I don't remember the last version of Imperva DDoS I am currently working with. When customers change their DDoS protection to Imperva DDoS or integrate Imperva DDoS as a new single DDoS protection product, they achieve full satisfaction with international standards like PCI DSS and GDPR. This is a seamless integration with international standards. I don't see any improvements needed for Imperva DDoS, because it is a very niche product with niche capabilities. It's not a technical thing, because it is continuously approved. Some features appear, but it's more about small improvements. The attacks Imperva DDoS is constructed to protect against are very well-known, and the solution is effective in protecting against them. The system can protect against even zero-day attacks. We get Imperva DDoS free as part of an MSSP approach, but for our customers, the average deal size for one year could be around 10,000 dollars. On a scale from one to ten, I rate Imperva DDoS a nine.
I would recommend Imperva Web Application Firewall to others. Overall, I would rate it eight out of ten as it is a good solution. However, there are other solutions in the market.
Security Consultant at a university with 1,001-5,000 employees
Real User
Top 5
2024-11-11T16:30:01Z
Nov 11, 2024
Imperva Web Application Firewall is recommended for companies needing a robust cloud-based solution. For on-premises versions, it might be considered outdated. I'd rate the solution nine out of ten.
Manager, Information Technology Network Security at a financial services firm with 201-500 employees
Real User
Top 10
2024-10-15T06:38:00Z
Oct 15, 2024
I suggest looking for a cloud-based solution rather than on-premises, which might improve availability, stability, and security. I'd rate the solution nine out of ten.
Imperva offers multiple services with a very high uptime guarantee of 99.99%. It is a valuable solution for network security. I'd rate the solution eight out of ten.
AI functionality in Imperva does do quite a bit of learning, but Imperva can do more. There's little interaction. There's basically just the machine learning bit. So it basically baselines the application and then analyzes traffic towards the application. But in terms of capability to interact with large language models, that is still not at the level where the competitors are. Overall, I would rate it an eight out of ten.
Learn what your peers think about Imperva Application Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: September 2025.
It’s also available as a managed service, meaning local IT teams need less involvement. Through the managed services, most management is handled on the server side. This approach is effective and reduces the total cost of ownership by requiring fewer resources to handle attacks and related events. Generally, it provides better security and offers more relief for security teams managing their applications. It simplifies things for architects, as layer seven protection is more reliable than traditional next-generation solutions, which may not cover this level of detail. With Imperva’s managed service, there's no need to worry about the payload size or complex settings, as the service handles these aspects effectively. The cloud platform excels in interface design, reporting, and support. It offers both executive and technical reports that are highly usable. Overall, I rate the solution as ten out of ten.
Technical Consultant - Presales at a tech services company with 51-200 employees
Consultant
Top 5
2024-02-28T12:38:00Z
Feb 28, 2024
When a client comes to us saying that they want to implement Imperva, the first thing that we ask them is if they are willing to spend that much. If they say yes, then we do not even compare it to any other product. We just go for Imperva. Feature-wise, we are confident of it. Any customer would go for it in terms of features. Overall, I would rate Imperva Web Application Firewall a nine out of ten.
Imperva DDoS has helped maintain website availability during an attack because we didn't even know there was an attack. Imperva DDoS was integrated into our existing security measures by using the easy configuration, which was making use of cloud platforms. All the SOC and SIEM integrations and notifications to instant response teams were easily integrated by email. The solution's real-time threat detection works well and lets me know if something is happening on the management interface, where I spend most of my time. The solution's scalability supported our client company's growing traffic needs. It started with a medium-sized web presence of 7,00,000 queries per second globally and has moved into tens of millions of queries per second. They are really benefiting from having to keep on spinning up additional security services rather than spinning up operational services. The solution's reporting and analytics features have helped in understanding attack patterns. The solution helps in understanding who is targeting companies and from where. The solution also helps understand the types of attacks. Some attacks are investigations where people search to see what is available. On other occasions, people try to write specific scripts to attack the front end to see if they can gain access to the back end. With the solution's reports, you can learn about the attacks and improve security where it's needed. My experience in setting up and configuring Imperva DDoS for our client's environment was very good. I would recommend the solution to other users. Overall, I rate Imperva DDoS a nine out of ten.
My company uses Imperva Bot Management to protect our web application against automated threats by using its areas like whitelisting and normal integration with services that are available from the tool's bot management side. Imperva Bot Management has been effective in managing bots in both areas of our company, like our e-commerce platform and website. The feature of Imperva Bot Management, which I found to be the most beneficial for identifying and mitigating bots in real-time, is that it helps to mitigate OWASP attacks and its abilities, like reporting data regions, going through various IP addresses, and figuring out the type of attacks. Imperva Bot Management has impacted our company's clients' daily operations and user experience in terms of bot traffic handling since it has reduced the false positives while ensuring that it has the experience and ability to work on other problems faced by users easily. With Imperva Bot Management, I don't have to have one single person focusing on network outages or website outages because now Imperva can handle multiple queries. Speaking about an example of a complex bot attack that Imperva Bot Management successfully mitigated, I can say that the tool did website scraping when there were over 1,00,000 queries created per second and figured out that it was a bot that was in areas like scraping and machine learning, after which the solution blocked the bot automatically and sent a notification to the administrator to say what was happening, post which the website was up and stable. I rate the overall tool an eight and a half out of ten.
