Imperva Application Security Platform Reviews

Customer Support has been the biggest help in dire situations. Their control panel is nice but support has been the best.

When under DDoS, we are able to get piece of mind to our clients since they know a large, technical company is dedicated to getting the issues resolved.

More products, especially for smaller companies that could benefit them.

About 3 months.

None.

None yet.

Not that I know of.

10/10

8/10

We had a sysadmin but he was unable to keep up. No other parties were used.

Yes, it was straightforward for our IT team to implement.

In house.

We ate the cost so it wasn't passed on to the client.

From my understanding, our CEO had multiple parties on the table but decided Incapsula was the best fit for us.

IncapRules, Login Protect & CDN are the most valuable features of Incapsula.

Incapsula gave us an incredible visiblity in terms of security.

HTML minification could be improved. The actual HTML minification does not provide the maximum HTML minification nor provides the best result. 

We are using this solution on our customer for three months.

No issues, setup pretty easy and straightforward.

No issues.

No issues.

The web support could be enhanced, you need to call to get immediate support.

Very easy setup!

CDN and DDoS.

This would speed up the images on the website geographically and protect against DDoS attacks.

• Maybe another pricing tier for home uses with a few more features above the free version.
• An appliance for large enterprise customers.

6 months.

Very straightforward.

No issues.

None, all automatic.

Excellent, no issues.

Excellent.

No.

Very straightforward, just some DNS changes.

In-house, again very straightforward.

Priceless, DDoS protection.

Choose the most appropriate model.

CloudFlare, didn't like as they want to take control of DNS.

Great product, it will not let you down!

Load balancing and DDoS protection.

Delivery services and information security.

One year.

None, the deployment was very fast and easy.

None.

Excellent, they answered all our questions.

Very good, the information provided by Imperva for the deployment was very clear.

No.

Straightforward.

Imperva and in-house team, the support provided from the Imperva team was very reliable.

Consider the unification of websites.

No.

Security rules and DDoS protection.

Well, just by using the security rules to block all secured areas by IP minimized the chance of sensitive data leaking outside.

I'd like it to work with Let's Encrypt.

1.5 years

No issues.

No issues.

No issues.

Once going enterprise, support is excellent.

Once going enterprise, support is excellent.

CloudFlare and I switched because we needed more locations.

Took us 10 minutes and we just waited for the DNS update.

In house.

No ROI since we use it for protection. Its an additional expense with no ROI expectations.

Always check the enterprise option, it gave us great rates.

We used CloudFlare in the past and we thought about working with Reblaze.

Try it for 30 days, it will amaze you.

We are using Incapsula as our web application firewall and for DDoS protection, and it performs really well at its job. Incapsula packs some great features, such as SSL support, content caching and the ability to 'play' with the rules as much as you'd like.

Since this is the very first WAF solution that we evaluated and tried to integrate into our AWS environment, I can't really say that it has improved anything, but the fact is, we never looked the other way.

Incapsula has a built-in monitoring module, but it is a paid feature; I would expect that for the price we pay for the basic service, we would be able to integrate a monitoring solution, even a simple one.

In addition to that, Incapsula doesn't feature the option to add/remove available SSL protocols and/or ciphers.

We have been using Incapsula for a little more than six months.

The only problem we encountered with Incapsula regarding deployment is with their Performance solution that allows caching the hosted sites. The dynamic caching sometimes causes issues and we need to manually purge all of the cache from their system after a new version has been deployed, in order for new content to load properly.

Technical support is excellent. In the few times we tried to contact Imperva's support, we received quick and swift replies.

I did not previously use a different solution.

The initial deployment is very straightforward; you follow a very simple setup wizard that guides you which changes you need to perform and where.

We received the recommendation regarding Incapsula from Emind, a third-party vendor that helped us deploy our environment over at Amazon. The rest was performed by our in-house IT/Devops teams.

I highly recommend Incapsula for anyone that is looking to integrate a WAF and DDoS protection into their environment.

• Hidden origin
• IP whitelist
• Country blocking
• Anti-DDoS
• Special page protection (two-factor authentication)

For example, we host a website for customer in China. Incapsula can help to hide the real origin and provide access control over different pages. And it can protect the website from being attacked.

Incapsula provides 7x24 service for protection, which saves us a lot of manpower.

