Imperva Application Security Platform is generally used for legacy-type applications that cannot be migrated to the cloud. A specific example of how I use this tool to protect legacy applications in my organization is that we have an intranet which has not been fully developed or technologically advanced enough to run in the cloud, so by having this, we secure it effectively.
IT Security Analyst & Engineer (Project, Remote) Australia-Europe at a manufacturing company with 10,001+ employees
Real User
Top 20
Apr 19, 2026
My main use case for Imperva Application Security Platform is using it for web application firewall as the main objective for managing a web application that is handled by WAF in the company that my company is working for. Protecting all threats or attacks from the web application is the main objective of the WAF.
My main use case for Imperva Application Security Platform is the Web Application Firewall, which I use for firewall protection and monitoring 24/7 for suspicious activity.Regarding my main use case, I first log into the WAF applications, then access the Alerts section. In that section, I can see different types of activity happening in the firewall. I review each alert to determine whether it is legitimate or suspicious activity. I can also view the target IP address and locations, target servers, and the payload that the attacker was using in that alert. I can see the OWASP Top 10 alerts and the event timing to identify when the attack occurred.
Senior Technical Consultant at a tech vendor with 11-50 employees
Real User
Top 5
Apr 19, 2026
Imperva Application Security Platform is used primarily for web application firewall security. My organization has a significant number of applications running through the platform, and to monitor those applications, we require firewalls. Imperva Application Security Platform's Web Application Firewall performs the deep inspection necessary for this monitoring.
My main use case for Imperva Application Security Platform is for WAF, application firewall, which is a web application firewall. I have my company's sites, websites, and our core application runs on it as well, so all traffic must first come through Imperva Application Security Platform before it's routed to the application. A specific example of how I use Imperva Application Security Platform for my core application involves dealing with all the unwanted bots on the internet and crawlers. Regarding my main use case with Imperva Application Security Platform, it denies all forms of malicious attempts to the sites, including SQL injection, brute force attack, DDoS, and all of that. It denies that and provides information about it through logs that indicate which particular IP was denied and the region, so I have the location based on the IP. I can get the location of where the attacks or injections are coming from. Basically, I receive a clean request based on the rules I've set, made to the server, and then receive their request back, while the ones that are not clean are blocked. Regarding other features, Imperva Application Security Platform has safe logging capability and, as mentioned earlier, it's primarily for my WAF, web application firewall. Any basic web filtering capabilities are there, and that's all I use it for.
Senior Cybersecurity Consultant at Cyberoutcome Limited
Real User
Top 10
Apr 16, 2026
My main use case is regarding API Security, specifically trying to do some schema enforcement. I would say that is my main use case, so having to make sure the schema enforcement is done and also some DDoS protection in the aspect of web application firewalls and making sure DDoS protection is done also for bot protection, as well as some of the use cases I have had in recent projects.In a recent project, we had one of our clients, a major financial institution in Eastern Europe. They were trying to resolve some issues with bots having access to some tangible data in their application. They had an external firewall they were using, but it was not backing up whatever alerts that needed to be obtained to make sure things are well secured. We came in and configured Imperva Application Security Platform on the web application. We made sure the DDoS protection feature was activated, so the admin is also alerted to whatever attack is coming in and then they are able to do the right measures to make sure it is stopped.
Learn what your peers think about Imperva Application Security Platform. Get advice and tips from experienced pros sharing their opinions. Updated: May 2026.
Clients can use Imperva Application Security Platform for various purposes, and as a reseller, I believe the best advantage in the product is its features that stand out for the client.
Usually, I work with web DDoS Protection on the website. DDoS protection of web requests on the website is the most common use case. Companies that are working through the site, selling through the site, and so forth. The most valuable feature of Imperva DDoS is to make our website available for our customers' requests 24 hours a day. This feature may be the most interesting for the financial sector, for banks.
The solution functions just like a firewall, but it operates in the cloud. It is designed to protect web applications and environments hosted on the cloud. It helps protect applications from DDoS attacks and other types of attacks. I handle a wide range of business requirements with it.
Security Consultant at a university with 1,001-5,000 employees
Real User
Top 5
Nov 11, 2024
We are a premier partner with Imperva. We usually recommend Imperva Web Application Firewall (WAF) more because our customers sometimes get a better deal, and many already have Imperva solutions on-premises. We help them move to the cloud and other related tasks.
We use Imperva DDoS protection to safeguard our network from multiple attacks. It is especially useful to protect websites or applications by redirecting traffic to eliminate threats.
We are primarily a customer for Firewall. We're also moving into the managed security space, but we are primarily a customer here. So, it is primarily used for web application firewalls. Protecting web applications against application-layer attacks. There is advanced bot protection and DDoS Protection.
Senior Technical Consultant- Cyber Security at Ivalue Infosolution
Reseller
Apr 18, 2024
The Imperva Web Application Firewall secures our web application externally. It filters traffic, allowing legitimate requests to reach our application while blocking malicious traffic.
I handled web application and database monitoring, including some DDoS work. I implemented Imperva for a top-five bank in Indonesia, monitoring their service and database activity.
Technical Consultant - Presales at a tech services company with 51-200 employees
Consultant
Feb 28, 2024
I am the administrator of the Web Application Firewall. I manage all the web applications and security regarding it. Some of the main use cases are related to OWASP Top 10 and bot attacks. We are a distributor of all types of cybersecurity products. We handle more than 170 OEMs, and Imperva Web Application Firewall is one of them.
