Cyber Tool Stack
All tools

Imperva Web Application Firewall

By Imperva

A long-established WAF with particularly deep bot management and DDoS mitigation built in, sold standalone or as part of Imperva's broader application and data security portfolio. Part of the French Thales Group since Thales completed its ~$3.6B acquisition from Thoma Bravo in December 2023.

Verified Source: 1

Product type
Software
Deployment
SaaSOn-prem
Organization size
Mid-marketEnterprise
Pricing tier
$$$

Capability checklist

WAF

How Imperva Web Application Firewall measures up against the full WAF & API Security taxonomy.

Attack signature blocking — supported
Blocks OWASP Top 10 style attacks like SQL injection and XSS at the edge.
API discovery — supported
Automatically inventories known and shadow API endpoints from observed traffic.
Schema validation — not supported
Enforces that requests match the declared API schema, blocking anything that doesn't.
Bot management — supported
Distinguishes automated and malicious bot traffic from legitimate users.
Rate limiting — supported
Throttles abusive request volumes per client or endpoint.
Runtime API protection — not supported
Detects and blocks data leakage and abuse in live API traffic.

Alternatives

Other WAF & API Security tools with overlapping capabilities, sized for similar teams.

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.