Imperva Application Security Platform delivers comprehensive and continuous web threat protection. Renowned for its ease of use, it shields web applications and databases from various cyber threats while integrating seamlessly with cloud and on-premises environments.Imperva Application Security Platform protects web environments by offering advanced security measures against threats like DDoS attacks, SQL injections, and cross-site scripting. As a robust web application firewall, it provides...
I don't remember the last version of Imperva DDoS I am currently working with. When customers change their DDoS protection to Imperva DDoS or integrate Imperva DDoS as a new single DDoS protection product, they achieve full satisfaction with international standards like PCI DSS and GDPR. This is a seamless integration with international standards. I don't see any improvements needed for Imperva DDoS, because it is a very niche product with niche capabilities. It's not a technical thing, because it is continuously approved. Some features appear, but it's more about small improvements. The attacks Imperva DDoS is constructed to protect against are very well-known, and the solution is effective in protecting against them. The system can protect against even zero-day attacks. We get Imperva DDoS free as part of an MSSP approach, but for our customers, the average deal size for one year could be around 10,000 dollars. On a scale from one to ten, I rate Imperva DDoS a nine.
I would recommend Imperva Web Application Firewall to others. Overall, I would rate it eight out of ten as it is a good solution. However, there are other solutions in the market.
Imperva Web Application Firewall is recommended for companies needing a robust cloud-based solution. For on-premises versions, it might be considered outdated. I'd rate the solution nine out of ten.
I suggest looking for a cloud-based solution rather than on-premises, which might improve availability, stability, and security. I'd rate the solution nine out of ten.
Imperva offers multiple services with a very high uptime guarantee of 99.99%. It is a valuable solution for network security. I'd rate the solution eight out of ten.
AI functionality in Imperva does do quite a bit of learning, but Imperva can do more. There's little interaction. There's basically just the machine learning bit. So it basically baselines the application and then analyzes traffic towards the application. But in terms of capability to interact with large language models, that is still not at the level where the competitors are. Overall, I would rate it an eight out of ten.
It’s also available as a managed service, meaning local IT teams need less involvement. Through the managed services, most management is handled on the server side. This approach is effective and reduces the total cost of ownership by requiring fewer resources to handle attacks and related events. Generally, it provides better security and offers more relief for security teams managing their applications. It simplifies things for architects, as layer seven protection is more reliable than traditional next-generation solutions, which may not cover this level of detail. With Imperva’s managed service, there's no need to worry about the payload size or complex settings, as the service handles these aspects effectively. The cloud platform excels in interface design, reporting, and support. It offers both executive and technical reports that are highly usable. Overall, I rate the solution as ten out of ten.
I would rate the tool itself a five out of ten.
I recommend the solution. Overall, I rate the solution an eight out of ten.
Overall, I would rate the solution a nine out of ten. More and more customers are adopting web application firewalls to secure their web applications.
I would recommend it. Overall, I would rate the solution an eight out of ten.
When a client comes to us saying that they want to implement Imperva, the first thing that we ask them is if they are willing to spend that much. If they say yes, then we do not even compare it to any other product. We just go for Imperva. Feature-wise, we are confident of it. Any customer would go for it in terms of features. Overall, I would rate Imperva Web Application Firewall a nine out of ten.
Imperva DDoS has helped maintain website availability during an attack because we didn't even know there was an attack. Imperva DDoS was integrated into our existing security measures by using the easy configuration, which was making use of cloud platforms. All the SOC and SIEM integrations and notifications to instant response teams were easily integrated by email. The solution's real-time threat detection works well and lets me know if something is happening on the management interface, where I spend most of my time. The solution's scalability supported our client company's growing traffic needs. It started with a medium-sized web presence of 7,00,000 queries per second globally and has moved into tens of millions of queries per second. They are really benefiting from having to keep on spinning up additional security services rather than spinning up operational services. The solution's reporting and analytics features have helped in understanding attack patterns. The solution helps in understanding who is targeting companies and from where. The solution also helps understand the types of attacks. Some attacks are investigations where people search to see what is available. On other occasions, people try to write specific scripts to attack the front end to see if they can gain access to the back end. With the solution's reports, you can learn about the attacks and improve security where it's needed. My experience in setting up and configuring Imperva DDoS for our client's environment was very good. I would recommend the solution to other users. Overall, I rate Imperva DDoS a nine out of ten.
My company uses Imperva Bot Management to protect our web application against automated threats by using its areas like whitelisting and normal integration with services that are available from the tool's bot management side. Imperva Bot Management has been effective in managing bots in both areas of our company, like our e-commerce platform and website. The feature of Imperva Bot Management, which I found to be the most beneficial for identifying and mitigating bots in real-time, is that it helps to mitigate OWASP attacks and its abilities, like reporting data regions, going through various IP addresses, and figuring out the type of attacks. Imperva Bot Management has impacted our company's clients' daily operations and user experience in terms of bot traffic handling since it has reduced the false positives while ensuring that it has the experience and ability to work on other problems faced by users easily. With Imperva Bot Management, I don't have to have one single person focusing on network outages or website outages because now Imperva can handle multiple queries. Speaking about an example of a complex bot attack that Imperva Bot Management successfully mitigated, I can say that the tool did website scraping when there were over 1,00,000 queries created per second and figured out that it was a bot that was in areas like scraping and machine learning, after which the solution blocked the bot automatically and sent a notification to the administrator to say what was happening, post which the website was up and stable. I rate the overall tool an eight and a half out of ten.
The solution is a reliable product. I would rate the tool an eight out of ten.