I use the solution in my company because one of our clients needs a tool that offers functionalities in areas like bot management and DDoS protection against attacks while specifically being able to manage attacks against their public servers by bots and against scraping. DDoS is useful for dealing with too many queries against a single entity since it can cause a business to lose revenue because the company cannot access its site.
Imperva Application Security Platform delivers comprehensive and continuous web threat protection. Renowned for its ease of use, it shields web applications and databases from various cyber threats while integrating seamlessly with cloud and on-premises environments.Imperva Application Security Platform protects web environments by offering advanced security measures against threats like DDoS attacks, SQL injections, and cross-site scripting. As a robust web application firewall, it provides...
Imperva Application Security Platform is generally used for legacy-type applications that cannot be migrated to the cloud. A specific example of how I use this tool to protect legacy applications in my organization is that we have an intranet which has not been fully developed or technologically advanced enough to run in the cloud, so by having this, we secure it effectively.
My main use case for Imperva Application Security Platform is using it for web application firewall as the main objective for managing a web application that is handled by WAF in the company that my company is working for. Protecting all threats or attacks from the web application is the main objective of the WAF.
My main use case for Imperva Application Security Platform is the Web Application Firewall, which I use for firewall protection and monitoring 24/7 for suspicious activity.Regarding my main use case, I first log into the WAF applications, then access the Alerts section. In that section, I can see different types of activity happening in the firewall. I review each alert to determine whether it is legitimate or suspicious activity. I can also view the target IP address and locations, target servers, and the payload that the attacker was using in that alert. I can see the OWASP Top 10 alerts and the event timing to identify when the attack occurred.
Imperva Application Security Platform is used primarily for web application firewall security. My organization has a significant number of applications running through the platform, and to monitor those applications, we require firewalls. Imperva Application Security Platform's Web Application Firewall performs the deep inspection necessary for this monitoring.
My main use case for Imperva Application Security Platform is for WAF, application firewall, which is a web application firewall. I have my company's sites, websites, and our core application runs on it as well, so all traffic must first come through Imperva Application Security Platform before it's routed to the application. A specific example of how I use Imperva Application Security Platform for my core application involves dealing with all the unwanted bots on the internet and crawlers. Regarding my main use case with Imperva Application Security Platform, it denies all forms of malicious attempts to the sites, including SQL injection, brute force attack, DDoS, and all of that. It denies that and provides information about it through logs that indicate which particular IP was denied and the region, so I have the location based on the IP. I can get the location of where the attacks or injections are coming from. Basically, I receive a clean request based on the rules I've set, made to the server, and then receive their request back, while the ones that are not clean are blocked. Regarding other features, Imperva Application Security Platform has safe logging capability and, as mentioned earlier, it's primarily for my WAF, web application firewall. Any basic web filtering capabilities are there, and that's all I use it for.
My main use case is regarding API Security, specifically trying to do some schema enforcement. I would say that is my main use case, so having to make sure the schema enforcement is done and also some DDoS protection in the aspect of web application firewalls and making sure DDoS protection is done also for bot protection, as well as some of the use cases I have had in recent projects.In a recent project, we had one of our clients, a major financial institution in Eastern Europe. They were trying to resolve some issues with bots having access to some tangible data in their application. They had an external firewall they were using, but it was not backing up whatever alerts that needed to be obtained to make sure things are well secured. We came in and configured Imperva Application Security Platform on the web application. We made sure the DDoS protection feature was activated, so the admin is also alerted to whatever attack is coming in and then they are able to do the right measures to make sure it is stopped.
Clients can use Imperva Application Security Platform for various purposes, and as a reseller, I believe the best advantage in the product is its features that stand out for the client.
Usually, I work with web DDoS Protection on the website. DDoS protection of web requests on the website is the most common use case. Companies that are working through the site, selling through the site, and so forth. The most valuable feature of Imperva DDoS is to make our website available for our customers' requests 24 hours a day. This feature may be the most interesting for the financial sector, for banks.
The solution functions just like a firewall, but it operates in the cloud. It is designed to protect web applications and environments hosted on the cloud. It helps protect applications from DDoS attacks and other types of attacks. I handle a wide range of business requirements with it.
We are a premier partner with Imperva. We usually recommend Imperva Web Application Firewall (WAF) more because our customers sometimes get a better deal, and many already have Imperva solutions on-premises. We help them move to the cloud and other related tasks.
I use the service for protection due to the fact that it has profile functionality.
We use Imperva for our web applications that we have hosted to protect them.
We use Imperva DDoS protection to safeguard our network from multiple attacks. It is especially useful to protect websites or applications by redirecting traffic to eliminate threats.
We are primarily a customer for Firewall. We're also moving into the managed security space, but we are primarily a customer here. So, it is primarily used for web application firewalls. Protecting web applications against application-layer attacks. There is advanced bot protection and DDoS Protection.
My use case involved handling specific web applications for our operations team.
We use the solution to protect applications.
The Imperva Web Application Firewall secures our web application externally. It filters traffic, allowing legitimate requests to reach our application while blocking malicious traffic.
I handled web application and database monitoring, including some DDoS work. I implemented Imperva for a top-five bank in Indonesia, monitoring their service and database activity.
I am the administrator of the Web Application Firewall. I manage all the web applications and security regarding it. Some of the main use cases are related to OWASP Top 10 and bot attacks. We are a distributor of all types of cybersecurity products. We handle more than 170 OEMs, and Imperva Web Application Firewall is one of them.
I use the solution in my company because one of our clients needs a tool that offers functionalities in areas like bot management and DDoS protection against attacks while specifically being able to manage attacks against their public servers by bots and against scraping. DDoS is useful for dealing with too many queries against a single entity since it can cause a business to lose revenue because the company cannot access its site.