Imperva WAF Review: Features & Pricing

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

What Is Imperva WAF?

Imperva WAF protects against critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers monitor the threat landscape and update WAF with the latest threat data.

What Are the Top Imperva WAF Features?

Security: Very good. Imperva WAF uses dynamic application profiling to learn all aspects of a web application’s normal behavior, including directories, URLs, parameters, and acceptable user inputs. It accurately detects and blocks attacks with minimal false positives. It protects from application layer attacks, including all OWASP top 10 and even zero-day threats.

Gartner said: “The vendor competes and frequently wins on the basis of security features and innovation.”

“Imperva is an amazing WAF,” said a senior manager for information security in the media industry.

Performance: Very good. There are no performance restrictions in throughput or transactions. Throughput of 10 Gbps, and less than 5 ms latency.

Value: Good. Despite good performance and features, starting prices are relatively low. But that may change for larger deployments.

Implementation: Very good. The cloud-based WAF is delivered as a managed service and can be up and running in minutes.

On-premises WAF is delivered as physical appliance, virtual appliance or enabled in public cloud (AWS and Azure). The speed of deployment varies depending on if it is deployed in public cloud, the number of appliances and other factors. Gartner said Imperva customers have “easy deployment options as their application environments shift.”

Management: Fair. Gartner said the WAF “Lacks high-level executive reports, and that overall, the reporting could be much improved to reach an enterprise-class level.”

Support: Very good. Gartner clients are highly satisfied with Imperva customer support, citing high-quality, easy ticket resolution.

“Imperva excels at customer service and partnership. Any technical issue we’ve had, we’ve immediately had the full attention of Imperva,” said a CIO in the education industry.

Cloud features: Good. The cloud-based WAF is delivered as a managed service and can be up and running in minutes.

Imperva WAF

What Are Imperva WAF’s Security Qualifications?

FISMA, NIST SP 800-53 and 800-137, DoD DISA, IRS 1075, FIPS 140-2, Common Criteria.

How Is Imperva WAF Delivered?

The product is delivered as a physical appliance, virtual appliance and as a cloud service. It can be deployed both on-premises and in public clouds like AWS and Azure.

What Is the Price of Imperva WAF?

Small business pricing starts at $59 per month. For larger enterprises, pricing starts at $6,000 and goes up from there depending on amount of bandwidth and number of applications. The on-premises WAF is priced per appliance and starts at $10,000. Enterprise customers typically buy four or five physical or virtual appliances and spend anywhere from $50,000 to $100,000.

What Are the Top Imperva WAF Alternatives?

Featured Partners

eSecurity Planet may receive a commission from merchants for referrals from this website

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.




Top Cybersecurity Companies

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis