Sold by: Imperva
Deployed on AWS
Free Trial
Imperva SecureSphere Web Application Firewall (WAF) for AWS is the world's leading WAF, and is the first enterprise-class WAF tailored specifically for AWS. Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications.
4.5
Overview
Imperva SecureSphere WAF for AWS extends all of the security and management capabilities of the world's most-trusted web application firewall to Amazon Web Services environments. SecureSphere for AWS is the first enterprise-class Web Application Firewall tailored specifically for Amazon Web Services. Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications. SecureSphere applies multiple defenses and correlates results to offer laser-accurate attack detection. Certified by ICSA Labs, SecureSphere addresses PCI 6.6 and provides ironclad protection against the OWASP Top Ten, including SQL Injection, XSS and CSRF.
Highlights
- Automated Protection - Patented Dynamic Profiling technology streamlines management and lowers operations costs by learning application changes over time. Security updates from the Imperva ADC protect applications against the latest threats.
- Flexible Deployment Options - The SecureSphere WAF offers organizations automated, adaptable security and easy deployment into Amazon environments with full support for elastic load balancing and CloudFormation.
- Fraud and Automated Attack Protection - With advanced bot detection capabilities, IP Reputation, granular custom rules, and fraud integration, SecureSphere stops dangerous threats like site scraping, application DDoS, comment spam, and web fraud.
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5a.2xlarge Recommended | $1.16 |
m4.4xlarge | $1.16 |
m5.4xlarge | $1.16 |
m6i.xlarge | $1.16 |
m7i.xlarge | $1.16 |
c7i.xlarge | $1.16 |
c7i.2xlarge | $1.16 |
c6i.2xlarge | $1.16 |
c4.large | $1.16 |
c5.xlarge | $1.16 |
Vendor refund policy
We do not support refunds, but customers can cancel at any time. Contact Imperva for more information.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
AUTOMATIC DEPLOYMENT (RECOMMENDED)
Imperva simplifies the deployment of your WAF Gateway infrastructure on AWS by providing dynamically generated CloudFormation and Terraform templates tailored to your specific requirements via the Imperva Cloud Template Tool.
For detailed instructions and additional information: https://docs.imperva.com/bundle/v15.4-waf-on-amazon-aws-byol-installation-guide/page/10450.htm
MANUAL DEPLOYMENT
DISCLAIMER:
- This procedure is not intended for use in large-scale production environments. For a best-practice installation, use the automated deployment method.
- You must obtain an account-unique unseal key from Imperva to complete this procedure.
-
Create a VPC, a key pair and at least one subnet.
-
Create a security group for the Management Server and another security group for the Gateway instances.
-
Create the following inbound rules:
- [Management Server SG] ==> [Gateway SG] @ TCP:443
- [Gateway SG] ==> [Management Server SG] @ TCP:8083, TCP:8085
- [Administrative IP ranges] ==> [Management Server SG] @ TCP:8083, TCP:22
- [Administrative IP ranges] ==> [Gateway SG] @ TCP:22
- [Client ranges] ==> [Gateway SG] @ [reverse proxy ports] (variable)
-
Launch your MX On-Demand instance using the product's AMI. Assign the Management Server security group and set the following user data (providing your own unseal key): ModelType : AVM150OD Component : server ProductLicensing : OnDemand ImpervaLicenseKey : <unseal_key>
-
Wait for the instance's status checks to pass and SSH as ec2-user using the supplied key pair's private key.
-
Enter 'admin' to switch to root (requires unsealed mode!).
-
Execute the First-Time login command below. This process can take up to 20 minutes.
/opt/imperva/impcli/commands/ftl --silent --product WAF --component Management --grub_password <grub_password> --database_password <database_password> --secure_password <secure_password> --system_password <system_password> --timezone <timezone> --model_type AVM150OD
- Replace all <variables> with your own values.
- Access your Management Server's user interface from a browser (https://<MX_IP>:8083).
- Accept the EULA and set the admin password as requested.
