Imperva Application Security Platform is generally used for legacy-type applications that cannot be migrated to the cloud. A specific example of how I use this tool to protect legacy applications in my organization is that we have an intranet which has not been fully developed or technologically advanced enough to run in the cloud, so by having this, we secure it effectively.
External reviews
75 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Strong protection has improved legacy app security and currently reduces risky server connections
What is our primary use case?
What is most valuable?
Imperva Application Security Platform allows you to enhance your application security posture. Among the best features that Imperva Application Security Platform offers, the policies are very dynamic, and it also has profiling at the application level that allows you to work in this mode.
I would like to highlight especially the ThreatRadar feature, which is an additional subscription, and ThreatRadar helps with threat intelligence by allowing you to block advanced attacks as well as mitigate risks more effectively.
Imperva Application Security Platform positively impacts us because we have a critical website, so by placing a WAF of Imperva's quality, it allows us to have visibility and granular control over the various attacks that can occur on the website.
A concrete improvement I have seen thanks to Imperva Application Security Platform is that it has decreased the level of connections to the final server. The specific improvement is that the connections that reach the server are fewer because Imperva is already filtering them at the WAF stage.
What needs improvement?
Imperva Application Security Platform could be improved if it allowed integration with Active Directory in the cloud, or if it provided visibility of user roles and permissions.
For how long have I used the solution?
I have been using Imperva Application Security Platform for a little more than three years.
What do I think about the stability of the solution?
I consider Imperva Application Security Platform to be a stable solution.
What do I think about the scalability of the solution?
I would rate the scalability of Imperva Application Security Platform as very good since it adapts well and you can grow independently because the interfaces support one and ten gigs.
How are customer service and support?
Imperva Application Security Platform customer support has been very good; the ticketing platform allows us to have visibility of the case, and the staff makes the effort to respond quickly.
Which solution did I use previously and why did I switch?
I did not previously use any other solution before Imperva Application Security Platform.
How was the initial setup?
The advice I would give to others who are considering using Imperva Application Security Platform is to start with learning mode and then move to blocking mode slowly for approximately one week so that Imperva can identify the website and the connections that are made to it.
What was our ROI?
I have seen a return on investment with Imperva Application Security Platform, as it is generally associated with time savings, because the review of alerts and the visibility it gives saves us significant operational time. The clarification on time savings is that it refers to the time spent on alerts.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, implementation cost, and licenses of Imperva Application Security Platform is that it is high compared to a traditional WAF solution, but it meets expectations.
Which other solutions did I evaluate?
Before choosing Imperva Application Security Platform, I did not evaluate other options, as we went directly with Imperva due to recommendations.
What other advice do I have?
I would rate Imperva Application Security Platform an eight on a scale from one to ten. Imperva Application Security Platform is a very good platform; even though it is not in Gartner, clients request it and trust the brand. I would rate customer support on a scale from one to ten as an eight. My overall review rating for Imperva Application Security Platform is eight out of ten.
Web defenses have blocked unauthorized access and protect sensitive health data effectively
What is our primary use case?
My main use case for Imperva Application Security Platform is to block unauthorized IPs, users, and source applications, as we configured the Web Application Firewall to monitor internet-based applications during my previous project.
To decide which policies to configure for blocking unauthorized users and sources, we identify authorized users and source IP addresses, ensuring only those belonging to the organization are validated and whitelisted in Imperva Application Security Platform to effectively block unauthorized sources. Imperva Application Security Platform works on a whitelisting concept, meaning only whitelisted users are allowed while others are treated as unauthorized.
We implement multiple policies for sensitive data in the Web Application Firewall because users may attempt to access sensitive health-related information. In a healthcare project, we set up patterns to alert if sensitive data is accessed within the organization and block it if accessed externally.
What is most valuable?
The best features of Imperva Application Security Platform include its ease of use, as it offers both on-premises and cloud options, with minimal maintenance downtime during patching due to the recommended three gateways setup, allowing for resource monitoring while upgrading.
Imperva Application Security Platform positively impacts my organization by reducing CVE-related issues significantly, as we monitor and learn from reports generated during collaboration with respective teams.
We track the reduction in CVE-related issues through weekly and monthly meetings using Imperva Application Security Platform reports. Initially, there were over 1,500 vulnerabilities, but we managed to fix almost all of them within three months, leaving only two low severity issues outstanding.
What needs improvement?
Imperva Application Security Platform can be improved as it currently lacks integration with other tools under the Data Security Fabric, particularly the WAF feature, which would enhance overall functionality.
Generally, I am satisfied with the user experience of Imperva Application Security Platform; however, I would suggest streamlining the patching process for larger environments as it becomes time-consuming when applying multiple patches across many gateways.
For how long have I used the solution?
I have been working in IT security for 10 years out of my overall 17 plus years of experience.
What do I think about the stability of the solution?
Imperva Application Security Platform is always stable, having encountered issues infrequently across my usage of their products.
What do I think about the scalability of the solution?
The scalability of Imperva Application Security Platform is indeed good, effectively accommodating growth for larger organizations despite internal data management policies.
Imperva Application Security Platform handles scalability effectively, allowing for growth when appropriately understood through policies and configurations, although understanding the platform takes time.
How are customer service and support?
Customer support from Imperva has been very good as I have raised over 100 cases, with responsive support addressing urgent needs, even offering early support despite initial SLA challenges.
Which solution did I use previously and why did I switch?
We did not previously use a different solution, starting with DAM and moving directly into a full implementation due to an incident that required rapid deployment.
How was the initial setup?
We utilized AWS for our private cloud environment, finding it satisfactory, although I only used Imperva Application Security Platform Cloud once for DAM, not WAF.
What was our ROI?
While I would not say we have saved money, we have certainly saved time through effective documentation and support for compliance-related issues, streamlining the necessary processes with fewer employees.
What's my experience with pricing, setup cost, and licensing?
We faced challenges with high costs, as the customer perceived pricing for gateways to be excessive, but we handled multiple billing instances with sophisticated setups.
Which other solutions did I evaluate?
We did not evaluate other options before choosing Imperva Application Security Platform, opting for it directly because it fit our needs for an on-premises solution.
What other advice do I have?
Beyond the WAF, Imperva DAM is beneficial because it features Imperva Security Fabric and Data Security Fabric, including tools like File Access Activity Monitoring, though the WAF is still using previous functionalities.
I can confirm that Imperva Application Security Platform is stable, though we have not purchased Imperva Application Security Platform cloud environment from the AWS Marketplace.
It is important to decide the purpose for using Imperva Application Security Platform; I recommend it for monitoring internet-based applications, while for internal tasks, it may not be worthwhile due to its costs. I would rate this review as a 9.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Advanced protection has secured our websites and reduces DDoS and zero‑day attack incidents
What is our primary use case?
My main use case for Imperva Application Security Platform is using it for web application firewall as the main objective for managing a web application that is handled by WAF in the company that my company is working for. Protecting all threats or attacks from the web application is the main objective of the WAF.
What is most valuable?
The best features Imperva Application Security Platform offers are for speed and protection. There is runtime and zero protection, and we have the sub and sub plus protection.
The speed and protection features of Imperva Application Security Platform help my team day-to-day by providing safe and clear access to the website. For example, my company is a multinational company that experiences many attacks, such as DDoS attacks, hitting the general website of the company before. The protection protects all of the websites in Imperva, so accessing the website is safer right now, not disrupted by DDoS attacks.
Imperva Application Security Platform has positively impacted my organization by making the website more secure. It reduces the DDoS attacks and reduces the attacks from threat actors, including SQL Injection and zero-day attacks, by using dynamic application profiling from Imperva. This is very helpful for my company as it reduces the incidents from the website.
