I would rate Imperva Application Security Platform an eight on a scale from one to ten. Imperva Application Security Platform is a very good platform; even though it is not in Gartner, clients request it and trust the brand. I would rate customer support on a scale from one to ten as an eight. My overall review rating for Imperva Application Security Platform is eight out of ten.
IT Security Analyst & Engineer (Project, Remote) Australia-Europe at a manufacturing company with 10,001+ employees
Real User
Top 20
Apr 19, 2026
I would add that I have a unique observation about the features of Imperva Application Security Platform. For protection to protect more safely and restrictively, I have another use case with an internal website. This website is internal, and those people who want to access it can use the VPN or the internal network. I have encountered cases where a person from the internal company wants to access the website without using the API and got blocked by Imperva because there is a feature or configuration that allows specific IPs. I had to log all of the ways to access the web and allow only a few IPs from the internal IPs. I think Imperva is very secure, very restricted, and good for protecting websites, especially for internal websites and production servers. Regarding improvements to Imperva Application Security Platform, I think all aspects of Imperva Web Application Firewall, including the UI/UX, are good, and I can operate it smoothly with the application. I give this product a rating of 8.5 out of 10.
I would rate Imperva Application Security Platform a 10 on a scale of one to 10.I gave it a 10 because it is useful for private organizations and it is very safe to have WAF applications, particularly Imperva Application Security Platform. The advice I would give to others looking into using Imperva Application Security Platform is that it is safer to use or to have it. My overall rating for this product is 10 out of 10.
Senior Technical Consultant at a tech vendor with 11-50 employees
Real User
Top 5
Apr 19, 2026
I would recommend Imperva Application Security Platform compared to Akamai WAF. It has been good to use Imperva Application Security Platform, as I have been using it for three years. I would rate this review a nine on a scale of one to ten.
I would rate Imperva Application Security Platform a nine on a scale of one to ten. I choose a nine because it has not failed me since I've been using it, and I've not had any attack. My advice to others looking into using Imperva Application Security Platform is that it is highly recommended and certainly worth trying out, at least for web application firewall purposes.
Senior Cybersecurity Consultant at Cyberoutcome Limited
Real User
Top 10
Apr 16, 2026
My basic advice would be to make your evaluations properly. It is okay to do demos as much as you can to fully see if it is going to work with whatever challenges you are trying to solve. I believe in thorough and proper evaluation of solutions. I can give a solid approval of Imperva Application Security Platform because it has really done a lot in helping my clients and giving them the best. Imperva is one of the best, if not the best. Almost every feature in Imperva Application Security Platform works really fine and it is what enterprises are battling, and what Imperva does in shaping the security culture of the digital world. Overall, I am going to rate Imperva Application Security Platform a nine out of ten, being one of the leading solution providers in the WAF space and the DAM space.
Learn what your peers think about Imperva Application Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
I am not using CyberArk, as it is only a proposal for identity and access management that I have proposed for my clients. Apart from One Identity, I am working with SentinelOne for AI, and I was looking for that. For Purple AI, I was communicating with the vendors and the distributor, and I have considered proposing it for my clients. Currently, I am using the load balancer Radware as an application load balancer. For the on-prem WAF, I am using Fortinet, regarding the WAF and the load balancer, Radware and Fortinet. I am not working with some email security products, some EDR, or endpoint protection as an implementation. I was just looking into it and have proposed it for my clients, and I am waiting for the financial evaluation for FortiMail. For Fortinet, I am involved more with FortiMail, WAF, ADC, FortiGate firewall, NAC, WAF, and FortiClient EMS. Regarding Check Point and WatchGuard, I have worked with Check Point for the firewall, specifically the perimeter firewall. For Check Point, I have already worked with the firewall only, which is a next-generation firewall, using a physical appliance on-prem. Most of my customers, particularly financial institutions, even if they invest their resources in the cloud, need an on-prem solution. It could be a virtual appliance deployed on a server or a physical appliance, but they mostly need on-prem. Regarding the price, I find Imperva Application Security Platform affordable, with moderate pricing. My overall rating for this solution is eight out of ten.
I don't remember the last version of Imperva DDoS I am currently working with. When customers change their DDoS protection to Imperva DDoS or integrate Imperva DDoS as a new single DDoS protection product, they achieve full satisfaction with international standards like PCI DSS and GDPR. This is a seamless integration with international standards. I don't see any improvements needed for Imperva DDoS, because it is a very niche product with niche capabilities. It's not a technical thing, because it is continuously approved. Some features appear, but it's more about small improvements. The attacks Imperva DDoS is constructed to protect against are very well-known, and the solution is effective in protecting against them. The system can protect against even zero-day attacks. We get Imperva DDoS free as part of an MSSP approach, but for our customers, the average deal size for one year could be around 10,000 dollars. On a scale from one to ten, I rate Imperva DDoS a nine.
