Imperva Application Security Platform Reviews

This is one of the solutions that we provide to our customers.

We use this solution for application-level security, above layer four protection where the firewall cannot reach.

I have worked with both on-premises and cloud deployments.

The most valuable feature is the out-of-the-box detection engine. It has the ability to detect some of these things without being configured. There are some features that are configured by default, so even without doing much, it can still provide a level of protection.

The visibility provided by this solution can be improved. I often tell my customers that "You can't fight what you can't see". I can recall a time when I did a presentation after a deployment, and it prompted them to put the solution into enforcement mode immediately. Normally, we wait one week with the solution in monitoring mode. However, once they saw the types of vulnerabilities they had, they wanted to take action right away. It gave them a great deal of knowledge, and knowing that they are protected from these types of attacks has boosted their confidence.

This solution has a lot of features, and some of the students were confused when I was discussing them. It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default. If somebody has installed the product several times but is doing the same thing incorrectly, then they get experienced in doing the wrong thing. You should be able to specify which assets you need to be protected, and the solution will tell you the minimum in terms of features that need to be turned on. If you need more advanced protection then the others will become relevant.

Imperva partner training is something that I would be interested in if it ever came my way. There should be partner-specific webinars, meetings, and other training provided to us,

So far, I don't think that we've had any issues with this solution in terms of stability. People discussing this solution have given the same remark.

This solution is used on almost a daily basis.

Scalability of this solution is based on the design. If you get your design right, then you shouldn't have a problem with the scalability.

While we were installing this solution, we had contact with technical support and they were good. I have referenced information that is on their site and it is helpful, as well.

During the initial installation, there was a warning that was not part of the known CVEs. When I checked with support, they told me that this type of problem is blocked out-of-the-box. However, if I wanted to be really sure, they showed me how to create a custom policy, or custom rule, to specifically deal with it.

I have used other solutions, but I usually follow the Gartner reports and their suggestions. My previous solution had not been doing too well.

Also, as I became more familiar with this solution, it became easier for me to identify issues. I had also read research on Imperva blocking denial-of-service attacks, and I like practical evidence of issues such as this. By reading these articles, and about other people's experiences, it is like seeing it for myself. With other solutions, you are not privy to such visibility.

Complexity and cost are two important factors when it came to choosing this solution.

Unless the client has as serious issues and does not want Imperva, this is my first choice.

The initial setup of this solution was not too straightforward. We did have to contact Imperva during the deployment. The length of time for deployment depends on the experience of the people performing the installation, as well as the environment.

My team and I performed the implementation of this solution. To make sure that we were on track, we contacted Imperva support for some clarification. Most of the things that we do, we follow best practices.

Everybody complains about the price of this solution. 

This is a security device, and it is used almost every day. It is not just used when there is an issue. Based on what the dashboard or the reports say, you can change policies to meet your security requirements or business needs.

Based on my experience, and what I know this product can do, I would never recommend another solution. I advise most of my customers to go for this.

I would rate this solution a nine out of ten.

We are a reseller and integration partner, and we have customers who are using this solution in on-premises deployments.

This solution has helped in securing our clients' assets, which is key. It mitigates all of the availabilities of risks around web applications.

The most valuable feature of this solution is web application security.

This is a user-friendly solution.

This solution has good performance ratings.

I would like to see more support available for this product online. Some customers find this to be a real limitation.

The virtual processing could be improved.

Their portal is very limited and needs improvement.

This is a very stable solution.

The solution is very scalable, but of course, the scalability comes with a cost.

I think that technical support needs to be improved by making it more localized, or regionalized. Our support is currently coming from the US, and it is not very good. They need to take care of their global customers.

We previously used Fortinet, but this solution has better performance ratings.

I don't want to say that the initial setup is straightforward, but it is manageable. It requires a bit of technical knowledge.

This is a solution that I highly recommend.

The biggest lesson that I have learned from this solution is that Imperva is not a one-house solution. They create a specialized solution, and that comes with a lot of value.

I would rate this solution a nine out of ten.

The primary use was to cover the database. Imperva we recognized on the market as the best solution for techs on databases. The banks here in Chile always ask for these types of solutions.

The compliance is the most valuable aspect.

I just need it to be a stable and normal version. I'd want to hear about the new features to see which I would need.

I find this solution stable. We have 2,000 users in financial services.

The solution is scalable.

The setup initially was simple, but when we tried to run it we had problems with the log parameters and it was complicated to use. The operation was complicated to use, but that is just the experience of my team. It took two months to deploy. The setup and installation of the technologies took one week, and after that, one month to set up the parameters and after that, in order to set up the logs, it took about two weeks. So two months total. We have three engineers, including an architect and a security engineer. We also had a fourth engineer that knew the application.

We have a yearly license, but I'm unsure of the pricing.

We didn't evaluate other options, just Imperva.

I would rate the solution as an 8 out of 10, simply because of the difficulty of operation management. It's a complicated tool to keep.

Our primary use case is to protect our cloud production environment.

We have a co-location that we do with our QA and Dev and our pre-production environment. We do everything there. We built it for the production environment so we deploy everything in the cloud. We have the web application firewall in the cloud, after the proxy.