What needs improvement?
I would suggest that Imperva Application Security Platform should include new features combined with AI. When I was using Imperva, it was not yet combined with AI. I believe that AI can now be used to make things easier, to track the attacks or IPs, or perhaps to determine the best configuration for each company that is using Imperva.
For how long have I used the solution?
I have been using Imperva Application Security Platform for three years.
What other advice do I have?
I would add that I have a unique observation about the features of Imperva Application Security Platform. For protection to protect more safely and restrictively, I have another use case with an internal website. This website is internal, and those people who want to access it can use the VPN or the internal network. I have encountered cases where a person from the internal company wants to access the website without using the API and got blocked by Imperva because there is a feature or configuration that allows specific IPs. I had to log all of the ways to access the web and allow only a few IPs from the internal IPs. I think Imperva is very secure, very restricted, and good for protecting websites, especially for internal websites and production servers.
Regarding improvements to Imperva Application Security Platform, I think all aspects of Imperva Web Application Firewall, including the UI/UX, are good, and I can operate it smoothly with the application. I give this product a rating of 8.5 out of 10.
Continuous monitoring has strengthened our web defenses and has reduced malicious incidents
What is our primary use case?
My main use case for Imperva Application Security Platform is the Web Application Firewall, which I use for firewall protection and monitoring 24/7 for suspicious activity.
Regarding my main use case, I first log into the WAF applications, then access the Alerts section. In that section, I can see different types of activity happening in the firewall. I review each alert to determine whether it is legitimate or suspicious activity. I can also view the target IP address and locations, target servers, and the payload that the attacker was using in that alert. I can see the OWASP Top 10 alerts and the event timing to identify when the attack occurred.
What is most valuable?
Imperva Application Security Platform offers impressive features. I am using the WAF, which blocks each alert based on signature-based attacks. That is the most impressive aspect I have experienced.
There are many alerts in Imperva Application Security Platform. For example, there is an OWASP Top 10 alert called SSRF, which is server-side request forgery. If someone attempts to access the server, the WAF blocks that SSRF alert, or RCE, Remote Code Execution alert, blocking immediately based on the signature, not only by the payload or the IP address. That is very effective.
Imperva Application Security Platform has positively impacted my organization because every time an attacker uses a malicious payload or malicious signature that is already included in the signature database of the WAF application or Imperva application, the application directly blocks that particular signature immediately. This capability can help any organization achieve better security outcomes.
What needs improvement?
I believe Imperva Application Security Platform can be improved because cybersecurity is a field that changes every day, and different types of signatures are being invented. The WAF team should add more signatures, including basic and advanced signatures, on a daily basis. They need to understand this requirement and update their signature database daily.
For how long have I used the solution?
I have been using Imperva Application Security Platform for almost one year and four months.
What do I think about the stability of the solution?
Imperva Application Security Platform is stable.
How are customer service and support?
The customer support for Imperva Application Security Platform is very good.
Which solution did I use previously and why did I switch?
I did not previously use a different solution; I have been using the WAF Imperva application for the last five years.
What was our ROI?
Imperva Application Security Platform has helped reduce incidents, save time, and improve my organization's security posture with specific measurable outcomes and metrics.
What other advice do I have?
I would rate Imperva Application Security Platform a 10 on a scale of one to 10.
I gave it a 10 because it is useful for private organizations and it is very safe to have WAF applications, particularly Imperva Application Security Platform.
The advice I would give to others looking into using Imperva Application Security Platform is that it is safer to use or to have it. My overall rating for this product is 10 out of 10.
Custom policies and rate limiting have strengthened our application security and compliance
What is our primary use case?
Imperva Application Security Platform is used primarily for web application firewall security. My organization has a significant number of applications running through the platform, and to monitor those applications, we require firewalls. Imperva Application Security Platform's Web Application Firewall performs the deep inspection necessary for this monitoring.