I would recommend Imperva Web Application Firewall to others. Overall, I would rate it eight out of ten as it is a good solution. However, there are other solutions in the market.
Security Consultant at a university with 1,001-5,000 employees
Real User
Top 5
Nov 11, 2024
Imperva Web Application Firewall is recommended for companies needing a robust cloud-based solution. For on-premises versions, it might be considered outdated. I'd rate the solution nine out of ten.
Manager, Information Technology Network Security at a financial services firm with 201-500 employees
Real User
Top 5
Oct 15, 2024
I suggest looking for a cloud-based solution rather than on-premises, which might improve availability, stability, and security. I'd rate the solution nine out of ten.
Imperva offers multiple services with a very high uptime guarantee of 99.99%. It is a valuable solution for network security. I'd rate the solution eight out of ten.
AI functionality in Imperva does do quite a bit of learning, but Imperva can do more. There's little interaction. There's basically just the machine learning bit. So it basically baselines the application and then analyzes traffic towards the application. But in terms of capability to interact with large language models, that is still not at the level where the competitors are. Overall, I would rate it an eight out of ten.
It’s also available as a managed service, meaning local IT teams need less involvement. Through the managed services, most management is handled on the server side. This approach is effective and reduces the total cost of ownership by requiring fewer resources to handle attacks and related events. Generally, it provides better security and offers more relief for security teams managing their applications. It simplifies things for architects, as layer seven protection is more reliable than traditional next-generation solutions, which may not cover this level of detail. With Imperva’s managed service, there's no need to worry about the payload size or complex settings, as the service handles these aspects effectively. The cloud platform excels in interface design, reporting, and support. It offers both executive and technical reports that are highly usable. Overall, I rate the solution as ten out of ten.
Technical Consultant - Presales at a tech services company with 51-200 employees
Consultant
Feb 28, 2024
When a client comes to us saying that they want to implement Imperva, the first thing that we ask them is if they are willing to spend that much. If they say yes, then we do not even compare it to any other product. We just go for Imperva. Feature-wise, we are confident of it. Any customer would go for it in terms of features. Overall, I would rate Imperva Web Application Firewall a nine out of ten.
Imperva DDoS has helped maintain website availability during an attack because we didn't even know there was an attack. Imperva DDoS was integrated into our existing security measures by using the easy configuration, which was making use of cloud platforms. All the SOC and SIEM integrations and notifications to instant response teams were easily integrated by email. The solution's real-time threat detection works well and lets me know if something is happening on the management interface, where I spend most of my time. The solution's scalability supported our client company's growing traffic needs. It started with a medium-sized web presence of 7,00,000 queries per second globally and has moved into tens of millions of queries per second. They are really benefiting from having to keep on spinning up additional security services rather than spinning up operational services. The solution's reporting and analytics features have helped in understanding attack patterns. The solution helps in understanding who is targeting companies and from where. The solution also helps understand the types of attacks. Some attacks are investigations where people search to see what is available. On other occasions, people try to write specific scripts to attack the front end to see if they can gain access to the back end. With the solution's reports, you can learn about the attacks and improve security where it's needed. My experience in setting up and configuring Imperva DDoS for our client's environment was very good. I would recommend the solution to other users. Overall, I rate Imperva DDoS a nine out of ten.
My company uses Imperva Bot Management to protect our web application against automated threats by using its areas like whitelisting and normal integration with services that are available from the tool's bot management side. Imperva Bot Management has been effective in managing bots in both areas of our company, like our e-commerce platform and website. The feature of Imperva Bot Management, which I found to be the most beneficial for identifying and mitigating bots in real-time, is that it helps to mitigate OWASP attacks and its abilities, like reporting data regions, going through various IP addresses, and figuring out the type of attacks. Imperva Bot Management has impacted our company's clients' daily operations and user experience in terms of bot traffic handling since it has reduced the false positives while ensuring that it has the experience and ability to work on other problems faced by users easily. With Imperva Bot Management, I don't have to have one single person focusing on network outages or website outages because now Imperva can handle multiple queries. Speaking about an example of a complex bot attack that Imperva Bot Management successfully mitigated, I can say that the tool did website scraping when there were over 1,00,000 queries created per second and figured out that it was a bot that was in areas like scraping and machine learning, after which the solution blocked the bot automatically and sent a notification to the administrator to say what was happening, post which the website was up and stable. I rate the overall tool an eight and a half out of ten.