It has threat intelligence and we are using Incapsula. With threat intelligence, we can separate HTTP and HTTPS traffic. We can use Incapsula to send all the threat intelligence to the WAF.

The interface is very user-friendly. You get used to it. It's very convenient.

There could be some limitations rom the converged infrastructure perspective: when you want to converge with everything and you want Imperva to get there easily, because it's not a cloud component. For example, when you want to build servers and you're using OneView to manage your software-defined networks, implementing Imperva right away is not that simple. But if you're doing just a simple cloud infrastructure with servers in there, you're good to go.

Also, we are not able, with Imperva, to block by signatures. Imperva by itself needs to be complemented with another service to do URL filtering. That's why you need Incapsula.

No issues with stability. It has never crashed.

Scalability is affordable. There are no issues with the process of scaling.

They have centralized management, in terms of scalability. They have centralized policy control, they have centralized application profile information. On the dashboard they have Signature Update, Monitoring, Reporting. They clearly thought about the large-scale when they made this product.

We use a partner here in Puerto Rico for Imperva. We have a guy in our shop every day, full-time.

We used Fortigate. We switched because it's not a WAF. When you have a WAF, you want that WAF to do all kinds of configurations, to promote the firewall, to work the way you want it. Imperva came with everything, the whole package.

The initial setup was a little bit complex. But a third-party took care of everything. It's not like putting milk on cereal when you are working with these kinds of configurations. The effectiveness of a web application is going to come from the analysis of what your organization needs. If you don't have that information before you go into Imperva, you're going to have a lot to do when you get there. You need to know what you're doing. It's not something you can take out of the box and put in your infrastructure. It's somewhat hardcore to deal with these kinds of solutions. 

Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately.

We had F5, Akamai, Fortinet, Barracuda. We may have looked at Juniper as well, I don't remember. Not too many companies have a WAF. Not all the firewall companies are WAF makers.

I think it's perfect. It's a very good application. When you do large-scale deployment you want to protect your physical web application with Imperva, trust me. It gives me peace of mind.

These are guys are from Israel and you should see that place. These guys are the best I have ever seen. They do all kinds of stuff and there is nothing that they cannot do. These people are incredible. They can configure and develop anything, customized, if you want it. Everything has a price, but they can do it right now. They don't have a "no."

We use Imperva with Incapsula so we have web security, we have DDoS protection, we have content delivery networking, we have load-balancing. We do everything with Incapsula cloud. For example, if you have an internet threat, that threat is trying to access your web application. Depending on the threat that you are receiving, the activity monitor is going to be triggered. Once that activity monitor gets triggered, the vulnerability management is going to defend you. It doesn't work for everything the same way. It's very intelligent.

Without tuning, it blocked 88 percent of the vulnerabilities, and when we tuned it, it blocked 98 percent. Whatever was not blocked didn't harm us. We use a third-party for tuning. We tell them what to do it and they do it. They get it done fast, sometimes in two to three days. It depends on what you're asking for. If you're asking for more accuracy, they go the distance to solve your problem. For example, the other day I had some keywords, some attack signatures that they were looking at for false-positives and false negatives, which are two different things. One of the main reasons we got Imperva is that we wanted to block attacks while limiting the number of false positives. I wanted the application scanner not to generate false positives by creating violations. I gave them the information, and the next day it was solved.

To put it in a high-level perspective, you are paying to see the things that are important, but you get a lot of noise. I wanted to reduce that noise. They allowed me to do that. 

Make sure you have the right testing methodology for Virtual Patching. If you want to take your patching to under 30 days, this is the product for you. We reduced it to five days. I think we are the only company where the patching is under five days. We are only doing it at the database-level right now. But we took it down to five days. 

There are proper ways to test a WAF, but the main advice I can give you is that you should not just generate attack traffic. The most effective method, for me, would be to generate both attack and legitimate traffic. That kind of approach will give you a way to rate the ability of the WAF to detect malicious traffic and to distinguish malicious traffic from good traffic. Provide real-world testing scenarios, in which the WAF must block attacks and avoid blocking good traffic at the same time. You will be able to measure how many false positives you're getting. That is the best way to test a WAF: Don't only to generate attack traffic.

Another piece of advice, and here I will jump  to the main fears of this environment - SQL injections, cross-site scripting, which I hate, DT's (Directory Traversals) - is that you need to provide another layer here which is IPS. IPS products will all rely on signatures. They are going to be created by the scanner to stop anything, that's just the basics of threat prevention. If these signatures are easy to circumvent, by using comments and encoding at the same time, they will be available for the WAF to stop any kind of session or cookie tampering. What I'm saying is that there should be technical attack protection. You should be thinking not only about WAF but combining WAF and IPS.

You need to find an IPS that works with it. Imperva has something similar to an IPS, it's not an IPS per se. For example, an IPS cannot detect or stop fraud malware. For that, you need to add certain other levels of security and combine it with employee training. If you get the web application, which is called SecureSphere, the WAF, it will protect you against web page fraud because they go by black IPs. So you can help the IPS on that side and the IPS can help you letting you know what to block from the internal network. You should be considering a combination of WAF and IPS.