- To deploy Gateways, view the instructions for one of following marketplace products:
- SecureSphere WAF for AWS (BYOL)
- SecureSphere WAF AV1000 Gateway for AWS (On-Demand)
- SecureSphere WAF AV2500 Gateway for AWS (On-Demand)
- Refer to the user guide to configure your environment as desired and protect your applications: https://docs.imperva.com/bundle/v15.4-waf-user-guide/page/70414.htm
Resources
Support
Vendor support
Imperva's team of Support Engineers is positioned across the globe to provide 24x7x365 coverage, and can be contacted by phone, email, or online via our Self Service Support Portal. Visit the Imperva Support page above for more details.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By DataSunrise Database and Data Security
By Immuta
Top
100
In Security
Top
10
In Databases & Caching, Network Infrastructure
Top
25
In Data Analysis
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Dynamic Application Profiling
Patented Dynamic Profiling technology that learns application changes over time to streamline management and reduce operational overhead.
OWASP Top Ten Protection
Certified protection against OWASP Top Ten vulnerabilities including SQL Injection, XSS, and CSRF attacks, with PCI 6.6 compliance.
Advanced Bot Detection and IP Reputation
Advanced bot detection capabilities combined with IP Reputation filtering to prevent site scraping, application DDoS, comment spam, and web fraud.
Native AWS Integration
Native deployment in AWS environments with full support for elastic load balancing and CloudFormation for automated and adaptable security.
Multi-Layer Attack Detection
Multiple defense mechanisms with result correlation for accurate attack detection and threat identification.
Database Activity Monitoring
Real-time monitoring and auditing of database activities across SQL and NoSQL databases including RDS, Aurora, DynamoDB, Redshift, Athena, and Elasticsearch
Data Masking Capabilities
Dynamic and static data masking for personally identifiable information (PII) and protected health information (PHI) with granular control over sensitive data access
Sensitive Data Discovery and Classification
Automated discovery and classification of sensitive data across databases, data warehouses, and data lakes with compliance mapping
Multi-Database Support
Support for major SQL and NoSQL databases including PostgreSQL, MySQL, MariaDB, Oracle, MSSQL, MongoDB, Cassandra, Snowflake, SAP HANA, and AWS managed services
Compliance and Authentication Integration
Integration with Active Directory, LDAP, IAM, CloudWatch, and SIEM systems with support for compliance frameworks including HIPAA, PCI-DSS, GDPR, SOX, and ISO27001
Fine-Grained Data Access Control
Dynamic, fine-grained access control on AWS services including Amazon Redshift, Amazon S3, Amazon SageMaker, and Amazon EMR using de-identification, hashing, masking, and privacy enhancing technologies (PETs).
Sensitive Data Discovery and Classification
Automated sensitive data discovery capabilities to tag and classify sensitive data in AWS with highly accurate metadata generation for data security purposes.
Policy Management and Enforcement
Write data security policies once in plain language or as-code and enforce them consistently across multiple AWS data sources without copying or moving data.
Attribute-Based Access Control
Attribute-based access control (ABAC) implementation to simplify and streamline data security policy management across connected data sources.
Data Activity Monitoring
Real-time continuous monitoring of data and user query behavior to track activity, identify risky patterns, and enable proactive policy updates.
Standard contract
No
No
No
Customer reviews
reviewer2818194
Strong protection has improved legacy app security and currently reduces risky server connections
Reviewed on Apr 21, 2026
Review provided by PeerSpot
What is our primary use case?
Imperva Application Security Platform is generally used for legacy-type applications that cannot be migrated to the cloud. A specific example of how I use this tool to protect legacy applications in my organization is that we have an intranet which has not been fully developed or technologically advanced enough to run in the cloud, so by having this, we secure it effectively.
What is most valuable?
Imperva Application Security Platform allows you to enhance your application security posture. Among the best features that Imperva Application Security Platform offers, the policies are very dynamic, and it also has profiling at the application level that allows you to work in this mode.
I would like to highlight especially the ThreatRadar feature, which is an additional subscription, and ThreatRadar helps with threat intelligence by allowing you to block advanced attacks as well as mitigate risks more effectively.
Imperva Application Security Platform positively impacts us because we have a critical website, so by placing a WAF of Imperva's quality, it allows us to have visibility and granular control over the various attacks that can occur on the website.
A concrete improvement I have seen thanks to Imperva Application Security Platform is that it has decreased the level of connections to the final server. The specific improvement is that the connections that reach the server are fewer because Imperva is already filtering them at the WAF stage.
What needs improvement?
Imperva Application Security Platform could be improved if it allowed integration with Active Directory in the cloud, or if it provided visibility of user roles and permissions.
For how long have I used the solution?
I have been using Imperva Application Security Platform for a little more than three years.
What do I think about the stability of the solution?
