Try our new research platform with insights from 80,000+ expert users

Imperva Web Application Firewall vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Average Rating
8.4
Reviews Sentiment
7.2
Number of Reviews
74
Ranking in other categories
CDN (1st), Distributed Denial-of-Service (DDoS) Protection (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
Imperva Web Application Fir...
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
Web Application Firewall (WAF) (4th)
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
108
Ranking in other categories
Web Application Firewall (WAF) (6th), Container Security (1st), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Abdullah Jin - PeerSpot reviewer
Offers bot protection and DDoS Protection and protects public-facing portals
Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product. My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story. Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Cloudflare is the GUI. You are able to control the solution very well through the interface. There is a lot of functionality that is embedded in the service."
"The solution provides good load balancing and protection against DDoS attacks."
"The overall experience with Cloudflare is positive, with a rating of eight out of ten."
"The web application firewall brought us good security and a view of the accesses/blocks of the entire domain and subdomain that were accessed both by region (country) and IPs."
"The most valuable feature is the web application firewall."
"I get a lot of value from Cloudflare's API because it enables you to build a separate environment inside the solution. You can create a domain for performing test requests before you move to the production environment and connect various domains."
"The solution automatically detects and responds to certain types of traffic based on geolocation."
"The most valuable feature of the solution is external DNS. It is also very secure. They have their own main server and once you configure it, the product takes care of everything. There are no issues in resolving IPs and low latency is also present."
"The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications."
"The valuable features of Imperva WAF include its effective security breach prevention through automatically updating rules."
"One good thing about Imperva Web Application Firewall is it can be on the cloud and also it can be on-premise."
"We can prevent attacks or issues even before they happen."
"It is easy to use and has good security."
"Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product."
"Configuration for different application sources is most valuable. We can segregate the traffic that an application is carrying and identify the sizing in Imperva."
"Learning mode and custom policies are helpful features."
"It scans our containers in real time. Also, as they're built, it's looking into the container repository where the images are built, telling us ahead of time, "You have vulnerabilities here, and you should update this code before you deploy." And once it's deployed, it's scanning for vulnerabilities that are in production as the container is running."
"I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions."
"Configuration monitoring and alerting is the most valuable feature; it happens at the cloud's speed, allowing our development team to respond quickly. If a configuration goes against our security best practices, we're alerted promptly and can act to resolve the issue. As cloud security staff, we're not staring at the cloud all the time, and we want to let the developers do their jobs so that our company is protected and work is proceeding within our security controls."
"This positively affected our confidence in your security and compliance. No matter how complex the environment is, the the seamless integration from the top layer itself give us the immediate visibility on the number of services."
"The solution's dashboard looks very user-friendly."
"The dynamic workload identity creation, attestation, and assignment is the best feature. In addition, the application dependency map across heterogeneous environments for compliance is a striking feature."
"The solution gives us a lot of visibility across all of our cloud solutions."
"The most valuable feature is its cloud security posture management."
 

