Try our new research platform with insights from 80,000+ expert users

AWS Shield vs Imperva DDoS comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Ranking in Distributed Denial-of-Service (DDoS) Protection
1st
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
74
Ranking in other categories
CDN (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
AWS Shield
Ranking in Distributed Denial-of-Service (DDoS) Protection
6th
Average Rating
8.4
Reviews Sentiment
7.5
Number of Reviews
7
Ranking in other categories
No ranking in other categories
Imperva DDoS
Ranking in Distributed Denial-of-Service (DDoS) Protection
9th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
77
Ranking in other categories
CDN (7th), Web Application Firewall (WAF) (23rd)
 

Mindshare comparison

As of April 2025, in the Distributed Denial-of-Service (DDoS) Protection category, the mindshare of Cloudflare is 19.4%, up from 19.2% compared to the previous year. The mindshare of AWS Shield is 7.0%, down from 7.6% compared to the previous year. The mindshare of Imperva DDoS is 6.7%, down from 8.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Distributed Denial-of-Service (DDoS) Protection
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Manikandan-R - PeerSpot reviewer
Solution provides essential protection with good support and a simple setup
I have noticed a pattern developing in approximately five minutes. If it were possible to provide these patterns with historical data spanning six months, three months, or two months directly from the console, it would be extremely beneficial. It would allow for easy inquiries and facilitate the retrieval of relevant parts without having to manually check logs or examine movements. Instead, if all historical data were available, I could consult six months' worth of identified patterns efficiently through AWS without relying on external sources. This solution is particularly suitable for startups or medium-sized startups. I would rate the overall solution eight out of ten.
Syed Ubaid Ali Jafri - PeerSpot reviewer
I like the content monitoring feature which I haven't seen in other WAF solutions.
They could improve by minimizing false positive results. Although this occurs less with Imperva, we would like to see some further improvements. We have been using this product for last 1 years, it's result is very impressive. But due to the excessive load on the Web site where thousands of requests‎ are generated from legitimate users, however the request in which any sequential or specialised characters are requested would be directly blocked by impreva . Currently imperva blocks the special character request generated from the user, as I conduct a test where I am parsing the encoded html values of the same special characters to the input field, imperva bypasses these encoded values for example : ' i.e. %27 or / i.e %2F, the WAF bypasses these encoded characters. I hope that this device should have a capability to detect the pattern which is associated with Xss or Xsrf, rather then by not blocking the request which contains any special characters.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"DDoS attacks target unprotected machines. Cloudflare detects and stops these attacks using internal systems. It identifies incoming DDoS attacks, issuing challenges or blocking them immediately."
"Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications."
"The features of Cloudflare were found to be more beneficial and led to the decision to utilize it over other options."
"Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations."
"The simplicity of the overall dashboard makes it a great product for a user like me who has less understanding of the internet than a developer or other more technical people. It gives me peace of mind. I also love the easy customization of the Page Rules."
"Smaller businesses have seen great ROI due to the low investment and strong performance."
"From what I've seen so far, there are no negatives to report as of yet"
"Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. You don't necessarily need a certificate if you have a connection between your website and your host, the server, Cloudflare, and the host."
"It is integrated with AWS. So, it gives you a good first step."
"The product is easy to use."
"I am impressed with the product's multiple features like security."
"We have integrated the tool with Active Directory. The most important feature is that it's transparent and doesn't degrade the performance of our solution. Additionally, it's easy to configure, which is crucial for us. It's easy to use and set up and stops attacks on our servers. We haven't encountered any attack problems because the solution stops them in real-time. AWS Shield specifically focuses on defending against denial-of-service attacks, making it a great solution for that type of threat."
"The solution's ease of use is the most valuable feature."
"The product has a good mechanism to analyze trends and trigger events."
"It is quite scalable, and we have not faced any issues with its scalability."
"The solution operates smoothly at its baseline level, and we do not encounter any issues at that level."
"The solution's most valuable aspect is that it is easy to configure."
"On the activity log, I can see the exact details, the visit, and the threat."
"Gives us the ability to trace each connection, and to have logs to be able to differentiate between a positive and a false-positive intruder action."
"The solution is very good at intercepting traffic before it gets to our data centers."
"They're quite easy to install and quite easy to set up. Clients really like that. Especially when you're dealing with the cloud, it's really easy."
"Incapsula takes care of the CDN infrastructure and bandwidth volume, providing several enterprise "load balancing" features."
"It is an effective threat mitigation tool."
"Imperva Incapsula has many valuable features. One, it protects the top 10 OWAS vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."
 