I consider Imperva Application Security Platform to be a stable solution.
What do I think about the scalability of the solution?
I would rate the scalability of Imperva Application Security Platform as very good since it adapts well and you can grow independently because the interfaces support one and ten gigs.
How are customer service and support?
Imperva Application Security Platform customer support has been very good; the ticketing platform allows us to have visibility of the case, and the staff makes the effort to respond quickly.
Which solution did I use previously and why did I switch?
I did not previously use any other solution before Imperva Application Security Platform.
How was the initial setup?
The advice I would give to others who are considering using Imperva Application Security Platform is to start with learning mode and then move to blocking mode slowly for approximately one week so that Imperva can identify the website and the connections that are made to it.
What was our ROI?
I have seen a return on investment with Imperva Application Security Platform, as it is generally associated with time savings, because the review of alerts and the visibility it gives saves us significant operational time. The clarification on time savings is that it refers to the time spent on alerts.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, implementation cost, and licenses of Imperva Application Security Platform is that it is high compared to a traditional WAF solution, but it meets expectations.
Which other solutions did I evaluate?
Before choosing Imperva Application Security Platform, I did not evaluate other options, as we went directly with Imperva due to recommendations.
What other advice do I have?
I would rate Imperva Application Security Platform an eight on a scale from one to ten. Imperva Application Security Platform is a very good platform; even though it is not in Gartner, clients request it and trust the brand. I would rate customer support on a scale from one to ten as an eight. My overall review rating for Imperva Application Security Platform is eight out of ten.
reviewer2818005
Advanced protection has secured our websites and reduces DDoS and zero‑day attack incidents
Reviewed on Apr 19, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Imperva Application Security Platform is using it for web application firewall as the main objective for managing a web application that is handled by WAF in the company that my company is working for. Protecting all threats or attacks from the web application is the main objective of the WAF .
What is most valuable?
The best features Imperva Application Security Platform offers are for speed and protection. There is runtime and zero protection, and we have the sub and sub plus protection.
The speed and protection features of Imperva Application Security Platform help my team day-to-day by providing safe and clear access to the website. For example, my company is a multinational company that experiences many attacks, such as DDoS attacks, hitting the general website of the company before. The protection protects all of the websites in Imperva, so accessing the website is safer right now, not disrupted by DDoS attacks.
Imperva Application Security Platform has positively impacted my organization by making the website more secure. It reduces the DDoS attacks and reduces the attacks from threat actors, including SQL Injection and zero-day attacks, by using dynamic application profiling from Imperva. This is very helpful for my company as it reduces the incidents from the website.
What needs improvement?
I would suggest that Imperva Application Security Platform should include new features combined with AI. When I was using Imperva, it was not yet combined with AI. I believe that AI can now be used to make things easier, to track the attacks or IPs, or perhaps to determine the best configuration for each company that is using Imperva.
For how long have I used the solution?
I have been using Imperva Application Security Platform for three years.
What other advice do I have?
I would add that I have a unique observation about the features of Imperva Application Security Platform. For protection to protect more safely and restrictively, I have another use case with an internal website. This website is internal, and those people who want to access it can use the VPN or the internal network. I have encountered cases where a person from the internal company wants to access the website without using the API and got blocked by Imperva because there is a feature or configuration that allows specific IPs. I had to log all of the ways to access the web and allow only a few IPs from the internal IPs. I think Imperva is very secure, very restricted, and good for protecting websites, especially for internal websites and production servers.
Regarding improvements to Imperva Application Security Platform, I think all aspects of Imperva Web Application Firewall, including the UI/UX, are good, and I can operate it smoothly with the application. I give this product a rating of 8.5 out of 10.
Sayan Gupta
Continuous monitoring has strengthened our web defenses and has reduced malicious incidents
Reviewed on Apr 19, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Imperva Application Security Platform is the Web Application Firewall , which I use for firewall protection and monitoring 24/7 for suspicious activity.
Regarding my main use case, I first log into the WAF applications, then access the Alerts section. In that section, I can see different types of activity happening in the firewall. I review each alert to determine whether it is legitimate or suspicious activity. I can also view the target IP address and locations, target servers, and the payload that the attacker was using in that alert. I can see the OWASP Top 10 alerts and the event timing to identify when the attack occurred.
What is most valuable?
Imperva Application Security Platform offers impressive features. I am using the WAF, which blocks each alert based on signature-based attacks. That is the most impressive aspect I have experienced.
