Imperva Web Application Firewall Valuable Features
It's very simple to implement. It works right out of the box once you integrate the application. It does the learning for you and starts applying relevant signatures.
It's effective in protecting against different kinds of attacks. For example, it can mitigate DDoS attacks and block application layer attacks like SQL injection, HTTP, and cross-site scripting attacks. The latency is pretty low.
View full review »BS
Bhupesh-Sharma
Large account Manager at Softcell Technologies Limited
The solution can be configured in just a couple of minutes. It ensures 99.7% availability for my applications. It provides an additional layer of security for web applications and other applications, including mobile applications. It protects my environment and helps maintain my reputation in the market.
View full review »The valuable features of Imperva WAF include its effective security breach prevention through automatically updating rules. The support team answers cases quickly as well.
View full review »Buyer's Guide
Imperva Web Application Firewall
June 2025

Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.
While a Web Application Firewall (WAF) doesn't directly protect against viruses, it's crucial for application security.
It defends against threats like cross-site scripting (XSS), SQL injection, and others. This safeguards your application or website.
View full review »Empower administration is user-friendly, and we do not need much for managing day-to-day operations. It is easy to use and has good security. Also, it is very customizable, especially for controlling web browsers and devices.
View full review »Imperva Cloud WAF would be the most powerful option. It uses cloud-based signatures, which are constantly updated. This is different from the on-premises version, where the signature updates might be less frequent.
Imperva has basic reporting templates. We can use those, and we can also create custom reports. However, customization is limited to labels and structure – we can't change the actual content of the reports. For that, we need to use Imperva Compass.
Overall, I would rate the user experience an eight out of ten, with ten being good experience.
View full review »FG
Fedhasa Gelalcha
Director, Information System Security at a financial services firm with 201-500 employees
The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network.
There are many features. There is ease of deployment. You can deploy the Imperva Web Application Firewall in two to three minutes. After that, you have to set the policies. For setting policies, you have toggle buttons. You can turn something on or off.
Writing rules is very easy. There is a toggle button. You do not have to write the parsers and rules. You do not have to be well-versed in it. Anybody who works with the Imperva console for a month can master the solution.
View full review »EG
Elmano Francisco Gonga
IT Security Analyst at Banco de Fomento Angola
The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications. This is crucial because it shields web applications from attacks. Another notable feature is its use of artificial intelligence for better security. Additionally, Imperva offers simulation for studying infrastructure and hybrid infrastructure protection, which are beneficial for overall security. However, the standout feature remains its knowledge base, as, without adequate attack signature knowledge, security can be compromised.
Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services.
View full review »One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise. Either way, you can use it, and it's quite easy.
It's quite easy to deploy. It is also a self-managed service. It's quite straightforward.
They do provide updates on a quarterly or half-yearly basis.
View full review »AD
Amarildo De Mattos
Global Network and Cyber Security Project Manager at a manufacturing company with 10,001+ employees
I find the configurability of the tools and the ease of operation to be the most valuable feature of Imperva.
View full review »The features I have found most valuable with Imperva Web Application Firewall are account takeover protection, advanced bot protection, and API security.
View full review »I am impressed with the product's scalability, availability, easy management, and security. We were able to integrate the product with Azure and Sentinel.
View full review »The Imperva Web Application Firewall feature I have found the most valuable is the ease of deployment. The solution's customer service is good as well.
View full review »The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand.
View full review »The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself.
View full review »SS
SumedhSalve
GA Consultant Cyber Security at a tech services company with 51-200 employees
Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva.
It is quite proficient in terms of logs reports, and it provides tight control for policy configuration. So, there can't be any unwanted applications on the internal LAN site. It is quite restrictive, which is a plus point. The sizing of an application is quite easy to understand while we are configuring and deploying Imperva.
View full review »The product is very good.
It's so easy to do the deployment. The installation is very straightforward. You can't even compare it to others on the market. It's that easy.
The features on offer are very nice.
The solution is stable.
The licensing setup makes the product easy to scale.
The pricing is very good.
View full review »The solution offers good security against a variety of web attacks.
The protection from DDoS attacks is very useful. The DDoS attack is a very powerful attack that can harm a company's services. If an application is deployed to any web server or database our service will slow and will go down. A user would not be able to access our service until we can fix the issue. It's a deal if a company can avoid getting hit with DDoS attacks and having something that can effectively protect a company is extremely useful.
The solution has been quite stable. I have not seen any bugs at all.
View full review »The most important feature I have found to be the ease in how to do the backup and restores.
View full review »AU
Andrey Ustynov
Data analyst at Kyivstar
Protection is the best solution since it has profile functionality.
View full review »The solution integrates seamlessly with other tools and has a good alert mechanism.
The solution provides good protection against OWASP top-ten attacks.
Imperva is easy to use and deploy. The UI is excellent.
View full review »The most valuable features of the Imperva Web Application Firewall are DDoS, malware, and the other malicious threat prevention it provides. Additionally, third-party integration is available. You can forward the log for further analysis.
View full review »The mitigation feature is what I find most valuable in Imperva Web Application Firewall. The interface of the cloud version of this solution is also good.
View full review »TA
Tesfa Alazar
Chief Information Security Consultant at V-Tech
There are a number of features that are valuable such as the account takeover and various antivirus features.
View full review »KL
Karthik Ls
Team Lead Senior Technical Engineer at a tech services company with 51-200 employees
Imperva is a good solution.
It has fewer false positives. It is very simple to maintain the device. It is also simple to configure. You don't need to have any HTTP knowledge or understand the HTTP programming languages when it comes to configuring the device.
View full review »As a system, it's very effective at blocking potentially malicious items. The security is very good.
The solution can scale.
The stability has been pretty good.
Technical support is helpful.
The initial setup is rather straightforward.
View full review »Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it.
The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product.
View full review »If you are using the appliance as opposed to the virtual deployment, it can stand as the network layer-two and provide real transparency. This is better than the competitors.
Imperva SecureSphere integrates well with other tools.
View full review »This product has a logical perspective of negative and positive security. Negative meaning all of the blacklisted websites, and the positive is the profiling of the website itself. Impera can see and activate the policy, based on what it has learned. Imperva learns things like how dynamic content is dealt with, and what the permitted values are. When you combine these two perspectives, the negative and the positive, you get the optimal protection of the application.
View full review »The dynamic profiling of websites is the solution's most valuable feature. The security is also good.
View full review »TA
Tesfa Alazar
Chief Information Security Consultant at V-Tech
Data masking is the most valuable feature of this solution.
View full review »OO
OluwoleOlajide
Cloud Solutions Architect at Snapnet Limited
Data marking is the solution's most valuable feature.
View full review »The most valuable feature is the out-of-the-box detection engine. It has the ability to detect some of these things without being configured. There are some features that are configured by default, so even without doing much, it can still provide a level of protection.
View full review »GO
George Ondego
Manager, IS Security & Infrastructure at Fintech Kenya Limited
The most valuable feature of this solution is web application security.
This is a user-friendly solution.
This solution has good performance ratings.
View full review »NV
Natalia Venegas
Specialist Engineer at Entel Networks S.A
The compliance is the most valuable aspect.
View full review »OS
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.
The interface is very user-friendly. You get used to it. It's very convenient.
View full review »- Learning mode.
- Custom policies.
- Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.
The most valuable feature is the grouping of multiple targets via the scan policy. It is valuable because of the large number of targets and governmental requirements to conduct periodic scans.
View full review »- Bad-IP blocking and signature-based blocking for web application security
I really like the profiling section. I mean that signature based policies are ok and they are maybe the most widespread and common kind of security policy in security appliances, but, the profiling policies are custom tailored on a specific web application. I guess it’s the most valuable, and fresh, aspect about SecureSphere.
View full review »I was involved in the deployment and found that all the features in this product are fantastic, especially the correlated attack validation, threat radar (reputation, fraud), and virtual patching. Those are features that are very useful in day to day operations.
View full review »If something goes wrong, there is a quick switch between nodes, wherever there's an attack against a specific area. The security setup is reasonably easy. It's easy to do setups, rules, and integrations. The backend team is also willing to help if there are questions that we cannot answer.
View full review »Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code.
View full review »The tool's profiling feature maps all the web application directories and related components on the profile directory. It has improved the security of my client's website applications.
View full review »If the clients have requirements for APIs and microservices, we can offer such services with the help of the solution. We can offer it as a security solution that protects APIs and microservices. Imperva’s real-time monitoring makes it very easy for administrators to monitor their existing web applications.
View full review »EM
Edgar-Mwangi
Senior Presales Engineer at a tech services company with 11-50 employees
The solution is cloud-based and offers us good uptime. It has combined web and API security. Therefore, with one license, you access both application security and also API security.
View full review »Buyer's Guide
Imperva Web Application Firewall
June 2025

Learn what your peers think about Imperva Web Application Firewall. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.