senior Presales Engineer at a tech services company with 11-50 employees

The solution is cloud-based and offers us good uptime. It has combined web and API security. Therefore, with one license, you access both application security and also API security.

View full review »
Buyer's Guide
Imperva Application Security Platform
July 2026
Learn what your peers think about Imperva Application Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,016 professionals have used our research since 2012.