What is most valuable?
Imperva Application Security Platform offers customization of security policies, allowing me to create policies tailored to my environment.
The rate limiting policy in Imperva Application Security Platform works based on usage numbers and has proven valuable for our operations.
Imperva Application Security Platform is user-friendly, and I can maintain a customized dashboard to monitor the utilization of all gateways in day-to-day operations.
Imperva Application Security Platform serves as the base pillar for applications to grant or deny access appropriately.
From a compliance perspective, Imperva Application Security Platform has been an improvement, as it has passed all compliance processes.
What needs improvement?
Imperva Application Security Platform could be improved by providing a more user-friendly dashboard.
I would recommend that support for Imperva Application Security Platform be enhanced to be more effective.
For how long have I used the solution?
I have been using Imperva Application Security Platform for three years.
What do I think about the stability of the solution?
Imperva Application Security Platform is stable.
What do I think about the scalability of the solution?
Scalability in Imperva Application Security Platform depends on the region. Imperva Application Security Platform can handle more applications or increased traffic easily as my organization grows. Currently, we are running approximately 1000 applications, and it can handle more.
How are customer service and support?
Customer support for Imperva Application Security Platform is good, though it could be better. I would rate the customer support of Imperva Application Security Platform an eight on a scale of one to ten.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
What was our ROI?
We have seen a return on investment with Imperva Application Security Platform, as we started with a few devices and gradually increased the number of on-premises devices for Imperva Application Security Platform.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing for Imperva Application Security Platform were user-friendly and good.
Which other solutions did I evaluate?
What other advice do I have?
I would recommend Imperva Application Security Platform compared to Akamai WAF. It has been good to use Imperva Application Security Platform, as I have been using it for three years. I would rate this review a nine on a scale of one to ten.
Web protection has stopped attacks and now routes only clean traffic to our core applications
What is our primary use case?
My main use case for Imperva Application Security Platform is for WAF, application firewall, which is a web application firewall. I have my company's sites, websites, and our core application runs on it as well, so all traffic must first come through Imperva Application Security Platform before it's routed to the application.
A specific example of how I use Imperva Application Security Platform for my core application involves dealing with all the unwanted bots on the internet and crawlers.
Regarding my main use case with Imperva Application Security Platform, it denies all forms of malicious attempts to the sites, including SQL injection, brute force attack, DDoS, and all of that. It denies that and provides information about it through logs that indicate which particular IP was denied and the region, so I have the location based on the IP. I can get the location of where the attacks or injections are coming from. Basically, I receive a clean request based on the rules I've set, made to the server, and then receive their request back, while the ones that are not clean are blocked.
Regarding other features, Imperva Application Security Platform has safe logging capability and, as mentioned earlier, it's primarily for my WAF, web application firewall. Any basic web filtering capabilities are there, and that's all I use it for.
What is most valuable?
The best features Imperva Application Security Platform offers include DDoS protection, anti-DDoS capabilities, and connection protection against different malicious web attacks.
Imperva Application Security Platform has positively impacted my organization, as before its introduction, I usually had a lot of logs on my router, with many foreign attempts from anonymous IPs trying to gain access, including a lot of brute force logs. The CPU of the router would struggle with what it wasn't supposed to be doing while legitimate users suffered. Since implementing Imperva Application Security Platform WAF, as mentioned earlier, only legitimate traffic reaches the server and the router to request what they need, and of course, the response is given. This allows us to accommodate more legitimate traffic, faster and more securely.
While I can't provide a specific metric at this moment as I'm not in front of my system, I can confidently say that we have significantly noticed improved performance in terms of latency, an increased number of requests we can handle, and a reduction in attack attempts.
What needs improvement?
One improvement I would like to see in Imperva Application Security Platform is the ability to fail over to different sites for my same application. I want to have my disaster recovery site, my current site, and my cloud environment, all different, about three sites so that I can load balance across those sites. It would be beneficial if that could be included as a baseline feature without needing a special license.