• Customer service: Their customer service sometimes has different responses for similar requests. We sometimes need to explain the issue many times before they understand. Their CS staff is not well trained according to a consistent standard. For the same requests, some of them can perform well, but some of them might do it wrong.
• Network management: Their network department sometimes doesn’t take the responsibility to improve network latency until we raise the problem many times or to top management. Sometimes, we encounter latency issues. Only sometimes does their network staff update their routing to improve the performance. Other times, they will not do so and they push the responsibility to another carrier.

I have used it for one year.

Sometimes their system has routed our Asia traffic to US/EU and we needed to ask them to change the route back to Asia.

Their Asia bandwidth, i.e. to China, sometimes has a lot of lag. And they take a long time to improve it, until they add a new ISP to improve the bandwidth.

Technical support is 7/10.

We previously used Akamai. Incapsula is much cheaper and the administration is much easier.

Initial setup is easy, as Incapsula allows us to create new sites through their GUI or using an API.

Incapsula pricing is very affordable.

Before choosing this product, I did not evaluate other options.

If you don’t have a strong IT team for security, Incapsula is a good starting point for outsourcing your internet-facing security issues.

• Faultless inlining & minification: Every competing product breaks the layout, but we are yet to see Incapsula break a site
• Installation requires just a CNAME entry, avoiding the risk of email downtime.
• Instant PCI compliance and protection from the OWASP Top 10 vulnerabilities.
• CDN & DDoS protection.

Incapsula delivers a massive improvement to website performance and security in less than 20 minutes, regardless of the CMS. We love it so much that we decided to create a new service around this product, which could result in our largest income stream yet.

They once terminated a free account without warning, resulting in a few days downtime. But you get what you pay for.

I have been using it for two years.

I have not encountered any stability issues.

I have not encountered any scalability issues.

Technical support is first class. These guys are sharp.

We moved from CloudFlare because Incapsula’s minification was faultless, and their CNAME installation procedure avoided downtime for other services such as email.

It was very easy to set up: 20 minutes and you're done.

Go for the $59/month Pro plan. Free accounts can get terminated, and the higher plans are only if you like to have your own SSL certificate, or get regular DDoS attacks. The Pro plan has everything you need; it's just that you're using Imperva's SSL certificate, not yours.

Before choosing this product, we evaluate other options in great detail. We looked at CloudFlare, W3 Total Cache, WP Super Cache, Wordfence, BulletProof Security, Varnish, Mod_Security, ConfigServer, and a variety of other options. Incapsula isn't the cheapest, but is way in front of the competition. You'll easily spend double/triple the cost of your Incapsula subscription on maintaining any other solution, whereas Incapsula handles all that overhead for you, right out of the box.

Don't wait till you've been hacked; get protected now. It'll cost you at least a year of Incapsula fees to recover from website hacking. And if your website is running slow, Google is probably already penalising your site, when the fix is so easy. Incapsula is by far the fastest fix for both website speed and security.

The added security is the biggest bonus feature, as our websites are not usually under extreme load but do have highly sensitive data. A good WAF can be difficult enough to configure even without many of the advanced security features that Imperva Incapsula includes: SQL injection prevention, bot attack recognition and notification, and DDoS.

Our audit experience is made much more simple due to having this solution. It is an answer to many security issues. We have all of the same sites available and audited internally. This extra layer of security helps with the external 'monitoring and alerting' and keeps that heavy administration portion to those who can handle it at scale a lot easier.

The API is lackluster but especially for 'customers'. The only thing we wanted to use the API for was only available to resellers.

I have been using it for 5+ years.

I have not encountered any stability issues at all.

We have a multitude of DNS names for essentially the same site. Despite that, we have to pay for each of these separately as different sites. This model is unfortunate for us but we find the service to be worth it. I could see this being a potential issue, while it is not yet.

I have had to contact support only once for API support and it was a good experience.

Initial setup was simple but admittedly handled by a different person. I have set up and decommissioned sites with ease.

You get a better bang for your buck with converged DNS site names. If you use separate DNS for smaller portions of a site, it will increase your licensing cost.

Before choosing this product, I did not evaluate other options.

Keep your sites strongly secured but sleep easier knowing Imperva Incapsula continuously baffles our penetration testers.

• DDoS Protection
• Load Balancing

Incapsula’s DDoS Protection and Load Balancing really helped maximize our security. It added an extra layer of protection.

Threat monitoring allows us to save time when responding to an incident. Previously we would have had to analyze logs, generate reports which takes time that could be spend remediating issues. Incapsula gives an uncomplicated overview of what is happening among other things.

Incapsula's DDoS protection service delivers immediate and comprehensive protection for both network and application level (Layer 7). DDoS is a hugely beneficial feature.