Try our new research platform with insights from 80,000+ expert users

Imperva Web Application Firewall vs Prisma Cloud by Palo Alto Networks comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cloudflare
Sponsored
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
75
Ranking in other categories
CDN (1st), Distributed Denial-of-Service (DDoS) Protection (1st), Managed DNS (1st), Cloud Security Posture Management (CSPM) (14th)
Imperva Web Application Fir...
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
52
Ranking in other categories
Web Application Firewall (WAF) (4th)
Prisma Cloud by Palo Alto N...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
110
Ranking in other categories
Web Application Firewall (WAF) (6th), Container Security (1st), Cloud Security Posture Management (CSPM) (2nd), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st)
 

Featured Reviews

Spencer Malmad - PeerSpot reviewer
It's easy to set up because you point the DNS to it, and it's working in under 15 minutes
Cloudflare is highly scalable. Cloudflare is a system with a web portal that the end users like me see. It's a console where we can adjust the DNS, caching, and security features all in that console. Cloudflare owns thousands of servers across the world that cache the data. It's a powerful solution. When clients sign up for Cloudflare, they're getting this monster content delivery network, security, and a web application firewall in one. It's all rolled into one, and it's massive. Unless you have your website hosted on a massive hosting provider, there's no way that you can deliver the amount of data that Cloudflare can provide to the end users. If you have static content, there's no way that you can ever match what Cloudflare can do. Obviously, there are competitors to Cloudflare that do the same, but I'm saying other types of solutions. Let's say you go with F5. Great, that's on-prem. That's in your colo. You can't deliver as much data to the internet as you can with a CDN. You don't have to spend $20,000 on a net scaler, F5, or whatever Cisco's selling now. You don't have to buy that. You pay them $50 a month or $150 a month. It's totally worth it because even in five years, you'll never get the performance value, not just the actual ROI. You have to consider how much throughput you can get with Cloudflare.
Abdullah Jin - PeerSpot reviewer
Offers bot protection and DDoS Protection and protects public-facing portals
Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product. My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story. Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.
Mohammad Qaw - PeerSpot reviewer
It gives you one console to see all of your assets, review their configurations, and build your processes
Most customers use Prisma Cloud for visibility and compliance. Prisma has so many features, but many organizations do not use them. They primarily use the visibility part to connect all their cloud accounts and hosts for visibility to see if they are missing any security controls or if they have any misconfigurations. You can connect it to cloud environments such as Azure, AWS, Oracle Cloud, Alibaba, etc., or to an on-prem data center. Prisma Cloud gives you so many options to automate processes related to your daily operations. When it comes to cybersecurity, you can automate things with their existing APIs. They also have out-of-the-box integrations with many solutions. I have not seen any limitations. Everything is customizable. You can do whatever you want, defining the reporting and custom use cases. They recently updated the UI, so it's much better than before.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cloudflare consolidates various capabilities into one product, streamlining processes."
"I rate its stability a ten out of ten."
"The solution offers the flexibility to control configuration rules."
"The features of Cloudflare were found to be more beneficial and led to the decision to utilize it over other options."
"The solution provides good load balancing and protection against DDoS attacks."
"The most valuable feature of the solution is external DNS. It is also very secure. They have their own main server and once you configure it, the product takes care of everything. There are no issues in resolving IPs and low latency is also present."
"It is a fast and secure DNS."
"The UI is good."
"The valuable features of Imperva WAF include its effective security breach prevention through automatically updating rules."
"The solution is stable."
"The solution is very scalable. It is one of the most important features. You can also expand resources and features as well."
"The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand."
"Imperva has a complete picture of how the applications are utilizing it. It is handy. DDoS is good. It has an internally managed database. It is very easy to integrate. We have integrated it with SIEM services."
"The most valuable feature of Imperva, in addition to its strong knowledge base, is its effective protection for web applications."
"Very scalable and very stable firewall for web applications, with a good interface in its cloud version. Mitigation is its most valuable feature. The technical support for this product is also good."
"The most valuable features of the Imperva Web Application Firewall are performance and flexibility. We can extend or customize the box itself."
"The most valuable feature of Prisma Cloud by Palo Alto Networks is the CSPM, which we use the most. Additionally, the investigation and alerts are useful, and the creation of queries."
"I've been really pleasantly surprised with how Prisma Cloud is, over time, covering more and more of the topics I care about, and listening to customer feedback and growing the product in the right directions."
"One feature we like is the amount of data Prisma gives us. Some infrastructure and platform vulnerabilities that in the cloud are hard to detect, and we were unaware of some of these. It's critical to shed light on these. For example, you create virtual machines and forget about them, but when you revisit them, some vulnerabilities may be detected."
"Prisma Cloud's real-time detection and monitoring of our entire system is the most useful."
"Prisma Cloud's most valuable asset is its ability to provide detailed visibility into container activity."
"The visibility on alerts helps you investigate more easily and see details faster."
"The container and serverless security is most valuable. It is quite a new technology for this region. Even though containers have been there for a long time, the adoption of containers is very minimal in this region. When it comes to using Kubernetes containers in a complex architecture, there is a lack of security in the market. People aren't aware of the security controls or the process for governance. Container security provided by Prisma Cloud is quite good at filling that gap."
"I like Prisma's ability to integrate with other tools. We can integrate it with Jira so that when Prisma triggers an alert, it opens a ticket in Jira. That was a big selling point for the product. There's a feature called the guest custom template that allows you to trigger alerts in Jira based on the template. That can also be added as a feature on Jira."
 