I also think about the ability of Imperva Application Security Platform to integrate its logs with various systems; the integration with SIEM solutions is limited to certain types of OEM. I would prefer a situation where they are more agnostic in terms of log integration with SIEM solutions, such as SentinelOne.
For how long have I used the solution?
I have been using Imperva Application Security Platform for more than three years.
What do I think about the stability of the solution?
Imperva Application Security Platform is very stable.
What do I think about the scalability of the solution?
In terms of scalability, I believe it's within their infrastructure; there has never been any downtime.
How are customer service and support?
I use the channel partner for support and have never had a need to raise a ticket directly with Imperva.
How was the initial setup?
Imperva Application Security Platform is deployed in a cloud solution, as I was provided with login details, logged in, and configured Imperva Application Security Platform, putting in my public IP. From Imperva, I received a certain CNAME that I placed in my DNS, so all traffic coming to my domain goes through that DNS, through the CNAME to Imperva Application Security Platform, and then Imperva Application Security Platform forwards it to my public IP. Therefore, I would classify it as a private cloud.
What was our ROI?
I have the impression that there is a return on investment; we enjoy cleaner traffic in our environment, and more requests are being served, indicating a huge return on investment.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup cost, and licensing is that the pricing is not transparent to me; it's what the vendors give, or whatever the channel partner offers that you can negotiate on. The setup process is pretty easy, and the vendor is very transparent in terms of support.
Which other solutions did I evaluate?
Prior to choosing Imperva Application Security Platform, I did not evaluate other options in terms of a proof of concept; I only did a feedback assessment on the internet.
What other advice do I have?
I would rate Imperva Application Security Platform a nine on a scale of one to ten. I choose a nine because it has not failed me since I've been using it, and I've not had any attack. My advice to others looking into using Imperva Application Security Platform is that it is highly recommended and certainly worth trying out, at least for web application firewall purposes.
Strong policies and bot defenses have secured critical APIs and have reduced attack noise
What is our primary use case?
My main use case is regarding API Security, specifically trying to do some schema enforcement. I would say that is my main use case, so having to make sure the schema enforcement is done and also some DDoS protection in the aspect of web application firewalls and making sure DDoS protection is done also for bot protection, as well as some of the use cases I have had in recent projects.
In a recent project, we had one of our clients, a major financial institution in Eastern Europe. They were trying to resolve some issues with bots having access to some tangible data in their application. They had an external firewall they were using, but it was not backing up whatever alerts that needed to be obtained to make sure things are well secured. We came in and configured Imperva Application Security Platform on the web application. We made sure the DDoS protection feature was activated, so the admin is also alerted to whatever attack is coming in and then they are able to do the right measures to make sure it is stopped.
What is most valuable?
Some of the best features are the policy tuning, where you are able to tune policies the right way without stress or much hassle. The DDoS protection, the OWASP Top 10 feature, and the bot protection feature are also excellent. The API security feature is particularly valuable because most attackers do not try to come in from where it is expected. Most attackers attack the API that is being used on a platform.
The policy tuning is one of the easiest features that I know. Once you are trying to customize a policy, you just need to understand what kind of policy you are trying to customize, go through the right place from the security to policies, then create a policy. For example, you might be trying to set a policy to make sure that it does not save credit cards on a particular platform or website. That is basically one of the simplest ways of ensuring policy tuning works fine. It is one of the easiest features and I believe it has done a great deal for me in the aspect of operating Imperva Application Security Platform.
What needs improvement?
From my research regarding the IAM space that Imperva Application Security Platform is trying to look into, I believe they still need to do a lot of modeling and modification to make sure that also helps. There are several competitors in the IAM space, so Imperva would do well if they can do some basic modeling and modifications from my own personal research and my own experience in the IAM space. Alternatively, they could actually just focus on trying to be stronger in the web application space and the database activity monitoring space.