Imperva Application Security Platform delivers comprehensive and continuous web threat protection. Renowned for its ease of use, it shields web applications and databases from various cyber threats while integrating seamlessly with cloud and on-premises environments.Imperva Application Security Platform protects web environments by offering advanced security measures against threats like DDoS attacks, SQL injections, and cross-site scripting. As a robust web application firewall, it provides...
I would rate Imperva Application Security Platform an eight on a scale from one to ten. Imperva Application Security Platform is a very good platform; even though it is not in Gartner, clients request it and trust the brand. I would rate customer support on a scale from one to ten as an eight. My overall review rating for Imperva Application Security Platform is eight out of ten.
I would add that I have a unique observation about the features of Imperva Application Security Platform. For protection to protect more safely and restrictively, I have another use case with an internal website. This website is internal, and those people who want to access it can use the VPN or the internal network. I have encountered cases where a person from the internal company wants to access the website without using the API and got blocked by Imperva because there is a feature or configuration that allows specific IPs. I had to log all of the ways to access the web and allow only a few IPs from the internal IPs. I think Imperva is very secure, very restricted, and good for protecting websites, especially for internal websites and production servers. Regarding improvements to Imperva Application Security Platform, I think all aspects of Imperva Web Application Firewall, including the UI/UX, are good, and I can operate it smoothly with the application. I give this product a rating of 8.5 out of 10.
I would rate Imperva Application Security Platform a 10 on a scale of one to 10.I gave it a 10 because it is useful for private organizations and it is very safe to have WAF applications, particularly Imperva Application Security Platform. The advice I would give to others looking into using Imperva Application Security Platform is that it is safer to use or to have it. My overall rating for this product is 10 out of 10.
I would recommend Imperva Application Security Platform compared to Akamai WAF. It has been good to use Imperva Application Security Platform, as I have been using it for three years. I would rate this review a nine on a scale of one to ten.
I would rate Imperva Application Security Platform a nine on a scale of one to ten. I choose a nine because it has not failed me since I've been using it, and I've not had any attack. My advice to others looking into using Imperva Application Security Platform is that it is highly recommended and certainly worth trying out, at least for web application firewall purposes.
My basic advice would be to make your evaluations properly. It is okay to do demos as much as you can to fully see if it is going to work with whatever challenges you are trying to solve. I believe in thorough and proper evaluation of solutions. I can give a solid approval of Imperva Application Security Platform because it has really done a lot in helping my clients and giving them the best. Imperva is one of the best, if not the best. Almost every feature in Imperva Application Security Platform works really fine and it is what enterprises are battling, and what Imperva does in shaping the security culture of the digital world. Overall, I am going to rate Imperva Application Security Platform a nine out of ten, being one of the leading solution providers in the WAF space and the DAM space.
I am not using CyberArk, as it is only a proposal for identity and access management that I have proposed for my clients. Apart from One Identity, I am working with SentinelOne for AI, and I was looking for that. For Purple AI, I was communicating with the vendors and the distributor, and I have considered proposing it for my clients. Currently, I am using the load balancer Radware as an application load balancer. For the on-prem WAF, I am using Fortinet, regarding the WAF and the load balancer, Radware and Fortinet. I am not working with some email security products, some EDR, or endpoint protection as an implementation. I was just looking into it and have proposed it for my clients, and I am waiting for the financial evaluation for FortiMail. For Fortinet, I am involved more with FortiMail, WAF, ADC, FortiGate firewall, NAC, WAF, and FortiClient EMS. Regarding Check Point and WatchGuard, I have worked with Check Point for the firewall, specifically the perimeter firewall. For Check Point, I have already worked with the firewall only, which is a next-generation firewall, using a physical appliance on-prem. Most of my customers, particularly financial institutions, even if they invest their resources in the cloud, need an on-prem solution. It could be a virtual appliance deployed on a server or a physical appliance, but they mostly need on-prem. Regarding the price, I find Imperva Application Security Platform affordable, with moderate pricing. My overall rating for this solution is eight out of ten.
I don't remember the last version of Imperva DDoS I am currently working with. When customers change their DDoS protection to Imperva DDoS or integrate Imperva DDoS as a new single DDoS protection product, they achieve full satisfaction with international standards like PCI DSS and GDPR. This is a seamless integration with international standards. I don't see any improvements needed for Imperva DDoS, because it is a very niche product with niche capabilities. It's not a technical thing, because it is continuously approved. Some features appear, but it's more about small improvements. The attacks Imperva DDoS is constructed to protect against are very well-known, and the solution is effective in protecting against them. The system can protect against even zero-day attacks. We get Imperva DDoS free as part of an MSSP approach, but for our customers, the average deal size for one year could be around 10,000 dollars. On a scale from one to ten, I rate Imperva DDoS a nine.