Another thing to take into consideration for people who are starting, with respect to deploying a WAF, is that they should validate the accuracy of the solution and the ability it has to protect any application and help you with monitoring and management. It's not just technical stuff.

The first use case was due to the need to protect DDoS attacks as well as protection for SQL injection. The existing application was no longer supported, and to prevent further attacks from occurring, WAF Imperva was applied. The rollout was very fast due to the need for DNS notes only.

In the old days, we experienced many problems with denial of service attacks, and identifying them was very difficult because we did not have a WAF solution. After the deployment, the solution gave us the visibility we needed.

Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this.

Imperva now offers add-ons to add functionality, but I would like to see these included in the product, even if it would cost more.

No issues with stability.

No issues with scalability.

Very good, although I have not had any problems so far.

No, this is the first solution I have used.

It was straightforward, very simple. I only entered the domain and Incapsula returned the DNS data that I needed to change for the protection to be configured.

I did not participate in the process of choosing the solution.

Only configure it by enabling all protections. This is very important for preventing attacks.

We use Incapsula as a firewall on our website which can block any suspicious attempts from the outside of the company. For example, if someone is trying to hack our website or put malware on it, it blocks them.

When I joined the company, one of our websites was hacked by malware (somebody put it on our website). The website went down for a long time. It took two weeks to clear the server and move everything: all the content, clean it, bring it up, and start again. By using this application, the firewall is blocking every suspicious activity and event. Now, we are safe. We have peace of mind that nobody will use malware on us or try to hack our website. With this application, we have some peace of mind that everything is blocked by Incapsula. 

1. I like to see the security. On the site security, I can see which countries have incidents, whether it was a robot attack, a real human user, or non-human user. For this feature, I like it because I can see information quickly without going into long logs and details. It is very comprehensive regarding what is going on behind the scenes on the website traffic.
2. The option saying activity launch. On the activity log, I can see the exact details, the visit, and the threat. If I click on the details, it shows me exactly where it came from, who the user agent is, and what page they tried to enter. Then, it gives me the session. Also, I have the option to put them on the blacklist or the white list. Therefore, I like this option because it is more detailed. If someone causes more than one of the incidents, then they are maybe suspicious, and we want to learn more about it. Here we can get the data, and under the data, we can see the IP addresses, therefore tracking and copying that IP address and putting it under IP lookup.
3. The dashboard is good and user-friendly. You can easily understand it, even if you don't have any prior knowledge. Looking at it, you can easily see what is happening because it is a very user-friendly menu and user interface. I don't come from this exact background, but it seems I am supposed to manage and work with this stuff. Because of the user interface, I can understand even without having prior knowledge or education of it.
4. The real-time option is cool as well. On the real time, you can see live traffic, which is flowing into our website. 

I am not sure if this application has a policy where you can create your custom policy and run it as our firewall. We should have some ability to also create some custom policy, then run it as a firewall. Maybe it is not relevant, but I think this would be a good option.

Some things previously happened where we moved one of our websites to a new host and new server, then we had difficulty putting in our user credentials to Incapsula because we could not find them. My boss was aggravated with the issue. I believe he contacted Incapsula and found out how to use the credentials for the website. They had changed the user interface a couple months ago. It was different than now. We had to put some information from the website domain to Incapsula login order to activate it, because they had changed the user interface.

It is a stable product.

It is not used at a high level, but we just put it in and configured it with our website. So, for the things that we have to run, it works just fine. I have no idea about any other scalability. However, it is just fine for the reason that we are using it.

I have never had a ticket with technical support, but I believe that they are supportive.

I was not involved with any solution in the company prior to Incapsula. When I came to this company, we were using this solution.

Someone else set it up.

An improvement has been to our website: It increases the speed of our response, the capacity of the site, and optimizes the bandwidth.

More than features, the complete solution is valuable for everything it delivers and the protection it offers.

Acquire it for all the benefits that this solution brings to organizations, especially nowadays, when we live in a technological era where the speed and response times of the different websites are valued so much.

Never.

None.

Technical support provides good, quick responses.

No.

Initial setup is very simple, since it is enough to change the servers in and out of the site to make it work.

Although the pricing can be a little high, it is worth the protection and security that it offers.

I only saw Cloudflare and Akamai, but the latter is very expensive.

It is an excellent product.

Protects and secures all our web sites.

• Learning mode.
• Custom policies.
• Very intuitive and granular configuration - It does not require much time, or advanced knowledge, for configuration and maintenance.

The reporting is missing some features, such as: only two export formats, and the time period does not include the last day, week, year.

No issues with stability.

No issues with scalability.

10 out of 10 for local support, seven out of 10 for Imperva Professional Services.

Straightforward. Easy to install and config.

F5.

I rate it a 10 out of 10 because of the ability to apply real-time changes or creations, export and import applications learned, and it's very easy to use. It also features system logs or incidents, granular configuration in relation to a SIEM. It is the best product on the market, in my opinion. Cyber security leader.