Imperva Web Application Firewall is a versatile solution that protects web applications and databases from various attacks, including DDoS, cross-site scripting, and SQL injection attacks. It offers data security, availability, and access control and can be deployed on-premises or on the cloud.
| Type | Title | Date | |
|---|---|---|---|
| Category | Web Application Firewall (WAF) | May 24, 2025 | Download |
| Product | Reviews, tips, and advice from real users | May 24, 2025 | Download |
| Comparison | Imperva Web Application Firewall vs AWS WAF | May 24, 2025 | Download |
| Comparison | Imperva Web Application Firewall vs F5 Advanced WAF | May 24, 2025 | Download |
| Comparison | Imperva Web Application Firewall vs Microsoft Azure Application Gateway | May 24, 2025 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Prisma Cloud by Palo Alto Networks | 4.2 | 2.1% | 98% | 110 interviewsAdd to research |
| Microsoft Azure Application Gateway | 3.7 | 8.6% | 79% | 48 interviewsAdd to research |
The solution has good security against web attacks and offers advanced bot protection, API security, and mitigation features. Imperva WAF is easy to configure and deploy; it has good customer service and an excellent user interface.
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
For some time now, I have been the CTO of a consulting company and our main issue is web application security. We also handle database security.
This is one of the solutions that we implement for our clients.
The primary use of this solution is the protection of applications.
This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.
When you want to move to a higher version of the platform, it is not in the GUI and not very easy to do. I expect that this will be available in the next version.
I think that better bot protection is needed in this solution. Bot protection is one of the features in Imperva that lets you recognize if their request is coming from a human or coming from a bot. In this context, a bot is a mechanism being used by the attacker. Good bot protection will reduce a lot of the attacks coming into the applications.
This solution is pretty stable.
If you build this solution properly then you have scalability.
We do not use technical support very often. It is only in cases where we get something that looks like a bug. Their team is good.
The initial setup of this solution is user-friendly and pretty straightforward.
However, the setup, in order to bring the application into inspection, is kind of complex. You need to know what you're doing. It takes approximately four hours to install, setup, and configure this platform.
My team and I handle the integration of this solution for our clients.
The number of people required depends on the environment. Sometimes it is one person, whereas other times there are two.
We have three people who take care of maintaining this solution for our customers.
The cost of this solution depends on the platform. For example, you may be buying virtual or you may be buying appliances. It also depends on the number of environments and the bandwidth that is required.
Compared to other web application firewalls in the market, Imperva does things in the most accurate way.
Overall, Imperva is a pretty good product.
I am working with the development team for Imperva in Israel, and I have submitted some feature requests for things that I think should be changed. Everything that should be fixed, we have a discussion on it and it is probable that these things will be fixed.
My advice to anybody who is implementing this solution is to first go and learn the attack surfaces because you need to protect the assets from attack. In order to do this, you need to understand the attacks. Let's say that a good defense is a good offense.
The biggest lesson that I have learned from working with this solution is to back up the system all of the time. Do it step by step, and be very precise. Have plans for each and every move, all of the time.
I would rate this solution a nine out of ten.