The main reason it is not a perfect ten is regarding support. At times, having to reach the support team takes eight hours to ten hours maximum. There are times when clients could have urgent issues to attend to. The support team could do more by having a faster response rate.
For how long have I used the solution?
I have been working for over three years in this space.
What do I think about the stability of the solution?
Imperva Application Security Platform is very stable, very, very stable.
What do I think about the scalability of the solution?
The scalability of Imperva Application Security Platform is easy and well organized, so you can easily upgrade the version of the model you are using. It is easy to always scale to add more users. It is easy to always scale to add more endpoints and apps you are trying to secure.
How are customer service and support?
For the customer support, the reason I rated Imperva nine over ten is basically because of the customer support. They need to work faster on the response time because of issues of urgent replies. They need to work perfectly on the faster response. Overall, it is a good customer experience with them. It has not really been hectic, but they can do better.
Which solution did I use previously and why did I switch?
We did not use any previous solution regarding that. We were always on Imperva Application Security Platform because Imperva is one of the leading organizations regarding WAF and DAM.
How was the initial setup?
Regarding licensing, it was a smooth experience. I had to reach out to the salesperson at Imperva who helped us with setting up costs and understanding what the client needs, and making sure the pricing and licensing is done. Licensing is always for a year. There are times when most of our clients do not actually remember where they do their licensing. The licensing certificate helps to understand the date and then gives the client the proper time to renew when necessary.
What was our ROI?
I was able to save over seven million dollars last year as return on investment in the company. Regarding fewer employees needed, we are able to employ more hands because we were one of the organizations that actually brought Imperva to Africa. We needed more Imperva engineers and from the way it is, Imperva engineers have not been that much in Africa. Training new employees and making sure they are attended to with Imperva is also an issue that we are trying to resolve in Africa.
What's my experience with pricing, setup cost, and licensing?
We have noticed faster response times and fewer security alerts because after doing some custom policy tuning, everything seemed to be aligned and we have fewer attacks to monitor and fewer alerts to monitor. It was possible where we were able to integrate a SIEM solution that we were using with Imperva Application Security Platform. That is one of the features I enjoy about Imperva. You can stimulate and integrate whatever SIEM platform you are using to Imperva. Imperva sends over the logs and alerts to the SIEM, so it is easier for the blue team of your organization to read the alert and provide adequate measures to stop whatever is happening in the enterprise.
Which other solutions did I evaluate?
We evaluated Trendis and we also evaluated Check Point.
What other advice do I have?
My basic advice would be to make your evaluations properly. It is okay to do demos as much as you can to fully see if it is going to work with whatever challenges you are trying to solve. I believe in thorough and proper evaluation of solutions. I can give a solid approval of Imperva Application Security Platform because it has really done a lot in helping my clients and giving them the best. Imperva is one of the best, if not the best. Almost every feature in Imperva Application Security Platform works really fine and it is what enterprises are battling, and what Imperva does in shaping the security culture of the digital world. Overall, I am going to rate Imperva Application Security Platform a nine out of ten, being one of the leading solution providers in the WAF space and the DAM space.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Advanced API inspection has protected critical banking integrations and supports real-time analysis
What is our primary use case?
I use Imperva Application Security Platform for API security, which has a cloud solution where normal traffic flows horizontally, and a copy of the traffic goes to the cloud to be inspected. If there is something suspicious, it could be blocked depending on the action configured. Imperva Application Security Platform also has a solution for Database Activity Monitoring (DAM) as well as API security. I have been working with these solutions for around one and a half years, more than one year, as a partner collaborating with the vendor. The communication from the vendor flows through us, then to the clients, particularly the financial institutions and banks.
The data center for the bank is usually the headquarter, where the main data center is located in our country, and there are branches at every street. For the branches, every access is through the firewall and the core banking application server, and there is an integration between banks from different institutions. In this case, every communication is done through the API, necessitating API inspection and API security.
