Imperva

DDoS Protection

Trial Period

30 days

Pricing

Starting from $59

Referral Program

Visit Imperva

Go to site →

Ratings

Support

ℹ️

4.0

Technology

ℹ️

5.0

Security

ℹ️

5.0

Effectiveness

ℹ️

5.0

Pros

✓94%+ customers deploy in blocking mode — near-zero false positives via manual rule testing by Imperva Threat Research
✓9-time Gartner Magic Quadrant Leader for WAF & API Protection — one of two market leaders
✓Full stack: WAF + DDoS + Bot + API + RASP + Data Security in one platform; 35% of Fortune 100 as client

Cons

✗Pricing from $1,000/mo puts it out of reach for SMBs
✗Two separate WAF products (cloud + on-prem) not yet fully unified after years of acquisitions
✗Thales integration still in progress — transition period creates uncertainty for existing customers and channel partners

Review

Imperva, founded in 2002 and acquired by Thales in December 2023 for $3.6 billion, is one of two globally recognized leaders in enterprise application security — the other being Cloudflare at the opposite end of the price spectrum. Nine consecutive Gartner Magic Quadrant Leader designations for WAF and API Protection and 35% of Fortune 100 companies as clients reflect a product that has earned its position among the most demanding security buyers in the world. The platform's technical credibility is genuine: the global SOC writes, tests, and deploys WAF rules in production environments before customers see them, which is why over 94% of Imperva customers deploy in blocking mode — a figure unmatched by competitors.

The product suite now spans Cloud WAF, unmetered DDoS mitigation, Advanced Bot Protection, API Security, Client-Side Protection, RASP, Database Activity Monitoring, and Attack Analytics powered by machine learning. For large enterprises in financial services, healthcare, retail, and technology — sectors where application downtime or data breach consequences are measured in millions — Imperva's combination of proven efficacy, compliance coverage (SOC 2, PCI DSS, HIPAA, GDPR, ISO 27001), and enterprise SLAs justifies the price point.

The limitations are structural rather than technical. The integration of two separate WAF products — cloud and on-premises — remains incomplete, a legacy of Imperva's own aggressive acquisition history. The Thales acquisition adds further transition complexity: product roadmaps, partner programs, and pricing structures are in active evolution, creating uncertainty for buyers evaluating multi-year commitments. And the pricing model simply excludes the SMB market entirely — at $1,000+/month as a starting point for the full platform, Imperva is a deliberate enterprise-only play.

Best for: large enterprises, financial institutions, healthcare organizations, and Fortune 500 security teams needing enterprise-grade WAF, DDoS, bot, and API protection with full compliance coverage.

Not ideal for: SMBs, startups, budget-conscious teams, or anyone not operating at enterprise scale.