We performed a comparison between AWS WAF and Sucuri based on real PeerSpot user reviews.
Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is that it is very easy to configure. It just takes a couple of minutes."
"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications."
"The most valuable feature is the way it blocks threats to external applications."
"The solution is stable."
"The tool’s stability is very good."
"AWS WAF helps mitigate different kinds of bot attacks and SQL injection that happen within the retail industry."
"As a basic WAF, it's better than nothing. So if you need something simple out of the box with default features, AWS WAF is good."
"The customizable features are good."
"Domain name scanning since it allows us to scan all our domain names and determine whether it has malware or if is reported as phishing."
"The initial setup was straightforward. Straight forward because the plugin can simply be installed and then it does its job. It's not complex, there is no learning curve. The online scan is simple, you put in the website address and the scan gives us a report on the browser itself. It's simple to use."
"The most valuable part is the analytics and visualization."
"I use it as a WAF, which is basically a web firewall to monitor and block traffic to our web server."
"It significantly eases the workload and streamlines the initial setup required to protect a website."
"The initial setup was very easy."
"I would like to see the addition of more advanced rate-limiting features in the next release. It would be beneficial to extend rate limiting beyond just web servers to the main node level."
"We should be able to do proper whitelisting."
"The solution's pricing could be improved."
"The solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively."
"It would be better if AWS WAF were more flexible. For example, if you take a third-party WAF like Imperva, they maintain the rule set, and these rule sets are constantly updated. They push security insights or new rules into the firewall. However, when it comes to AWS, it has a standard set of rules, and only those sets of rules in the application firewalls trigger alerts, block, and manage traffic. Alternative WAFs have something like bot mitigation or bot control within the WAF, but you don't have such things in AWS WAF. I will say there could have been better bot mitigation plans, there could have been better dealer mitigation plans, and there could be better-updated rule sets for every security issue which arises in web applications. In the next release, I would like to see if AWS WAF could take on DDoS protection within itself rather than being in a stand-alone solution like AWS Shield. I would also like a solution like a bot mitigation."
"On the UI side, I would like it if they could bring back the geolocation view on the corner."
"AWS WAF would be better if it uses AI or machine learning to detect a potential attack or a potential IP that creates an attack even before it happens. I want AWS WAF to capture the IP and automatically write the rule to automate the entire process."
"The solution could be more reliable."
"It would greatly benefit customers if they implemented an online chat or messaging system for quicker assistance."
"Confident score: Currently it does not have one and there are cases that most websites flagged are false-positives."
"In terms of improvement, the cost factor is always there."
"The main improvement I would like to see is support for .NET applications. If they could include this feature, I would include more sites in the protection."
"Sucuri could provide help for specific security alerts in-line instead of requiring users to search for it in the help section."
"I would rate this solution an eight out of ten. The reason is that we have found sometimes customers or Google saying that there is something wrong with the website but Sucuri says that the site is clean so we do have to look at the site manually which means that the Sucuri scan does not pick up anything and everything."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Sucuri is ranked 21st in Web Application Firewall (WAF) with 6 reviews. AWS WAF is rated 8.0, while Sucuri is rated 8.4. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Sucuri writes "Simple solution and good WAF". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, F5 Advanced WAF, Imperva Web Application Firewall and F5 Silverline Managed Services, whereas Sucuri is most compared with Cloudflare, SiteLock, Comodo cWatch, StackPath WAF and Prisma Cloud by Palo Alto Networks. See our AWS WAF vs. Sucuri report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.