The main benefit is the use case my clients find valuable. For the product and security, there is good API inspection. If any abnormal API appears or there are any similarities due to changes, the API security features will catch that because there is access for third-party applications from one bank to another. This setup ensures there is segmentation, and allowed APIs will get access while others will be blocked. It serves as the main channel for third-party application integration, and without API security, any similar URL related access could affect core banking, which is vital for every financial transaction.
For real-time analysis, the deployment is arranged so as not to interrupt transactions. The normal traffic flow will continue, while a copy of the API traffic will be mirrored to Imperva Application Security Platform for deep inspection. If any abnormalities are detected, even unusual behaviors for transactions, checks are done continuously, and actions are sent accordingly if any suspicious traffic is found.
What is most valuable?
For the fast response of signature-based comparisons, traffic will be matched against the solutions stored in the database to release actions if similarities occur. However, the main drawback for signature-based approaches happens when there is a new zero-day attack that is not in the database. Solutions usually include integrity with lab environments so that zero-day attack signatures are sent through subscriptions to provide the latest updates.
The comparison for API protection varies across solutions. For F5, API protection is part of WAF, and similarly for Fortinet. While Imperva Application Security Platform has basic features as part of WAF, its dedicated API protection solution is a strong point.
What needs improvement?
On the negative side, API security mainly supports cloud-based solutions, while most of my customers prefer on-prem setups, so achieving high performance with on-prem solutions would be beneficial. The attractiveness of Imperva Application Security Platform is that not all data is exposed to the cloud. Only a mirrored copy goes to the cloud and is inspected, allowing actions to be taken on-prem. To convince my clients, a purely on-prem solution would be ideal since they are financial institutions.
For how long have I used the solution?
I have been using the solution for more than one year.
What do I think about the stability of the solution?
I am more than happy with the technical support from Imperva Application Security Platform regarding data security and API security. For the support, however, one notable drawback is that, unlike Fortinet, which offers fast track labs and continuous enablement, Imperva Application Security Platform lacks lab access and fast track labs for enablement and product advertising. This weakness has shifted the marketplace toward other vendors. When creating a ticket for support during deployment, the response is satisfactory, though the gaps in enablement and lab sessions are clear.
What do I think about the scalability of the solution?
I find Imperva Application Security Platform to be a scalable product, as long as I subscribe and pay for the application I wish to use. It is scalable, and for about one and a half years, I have experienced no challenges in this area. I have not even needed support after deployment, since it has remained stable.
How are customer service and support?
When creating a ticket for support during deployment, the response is satisfactory, though the gaps in enablement and lab sessions are clear. Overall, I would rate support around an eight or nine, and my overall experience with security products spans around four years, with my particular engagement with Imperva Application Security Platform mainly during project deployment and client training.
How was the initial setup?
For installation, it primarily involves a cloud-based service, and I was using that as an operator. For database activity monitoring, I have deployed it, and while it is somewhat complex, there is a support channel where I communicate with vendors to resolve issues. The main challenge during installation is not unique to Imperva Application Security Platform. It is faced by many on-prem and virtual appliance products, particularly ensuring integrity with the virtualization environment and integration with third-party applications.
What other advice do I have?
I am not using CyberArk, as it is only a proposal for identity and access management that I have proposed for my clients.
Apart from One Identity, I am working with SentinelOne for AI, and I was looking for that. For Purple AI, I was communicating with the vendors and the distributor, and I have considered proposing it for my clients. Currently, I am using the load balancer Radware as an application load balancer. For the on-prem WAF, I am using Fortinet, regarding the WAF and the load balancer, Radware and Fortinet.
I am not working with some email security products, some EDR, or endpoint protection as an implementation. I was just looking into it and have proposed it for my clients, and I am waiting for the financial evaluation for FortiMail. For Fortinet, I am involved more with FortiMail, WAF, ADC, FortiGate firewall, NAC, WAF, and FortiClient EMS.
