AWS WAF vs Imperva Data Security

Likelihood to Recommend

AWS WAF is highly appropriate to interrupt or prevent cyber attacks because when implementing rules, whether they are specific or centralized, so any application that has these vulnerabilities is protected.

Implementing managed rules creates greater security to protect both API and applications.If implemented along with other AWS tools, the security is much better, so if you want to protect applications against more specific attacks, it is ideal to integrate with Amazon CloudFront, which is a great benefit because it warns when thresholds are exceeded or specific attacks occur.AWS WAF is ideal to avoid common web attacks. For more specific attacks and scenarios, I don't recommend this.

Read full review

Hanna Bedoya

Software Developer

iModulesComputer Software, 51-200 employees

View all 7 answers on this topic

Imperva is great to monitor when new users access a database and will monitor when there are unauthorized users or activity is occurring. Imperva is not well suited to interpret whether an activity is unauthorized or not. The administrator has to be familiar with what the organization determines as good or bad traffic.

Read full review

Jennifer Greulich, GSED, GSEC

Manager, IT Security & Compliance

Charlotte RusseRetail, 5001-10,000 employees

View all 1 answers on this topic

Pros

AWS WAF has the most developer-friendly API to create firewall rules.
AWS WAF provides OWASP security controls, which reduces developers' burden (i.e., SQL injection and cross-site scripting).
AWS WAF has customizable web security rules. The user can even push the rules through the API available, which is the great feature and helped me a lot.
It protects applications at layer 7 (HTTP) of the OSI model and not just layer 4 (TCP).

Read full review

Saim Jamali

Head of Software & Services

SamiPharmaHealth, Wellness and Fitness, 10,001+ employees

View all 7 answers on this topic

Alerts when suspicious activity is detected
Records all database transactions for analysis
Determines activities in stored procedures

Read full review

Jennifer Greulich, GSED, GSEC

Manager, IT Security & Compliance

Charlotte RusseRetail, 5001-10,000 employees

View all 1 answers on this topic

Cons

The documentation offered is somewhat confusing, so it would be ideal if it were much more direct and precise.
Your initial configuration may be confusing, so the best option is to use the rule templates provided by AWS.
Its configuration is not unified with AWS, so it must be done separately and it takes some time.
The number of rules to be established is somewhat limited.

Read full review

maría jose gonzalez ortiz

Software Developer

KANA SoftwareComputer Software, 501-1000 employees

View all 7 answers on this topic

Alerts require a lot of tuning to get actionable intelligence
Certain common encryption ciphers are incompatible with Imperva and have to be disabled at the server level
Technical support is sometimes a little hard to work with

Read full review

Jennifer Greulich, GSED, GSEC

Manager, IT Security & Compliance

Charlotte RusseRetail, 5001-10,000 employees

View all 1 answers on this topic

Likelihood to Renew

AWS WAF 9.0

Based on 1 answer

Good value for money. Native AWS solution for services

Read full review

Igor Zeiger

ITOPS Manager

Align TechnologyHealth, Wellness and Fitness, 10,001+ employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Usability

AWS WAF 9.0

Based on 1 answer

The product is highly scalable. It is easy to configure the rules and thereby helps us to mitigate many vulnerabilities.The interface and programming of the firewall provisions were easy to setup. Amazon clearly spent a lot of time figuring this out and perfecting it. It allows users to do customized configurations based on their needs. It provides protection against a number of security issues like XSS, SQL injection, etc. I would definitely recommend this for protecting your infra as you scale, since this basically protects and filters all requests hitting your application server.

Read full review

Saim Jamali

Head of Software & Services

SamiPharmaHealth, Wellness and Fitness, 10,001+ employees

View all 1 answers on this topic

No score

No answers yet

No answers on this topic

Support Rating

AWS WAF 9.3

Based on 4 answers

If you're intending to use AWS WAF, I would say that you absolutely should sign up for support. AWS Support is excellent and they can help you in a really good way to solve your issues.

Read full review

Oscar Martinez

DevOps

Aval Digital LabsFinancial Services, 201-500 employees

View all 4 answers on this topic

No score

No answers yet

No answers on this topic

Alternatives Considered

Amazon's support was better for us in the end. Implementation was also easier as we're using other Amazon services currently.

Read full review

Tony Ortiz

Database Administrator

Northside ISDEducation Management, 501-1000 employees

View all 7 answers on this topic

No answers on this topic

Return on Investment

The overall security of the web application increased effectively after deploying AWS WAF
No negative impacts were seen in the business
The developers were more confident in the overall security model of the web application being developed and it was easy to integrate WAF into the existing system as the application was also using AWS platform

Read full review

Verified User

Engineer in Professional Services

Computer Software Company, 501-1000 employees

View all 7 answers on this topic

Allowed us to meet important compliance requirements.
When protecting critical data, we can see exactly how it's being used and by whom.
Licensing costs are very reasonable.
It takes a fair amount of administration to use properly.

Read full review

Jennifer Greulich, GSED, GSEC

Manager, IT Security & Compliance

Charlotte RusseRetail, 5001-10,000 employees

View all 1 answers on this topic

Pricing Details

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

AWS WAF Editions & Modules

Edition

Resource Type - Web ACL	$5.00¹
Resource Type - Rule	$1.00¹
Resource Type - Request	$0.60²

per month (prorated hourly)
per 1 million requests

Additional Pricing Details

—

General

Free Trial

—

Free/Freemium Version

—

Premium Consulting/Integration Services

—

Entry-level set up fee?

No

Imperva Data Security Editions & Modules

—

Additional Pricing Details

—

AWS WAF

Imperva Data Security

Likelihood to Recommend

AWS WAF

Imperva Data Security

Pros

AWS WAF

Imperva Data Security

Cons

AWS WAF

Imperva Data Security

Likelihood to Renew

AWS WAF

Imperva Data Security

Usability

AWS WAF

Imperva Data Security

Support Rating

AWS WAF

Imperva Data Security

Alternatives Considered

AWS WAF

Imperva Data Security

Return on Investment

AWS WAF

Imperva Data Security

Pricing Details

General

Free Trial

Free/Freemium Version

Premium Consulting/Integration Services

Entry-level set up fee?

AWS WAF Editions & Modules

Edition

Additional Pricing Details

General

Free Trial

Free/Freemium Version

Premium Consulting/Integration Services

Entry-level set up fee?

Imperva Data Security Editions & Modules

Additional Pricing Details

Add comparison