Cons

"Cloudflare's console should be made more user-friendly."
"An integrated SSO feature would be useful for Cloudflare DNS."
"We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor."
"The pricing could be improved."
"It should confirm audit findings of the assigned area with auditees to ensure that the audit conclusions are based on an accurate understanding of the issues."
"Technical support is lacking."
"Latencies are always a problem."
"The documentation could improve for Cloudflare DNS."
"The management of it is a bit hard. If you don't engineer it on the front side, it is hard to go back in and change it. It could be improved in terms of architecture requirements and then ongoing support requirements as a secondary component to it. People tend to set up things like this, and they just expect it to work without the care and feeding that needs to go back into it either from an application team or a network environment team."
"Perhaps the time required to detect anomalies can be reduced."
"The product needs to improve its logs and reports to make it read better."
"The product is expensive."
"The product should give users more flexibility to customize their security policies according to their requirements."
"Perhaps the time required to detect anomalies can be reduced. Presently, it takes some time to determine whether a situation is normal or abnormal."
"We end up having to pay extra for features that AWS adds that we don't need."
"The time taken to detect anomalies must be reduced."
"The cost could be lower; our end clients need to have a high budget to purchase this solution."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
"Imperva now offers add-ons to add functionality, but I would like to see these included in the product, even if it would cost more."
"I would like to have support for SSL management and secure DNS."
"The rules surrounding the making of web applications could be improved."
"There’s nothing that’s missing in terms of features."
"Certificate management could be improved."
"The weakest point of Imperva is their first level of support, which should be improved. They should also improve the access and security logs viewing directly on the portal. I would like to see better access and security logs through the portal and not only through a SIM solution. Currently, if you want to explore your access and security logs from Imperva, you need a SIM tool or a SIM infrastructure on your side to do it. You can't do it manually or directly through the portal, which is a big problem for us. I had a call yesterday with Imperva for the roadmap, and I just told them this. They agreed that this is an improvement point from their side."
 

Pricing and Cost Advice

"The product's pricing is minimal compared to other products."
"The pricing depends on the usage, but the cheapest would be around 5,000 USD a month."
"There are no additional costs beyond the standard licensing fees."
"A free version of the solution is available."
"The price is reasonable."
"Cloudflare's pricing is not much higher and is good for middle-level organizations."
"I believe their performance has improved, but I'd like to refrain from discussing the pricing aspect related to the cloud. The pricing, in my opinion, could be simplified, and I think they should consider reevaluating the pricing for support, as it can be quite high. At times, this cost can make it challenging to choose CARFAGuard or opt for the support."
"That is one of the great features. I was able to access the majority of the features and services for free."
"We pay $3000 per month for the solution."
"It depends on your subscription level and the volume that you're spending with AWS. So, it is very relative to the consumption alignment in your subscription level. It is a well-constructed, scalable pricing option, but it is relative to how much you're spending on AWS. Because the more you spend, typically, the more you get off on services like this. I find it to be comparable to other solutions."
"The cost depends on traffic each month, so on average, it costs us between US$200 and US$300 per month."
"The tool is cheap."
"The tool's pricing is good."
"Pricing could be more competitive."
"The cost is somewhere around $10,000 a site. For every site, you pay individually. For every DNS entry, you have you pay."
"We have an issue with Imperva Incapsula in the Iraqi market because of the high price."
"The cost is on par with other solutions such as Cloudflare and Akamai."
"It is a very expensive solution. The price is very high. A lot of customers tell us that they would love to use Imperva more. I have some customers who have 50 websites, but they have only 10 websites on Imperva because of the price. They would love to have all their websites running through Imperva, but they can't. They have to choose the more critical websites to protect because the price is very high. It is a very good product, but it is too expensive. If you buy a plan for 20 megabytes and you don't consume all of your 20 megabytes, it is okay, but if you consume more, you are charged for the superior traffic."
"Varies depending on the needs of the customer."
"​Although the pricing can be a little high, it is worth the protection and security that it offers.​"
"The license is on a yearly basis."
report
Use our free recommendation engine to learn which Distributed Denial-of-Service (DDoS) Protection solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Comparison Review

it_user68487 - PeerSpot reviewer
Nov 6, 2013
CloudFlare vs Incapsula: Web Application Firewall
CloudFlare vs Incapsula: Round 2 Web Application Firewall Comparative Penetration Testing Analysis Report v1.0 Summary This document contains the results of a second comparative penetration test conducted by a team of security specialists at Zero Science Lab against two cloud-based Web…
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
13%
Comms Service Provider
9%
Financial Services Firm
8%
Financial Services Firm
15%
Computer Software Company
15%
Comms Service Provider
9%
Insurance Company
7%
Financial Services Firm
17%
Computer Software Company
14%
Manufacturing Company
8%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
What do you like most about AWS Shield?
We have integrated the tool with Active Directory. The most important feature is that it's transparent and doesn't de...
What needs improvement with AWS Shield?
Perhaps the time required to detect anomalies can be reduced. Presently, it takes some time to determine whether a si...
What do you like most about Imperva Incapsula?
We use Imperva DDoS to stop DDoS attacks and reduce the amount of unwanted queries against web services or web scraping.
What is your experience regarding pricing and costs for Imperva DDoS?
The pricing is rated a ten on a scale where ten is very expensive. The solution is only cloud-based and does not prov...
What needs improvement with Imperva DDoS?
Pricing can be improved, as it is quite expensive. Additionally, support response times for emails can sometimes be d...
 

Also Known As

Cloudflare DNS
No data available
Imperva Incapsula
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
netflix, dow jones, mapbox, pearson, rovio, youview, moviestar planet, asurion, payplug, hour of code
Hitachi, BNZ, Bitstamp, Moz, InnoGames, BTCChina, Wix, LivePerson, Zillow and more.
Find out what your peers are saying about AWS Shield vs. Imperva DDoS and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.