Regarding Check Point and WatchGuard, I have worked with Check Point for the firewall, specifically the perimeter firewall. For Check Point, I have already worked with the firewall only, which is a next-generation firewall, using a physical appliance on-prem. Most of my customers, particularly financial institutions, even if they invest their resources in the cloud, need an on-prem solution. It could be a virtual appliance deployed on a server or a physical appliance, but they mostly need on-prem.
Regarding the price, I find Imperva Application Security Platform affordable, with moderate pricing. My overall rating for this solution is eight out of ten.
Advanced threat detection has improved real-time traffic protection and mitigates DDoS attacks
What is our primary use case?
Clients can use Imperva Application Security Platform for various purposes, and as a reseller, I believe the best advantage in the product is its features that stand out for the client.
What is most valuable?
I have experience with the real-time traffic inspection feature of Imperva Application Security Platform, and it helps with network security.
I believe the reputational analysis in Imperva Application Security Platform is effective for blocking security threats before impact. I also believe that behavioral and signature-based techniques help to improve threat detection accuracy.
I see valuable benefits from advanced detection and traffic profiling during DDoS attacks, and I track some metrics related to DDoS protection performance.
What needs improvement?
I see some areas for improvement in Imperva Application Security Platform, especially regarding price. Regarding return on investment, ROI, I can say it is noticeable with Imperva Application Security Platform, and I see some significant differences compared to other firewalls such as Palo Alto, where there are pros and cons between Imperva Application Security Platform and some competitors.
As for the deployment of Imperva Application Security Platform, I would say it can be a complex process, and I ask this because we are partners with AWS. I have not purchased a solution from AWS Marketplace or deployed it on AWS Cloud for a client.
For how long have I used the solution?
I have been working and selling it for three years so far.
What do I think about the stability of the solution?
Regarding the scalability of Imperva Application Security Platform, I would say it is a scalable product with some limitations, but it is also a stable product without much glitch or downtime.
How are customer service and support?
My experience with technical support from Imperva Application Security Platform was good when I reached out to them.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I have been in this domain with firewalls longer than three years, overall in this sphere with firewalls and security solutions.
What was our ROI?
I see some areas for improvement in Imperva Application Security Platform, especially regarding price. Regarding return on investment, ROI, I can say it is noticeable with Imperva Application Security Platform, and I see some significant differences compared to other firewalls such as Palo Alto, where there are pros and cons between Imperva Application Security Platform and some competitors.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Have noticed several areas that need improvement while some features are helpful during deployment
What is our primary use case?
I prefer not to do a review for EDR since it is a new product that I am using. Instead, I would like to review other products I have worked with before, such as Imperva products, Imperva Web Application Firewall, or Imperva DAM.
What is most valuable?
I worked as a consultant for the customer and was part of a design and deployment team for Imperva API Security.
What needs improvement?
Could you please describe the deployment process, initial setup process, and what challenges were faced?
What was my experience with deployment of the solution?
I would need to check with my manager and run this by the legal team in the US before I would be able to share this information.
What do I think about the stability of the solution?
Please repeat the question.
What do I think about the scalability of the solution?
That would be fine.
How are customer service and support?
The technical support team would be rated 5 out of 10, where 10 represents the best support and 1 represents very poor support.
Which solution did I use previously and why did I switch?
I would prefer to receive the form via email so I can fill it out manually myself. Additionally, I want this review to be anonymous, with neither my name nor my company's name appearing anywhere.
How was the initial setup?
We can schedule a call in two hours to discuss this further.
What about the implementation team?
Please describe the deployment process, initial setup process, and what challenges were faced.
What other advice do I have?
I would need to check with my manager and run this by the legal team in the US before sharing more information. We can schedule a call in two hours to discuss this further.
showing 1 - 10