I would recommend Imperva Web Application Firewall to others. Overall, I would rate it eight out of ten as it is a good solution. However, there are other solutions in the market.
Imperva Web Application Firewall is recommended for companies needing a robust cloud-based solution. For on-premises versions, it might be considered outdated. I'd rate the solution nine out of ten.
I suggest looking for a cloud-based solution rather than on-premises, which might improve availability, stability, and security. I'd rate the solution nine out of ten.
Imperva offers multiple services with a very high uptime guarantee of 99.99%. It is a valuable solution for network security. I'd rate the solution eight out of ten.
AI functionality in Imperva does do quite a bit of learning, but Imperva can do more. There's little interaction. There's basically just the machine learning bit. So it basically baselines the application and then analyzes traffic towards the application. But in terms of capability to interact with large language models, that is still not at the level where the competitors are. Overall, I would rate it an eight out of ten.
It’s also available as a managed service, meaning local IT teams need less involvement. Through the managed services, most management is handled on the server side. This approach is effective and reduces the total cost of ownership by requiring fewer resources to handle attacks and related events. Generally, it provides better security and offers more relief for security teams managing their applications. It simplifies things for architects, as layer seven protection is more reliable than traditional next-generation solutions, which may not cover this level of detail. With Imperva’s managed service, there's no need to worry about the payload size or complex settings, as the service handles these aspects effectively. The cloud platform excels in interface design, reporting, and support. It offers both executive and technical reports that are highly usable. Overall, I rate the solution as ten out of ten.
I would rate the tool itself a five out of ten.
I recommend the solution. Overall, I rate the solution an eight out of ten.
Overall, I would rate the solution a nine out of ten. More and more customers are adopting web application firewalls to secure their web applications.
I would recommend it. Overall, I would rate the solution an eight out of ten.
When a client comes to us saying that they want to implement Imperva, the first thing that we ask them is if they are willing to spend that much. If they say yes, then we do not even compare it to any other product. We just go for Imperva. Feature-wise, we are confident of it. Any customer would go for it in terms of features. Overall, I would rate Imperva Web Application Firewall a nine out of ten.
Imperva DDoS has helped maintain website availability during an attack because we didn't even know there was an attack. Imperva DDoS was integrated into our existing security measures by using the easy configuration, which was making use of cloud platforms. All the SOC and SIEM integrations and notifications to instant response teams were easily integrated by email. The solution's real-time threat detection works well and lets me know if something is happening on the management interface, where I spend most of my time. The solution's scalability supported our client company's growing traffic needs. It started with a medium-sized web presence of 7,00,000 queries per second globally and has moved into tens of millions of queries per second. They are really benefiting from having to keep on spinning up additional security services rather than spinning up operational services. The solution's reporting and analytics features have helped in understanding attack patterns. The solution helps in understanding who is targeting companies and from where. The solution also helps understand the types of attacks. Some attacks are investigations where people search to see what is available. On other occasions, people try to write specific scripts to attack the front end to see if they can gain access to the back end. With the solution's reports, you can learn about the attacks and improve security where it's needed. My experience in setting up and configuring Imperva DDoS for our client's environment was very good. I would recommend the solution to other users. Overall, I rate Imperva DDoS a nine out of ten.
My company uses Imperva Bot Management to protect our web application against automated threats by using its areas like whitelisting and normal integration with services that are available from the tool's bot management side. Imperva Bot Management has been effective in managing bots in both areas of our company, like our e-commerce platform and website. The feature of Imperva Bot Management, which I found to be the most beneficial for identifying and mitigating bots in real-time, is that it helps to mitigate OWASP attacks and its abilities, like reporting data regions, going through various IP addresses, and figuring out the type of attacks. Imperva Bot Management has impacted our company's clients' daily operations and user experience in terms of bot traffic handling since it has reduced the false positives while ensuring that it has the experience and ability to work on other problems faced by users easily. With Imperva Bot Management, I don't have to have one single person focusing on network outages or website outages because now Imperva can handle multiple queries. Speaking about an example of a complex bot attack that Imperva Bot Management successfully mitigated, I can say that the tool did website scraping when there were over 1,00,000 queries created per second and figured out that it was a bot that was in areas like scraping and machine learning, after which the solution blocked the bot automatically and sent a notification to the administrator to say what was happening, post which the website was up and stable. I rate the overall tool an eight and a half out of ten.
The solution is a reliable product. I would rate the tool an eight out of ten.