Cons

"The analytics, basically the dashboard, doesn't have much to it."
"There could be more courses with engineers. I like e-learning, however, having a specialist in a classroom is more comfortable for me."
"Cloudflare could be improved by introducing a mid-tier pricing option."
"There are some issues with the CDN services."
"The product support needs to be accessible from more places, a wider area of coverage."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"The tool needs to improve caching of servers. The product needs to include PFX certificate as well."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"I'd like the option to pick your bot protection."
"The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you."
"Imperva Web Application Firewall can improve by providing better features, such as improved prevention of zero-day attacks. Additionally, it should include a VR meta-analysis."
"Support is one thing I wish Imperva could improve."
"It would be helpful to have a "recommended deployment", or even a list of basic features that should either be used or turned on by default."
"Some of the features should be included in the next release is a file integrating monitoring tool. This feature should be improved."
"It should be more user-friendly. Like other web solutions, it would be helpful to be able to easily do policy configuration and identification inside the application. Understanding the in-depth configuration of a policy is somewhat difficult for an engineer, and they can improve that."
"It would be nice to have more security control over mobile applications so I would suggest adding more mobile security features. It would also be beneficial to see improvements in regards to interface bandwidth performance, CPU time, and RAM size. Learning capability of the device is quite weak."
"The deployment and onboarding are plug-and-play, but somewhat hard to handle in terms of integration with external operations tools. The product design isn't up to the current standard. I would recommend having higher standards in terms of integration with other tools, especially operationalized tools."
"Getting new guys trained on using the solution requires some thought. If someone is already trained on Palo Alto then he's able to adapt quickly. But, if someone is coming from another platform such as Fortinet, or maybe he's from the system side, that is where we need some help. We need to find out if there is an online track or training that they can go to."
"One of the requests is that Prisma Defender for the ECS solution is only supported for Linux. It does not support Windows."
"They could improve more features for the enterprise version of the solution."
"Support is an area that needs improvement."
"Palo Alto needs to add more support staff to improve their response time."
"We would like to have the detections be more contemporaneous. For example, we've seen detections of an overprivileged user or whatever it might be in any of the hundreds of Prisma policies, where there are 50 minutes of latency between the event and the alert."
"When there are updates, whether daily, weekly, or monthly, it needs configuration or permission adjustments. There is no automation for that, which is too bad."
 

