Try our new research platform with insights from 80,000+ expert users

Imperva Web Application Firewall vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
74
Ranking in other categories
CDN (1st), Distributed Denial-of-Service (DDoS) Protection (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
Imperva Web Application Fir...
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
Web Application Firewall (WAF) (4th)
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
108
Ranking in other categories
Web Application Firewall (WAF) (6th), Container Security (1st), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Abdullah Jin - PeerSpot reviewer
Offers bot protection and DDoS Protection and protects public-facing portals
Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product. My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story. Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The UI is good."
"The solution automatically detects and responds to certain types of traffic based on geolocation."
"Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications."
"The technical support is good."
"The features of Cloudflare were found to be more beneficial and led to the decision to utilize it over other options."
"It is a fast and secure DNS."
"The most valuable features of the solution are performance and security."
"The solution offers the flexibility to control configuration rules."
"The solution is scalable."
"The solution is stable."
"The solution is very scalable. It is one of the most important features. You can also expand resources and features as well."
"Imperva WAF's strongest features are the detection of web application threats and vulnerabilities in the source code."
"The solution is cloud-based and offers us good uptime. It has combined web and API security. Therefore, with one license, you access both application security and also API security."
"The solution can be configured in just a couple of minutes."
"Learning mode and custom policies are helpful features."
"It works right out of the box once you integrate the application."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"The most valuable feature of Prisma Cloud by Palo Alto Networks is the CSPM, which we use the most. Additionally, the investigation and alerts are useful, and the creation of queries."
"One feature we like is the amount of data Prisma gives us. Some infrastructure and platform vulnerabilities that in the cloud are hard to detect, and we were unaware of some of these. It's critical to shed light on these. For example, you create virtual machines and forget about them, but when you revisit them, some vulnerabilities may be detected."
"The most valuable feature is that the rule set is managed and that it can be run on a regularly scheduled basis."
"The CVEs are valuable because we used to have a tool to scan CVEs, at the language level, for the dependencies that our developers had. What is good about Prisma Cloud is that the CVEs are not only from the software layer, but from all layers: the language, the base image, and you also have CVEs from the host. It covers the full base of security."
"My favorite feature is the CWPP module. We can define various kinds of rules for vulnerabilities, incidents, or suspicious activities."
"The UI is very good. We get all the things within a single UI."
"The most valuable features are vulnerability monitoring, serverless access, container runtime features, and Defender."
 

Cons

"I would like Cloudflare to offer a dedicated account manager for large enterprise clients like us."
"Cloudflare's free plan is limited to 5,000 records for their free plan. They should increase that. For example, if I create a domain called abc.com and a subdomain called a.abc.com, my record count will be two. I can make a maximum of 5,000 subdomains. However, if we use our own DNS hosted on another provider, there is no limit. Their free plan also lacks name server customization."
"Cloudflare's console should be made more user-friendly."
"There could be more courses with engineers. I like e-learning, however, having a specialist in a classroom is more comfortable for me."
"If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag."
"Cloudflare could be improved by introducing a mid-tier pricing option."
"DNS Management."
"The analytics, basically the dashboard, doesn't have much to it."
"Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved."
"The tool needs to improve CPU and storage memory."
"There is nothing specific where the application firewall is falling short."
"The product's customization capabilities are a bit problematic, requiring support cases for backend modifications."
"Imperva Web Application Firewall is very expensive."
"An improvement for Imperva WAF would be to reduce the number of false positives and create more strong use cases based on AI/ML or behavioral analytics."
"Imperva Web Application Firewall can improve by adding more features to the dashboard. increasing the visibility of the real-time events, besides configuring the administration itself."
"Support is one thing I wish Imperva could improve."
"When it comes to compliance, the issue is that when we are exporting the reports, there is only a single compliance option. If I need to report on multiple compliance requirements, that feature isn't available. For example, I made a single report for ISO 27000 but I can't correlate it with GDPR."
"Some module customization might be needed and certain features like adding custom labels are currently unavailable unless we have administrator access."
"Support is an area that needs improvement."
"Areas like the deployment of their defenders and their central control need manual intervention. They should focus more on automation. They have a very generic case for small companies. However, for bigger companies to work, we have to do a lot of changes to our system to accommodate it. Therefore, they should change their system or deployment models so it can be easy to integrate into existing architectures."
"The access controls for our bank roles were not granular enough. We needed specific people to do particular actions, and we often had to give some people way too much access for them to be able to do what they needed in Prisma. They couldn't do their jobs if they didn't have that level of access, so other people had to do that part for them. It would help to have more granular role-based access controls."
"When it comes to protecting the full cloud-native stack, it has the right breadth. They're covering all the topics I would care about, like container, cloud configuration, and serverless. There's one gap. There could be a better set of features around identity management—native AWS—IAM roles, and service account management. The depth in each of those areas varies a little bit. While they may have the breadth, I think there's still work to do in flushing out each of those feature sets."
"They could improve more features for the enterprise version of the solution."
"We had some teething issues with Prisma Cloud by Palo Alto Networks, but overall, it did what we expected."
 

Pricing and Cost Advice

"We are using the free version."
"A free version of the solution is available."
"There are no additional costs beyond the standard licensing fees."
"We are using the free tier of the solution."
"That is one of the great features. I was able to access the majority of the features and services for free."
"The product's pricing is cheap."
"The solution has many features but there are ones that you need to pay for. Sometimes you have to find out which is available for free and which you have to pay for."
"I think the pricing is competitive. I think as far as licensing is concerned it's pretty straightforward because it's based on domain. It's just that sometimes domains could be tricky with some customers."
"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."
"The cost of this solution depends on the platform."
"Imperva Web Application Firewall is expensive."
"The tool is expensive."
"There are some licenses that you have to buy to use some features. Its price could be better. Price is always important because, at the end of the day, customers have a budget. If you can meet the budget, you can sell, and if you don't, you cannot sell."
"Imperva’s pricing is a bit higher in the market since it offers a full-blown WAF."
"There is a license for this solution and we purchase the license annually with no additional fees."
"It is a very affordable solution."
"You can expect a premium price because it is a premium quality product by a leading supplier."
"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."
"The licensing cost is a bit high on the compute side."
"If you pay for three years of Palo Alto, it's better. If you're planning on doing this, it's obviously not going to be for one year, so it's better if you go with a three-year license... The only challenge we have is with the public cloud vendor pricing. The biggest lesson I have learned is around the issues related to pricing for public cloud. So when you are doing your segmentation and design, it is extremely important that you work with someone who knows and understands what kinds of needs you will have in the future and how what you are doing will affect you in terms of costs."
"The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different."
"The cost was not on the higher side. Overall, the cost gets recovered with its implementation."
"Prisma Cloud is affordable."
"This solution is good for a company with at least 400 people that must be connected remotely. For smaller companies, it can be too expensive."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
13%
Comms Service Provider
9%
Financial Services Firm
8%
Financial Services Firm
17%
Computer Software Company
13%
Insurance Company
7%
Manufacturing Company
6%
Educational Organization
17%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you hav...
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot ...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Cloudflare DNS
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Imperva Web Application Firewall vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: January 2025.
844,944 professionals have used our research since 2012.