Cons

"An integrated SSO feature would be useful for Cloudflare DNS."
"Although I think it's quite good, it doesn't provide me with all the features I would expect to have if I were using Imperva."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"The tool needs to improve caching of servers. The product needs to include PFX certificate as well."
"It should be easier to collect the logs with companies like Sumo. However, based on my discussions with the salespeople, I understand that's how they make their money. With the enterprise product, they want people doing those kinds of enterprise features to do the logging. They want them to pay a lot of money, and that's where I have an issue with them. That should be a default. You should be able to get the log no matter what. The logging should be universal."
"Technical support is lacking."
"The pricing could be improved."
"Latencies are always a problem."
"One potential improvement for Imperva is enhancing its alert system."
"It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that."
"It is complicated to integrate the solution's on-cloud version with other platforms."
"The product's customization capabilities are a bit problematic, requiring support cases for backend modifications."
"The signature updates could be faster. Sometimes we have to upload signatures to the Imperva portal for checking and analysis before we can use them."
"Imperva Web Application Firewall could improve the console by making it easier to use."
"I think that better bot protection is needed in this solution."
"The tool needs to improve CPU and storage memory."
"Prisma Cloud is very comprehensive, but there should be better support for the customization of the reports. If Palo Alto can have more customized reports available or give an option to the users to customize the reports, that would be great."
"The integration of the Compute function into the cloud monitoring function—because those are two different tools that are being combined together—could use some more work. It still feels a little bit disjointed."
"One of the main backlogs in their development is in the area of integration. For example, we have ServiceNow in place for ticket management and Prisma Cloud is supposed to send closure emails for incidents. But from time to time, it fails to do so. We have several other mismatches between Prisma Cloud and ServiceNow."
"The dashboard can be created at the user level instead of the cloud account level, which will help save time."
"The regional cost of Prisma Cloud in South Africa is high and could be improved."
"The innovation side of the solution could be more efficient and more detailed."
"Prisma Cloud's dashboards should be customizable. That's very important. Other similar solutions are more elastic so you have the power to create customized dashboards. In Prisma Cloud, you cannot do that."
"Currently, custom reports are available, but I feel that those reports are targeting just the L1 or L2 engineers because they are very verbose. So, for every alert, there is a proper description, but as a security posture management portal, Prisma Cloud should give me a dashboard that I can present to my stakeholders, such as CSO, CRO, or CTO. It should be at a little bit higher level. They should definitely put effort into reporting because the reporting does not reflect the requirements of a dashboard for your stakeholders. There are a couple of things that are present on the portal, but we don't have the option to customize dashboards or widgets. There are a limited set of widgets, and those widgets don't add value from the perspective of a security team or any professional who is above L1 or L2 level. Because of this, the reach of Prisma Cloud in an organization or the access to Prisma Cloud will be limited only to L1 and L2 engineers. This is something that their development team should look into."
 

Pricing and Cost Advice

"The pricing depends on the usage, but the cheapest would be around 5,000 USD a month."
"The price of the solution is expensive."
"The price is reasonable."
"That is one of the great features. I was able to access the majority of the features and services for free."
"The product's pricing is cheap."
"I think the pricing is competitive. I think as far as licensing is concerned it's pretty straightforward because it's based on domain. It's just that sometimes domains could be tricky with some customers."
"The product's pricing is minimal compared to other products."
"So far I use free tier and happy with it. You can subscribe to business package if needed."
"The cost of this solution depends on the platform."
"Everybody complains about the price of this solution."
"It is very costly, but the return on investment is very high. Its cost was around $70,000, and we got it back in just six months."
"It is a very affordable solution."
"The tool is expensive."
"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
"The price of Imperva Web Application Firewalls is expensive compared to others."
"We sell three-year licenses for Imperva Web Application Firewall to our customers. The price is a little expensive."
"The pricing and licensing are expensive compared to the other offerings that we considered."
"In general, Prisma Cloud is much cheaper than cloud-native services."
"The price for Prisma Cloud is reasonable."
"The pricing for Prisma Cloud is high. Providing a pay-as-you-go model or pricing options tailored for medium and small enterprises could help attract more clients."
"Prisma Cloud is quite scalable. In our current licensing model, we're able to heavily extend our cloud workload and onboard a lot of customers. It really helps, and it is on par with other solutions."
"The price is high. In the future, when there are more competitors at the same level with different clouds, maybe the position will be different."
"Its price is reasonable as compared to other products. The main challenge is explaining the licensing model to customers. It isn't a problem related to Palo Alto. Commonly, people don't understand cloud licensing or security licensing. When they have fixed virtual machines, they know what they are going to be charged, but when it comes to cloud automation, it is hard for them to get clarity in case of high workloads or when they have enabled auto-scaling, etc. It would be helpful if Palo Alto can educate people on their licensing programs."
"The pricing of the solution is fair."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
13%
Comms Service Provider
9%
Financial Services Firm
8%
Financial Services Firm
17%
Computer Software Company
13%
Insurance Company
7%
Manufacturing Company
6%
Educational Organization
17%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you hav...
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot ...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Cloudflare DNS
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Imperva Web Application Firewall vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: January 2025.
844,944 professionals have used our research since 2012.