Pricing and Cost Advice

"I think the pricing is competitive. I think as far as licensing is concerned it's pretty straightforward because it's based on domain. It's just that sometimes domains could be tricky with some customers."
"The product's pricing is minimal compared to other products."
"So far I use free tier and happy with it. You can subscribe to business package if needed."
"The tool is a premium product, so it is very expensive."
"The price is reasonable."
"We are using the free version."
"The pricing for the service is reasonable, neither excessively cheap nor prohibitively expensive. It aligns well with the value of their solution."
"I believe their performance has improved, but I'd like to refrain from discussing the pricing aspect related to the cloud. The pricing, in my opinion, could be simplified, and I think they should consider reevaluating the pricing for support, as it can be quite high. At times, this cost can make it challenging to choose CARFAGuard or opt for the support."
"It's an excellent product, but it can be very costly."
"The solution's pricing is an issue."
"Everybody complains about the price of this solution."
"It is very costly, but the return on investment is very high. Its cost was around $70,000, and we got it back in just six months."
"The price is high compared to other solutions like FortiWeb."
"The price of Imperva Web Application Firewalls is expensive compared to others."
"Make sure you understand the way that Imperva charges. It's very affordable. However, I would like to see a package with the Virtual Patching included. You get to do patching separately."
"Imperva Web Application Firewall price is higher compared to other solutions. However, everything is included in the price."
"In general, Prisma Cloud is much cheaper than cloud-native services."
"Our licensing fees are $18,000 USD per year."
"Although the cost can be high, the value is worth the price tag."
"You can expect a premium price because it is a premium quality product by a leading supplier."
"Prisma Cloud licensing works on credits."
"Prisma Cloud is more expensive than some other solutions, but when we consider all of its use cases, the cost averages out."
"Prisma Cloud by Palo Alto Networks has helped the company save some money. Cost-wise, it's okay."
"The pricing and the licensing are both very fair... The biggest advice I would give in terms of costs would be to try to understand what the growth is going to look like. That's really been our biggest struggle, that we don't have an idea of what our future growth is going to be on the platform. We go from X number of licenses to Y number of licenses without a plan on how we're going to get from A to B, and a lot of that comes as a bit of a surprise. It can make budgeting a real challenge for it."
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
18%
Computer Software Company
14%
Comms Service Provider
9%
Financial Services Firm
8%
Financial Services Firm
17%
Computer Software Company
13%
Insurance Company
8%
Manufacturing Company
6%
Educational Organization
16%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Cloudflare. We are moving from Akamai prolexic to Cloudflare. Cloudflare anycast network outperforms Akamai static GR...
Which would you choose - Cloudflare DNS or Quad9?
Cloudflare DNS is a very fast, very reliable public DNS resolver. It is an enterprise-grade authoritative DNS service...
What do you like most about Cloudflare?
Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications.
Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?
For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you hav...
DDoS solutions: Any other solutions to consider aside from Radware DDoS Protection Service and F5 Silverline DDoS Protection?
You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot ...
What is your primary use case for Prisma Cloud by Palo Alto Networks ?
Prisma Cloud helps support DevSecOps methodologies, making those responsibilities easier to manage.
What Cloud-Native Application Protection Platform do you recommend?
We like Prisma Cloud by Palo Alto Networks, since it offers us incredible visibility into our entire cloud system. We...
What do you think of Aqua Security vs Prisma Cloud?
Aqua Security is easy to use and very manageable. Its main focus is on Kubernetes and Docker. Security is a very valu...
 

Also Known As

Cloudflare DNS
No data available
Prisma Public Cloud, RedLock Cloud 360, RedLock, Twistlock, Aporeto
 

Overview

 

Sample Customers

Trusted by over 9,000,000 Internet Applications and APIs, including Nasdaq, Zendesk, Crunchbase, Steve Madden, OkCupid, Cisco, Quizlet, Discord and more.
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Amgen, Genpact, Western Asset, Zipongo, Proofpoint, NerdWallet, Axfood, 21st Century Fox, Veeva Systems, Reinsurance Group of America
Find out what your peers are saying about Imperva Web Application Firewall vs. Prisma Cloud by Palo Alto Networks and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.