There are many alerts in Imperva Application Security Platform. For example, there is an OWASP Top 10 alert called SSRF, which is server-side request forgery. If someone attempts to access the server, the WAF blocks that SSRF alert, or RCE, Remote Code Execution alert, blocking immediately based on the signature, not only by the payload or the IP address. That is very effective.
Imperva Application Security Platform has positively impacted my organization because every time an attacker uses a malicious payload or malicious signature that is already included in the signature database of the WAF application or Imperva application, the application directly blocks that particular signature immediately. This capability can help any organization achieve better security outcomes.
What needs improvement?
I believe Imperva Application Security Platform can be improved because cybersecurity is a field that changes every day, and different types of signatures are being invented. The WAF team should add more signatures, including basic and advanced signatures, on a daily basis. They need to understand this requirement and update their signature database daily.
For how long have I used the solution?
I have been using Imperva Application Security Platform for almost one year and four months.
What do I think about the stability of the solution?
Imperva Application Security Platform is stable.
How are customer service and support?
The customer support for Imperva Application Security Platform is very good.
Which solution did I use previously and why did I switch?
I did not previously use a different solution; I have been using the WAF Imperva application for the last five years.
What was our ROI?
Imperva Application Security Platform has helped reduce incidents, save time, and improve my organization's security posture with specific measurable outcomes and metrics.
What other advice do I have?
I would rate Imperva Application Security Platform a 10 on a scale of one to 10.
I gave it a 10 because it is useful for private organizations and it is very safe to have WAF applications, particularly Imperva Application Security Platform.
The advice I would give to others looking into using Imperva Application Security Platform is that it is safer to use or to have it. My overall rating for this product is 10 out of 10.
reviewer2817948
Custom policies and rate limiting have strengthened our application security and compliance
Reviewed on Apr 19, 2026
Review provided by PeerSpot
What is our primary use case?
Imperva Application Security Platform is used primarily for web application firewall security. My organization has a significant number of applications running through the platform, and to monitor those applications, we require firewalls. Imperva Application Security Platform 's Web Application Firewall performs the deep inspection necessary for this monitoring.
What is most valuable?
Imperva Application Security Platform offers customization of security policies, allowing me to create policies tailored to my environment.
The rate limiting policy in Imperva Application Security Platform works based on usage numbers and has proven valuable for our operations.
Imperva Application Security Platform is user-friendly, and I can maintain a customized dashboard to monitor the utilization of all gateways in day-to-day operations.
Imperva Application Security Platform serves as the base pillar for applications to grant or deny access appropriately.
From a compliance perspective, Imperva Application Security Platform has been an improvement, as it has passed all compliance processes.
What needs improvement?
Imperva Application Security Platform could be improved by providing a more user-friendly dashboard.
I would recommend that support for Imperva Application Security Platform be enhanced to be more effective.
For how long have I used the solution?
I have been using Imperva Application Security Platform for three years.
What do I think about the stability of the solution?
Imperva Application Security Platform is stable.
What do I think about the scalability of the solution?
Scalability in Imperva Application Security Platform depends on the region. Imperva Application Security Platform can handle more applications or increased traffic easily as my organization grows. Currently, we are running approximately 1000 applications, and it can handle more.
How are customer service and support?
Customer support for Imperva Application Security Platform is good, though it could be better. I would rate the customer support of Imperva Application Security Platform an eight on a scale of one to ten.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
What was our ROI?
We have seen a return on investment with Imperva Application Security Platform, as we started with a few devices and gradually increased the number of on-premises devices for Imperva Application Security Platform.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing for Imperva Application Security Platform were user-friendly and good.
Which other solutions did I evaluate?
What other advice do I have?
I would recommend Imperva Application Security Platform compared to Akamai WAF. It has been good to use Imperva Application Security Platform, as I have been using it for three years. I would rate this review a nine on a scale of one to ten.
DOYIN ABIODUN
Web protection has stopped attacks and now routes only clean traffic to our core applications
Reviewed on Apr 18, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Imperva Application Security Platform is for WAF , application firewall, which is a web application firewall. I have my company's sites, websites, and our core application runs on it as well, so all traffic must first come through Imperva Application Security Platform before it's routed to the application.
A specific example of how I use Imperva Application Security Platform for my core application involves dealing with all the unwanted bots on the internet and crawlers.
Regarding my main use case with Imperva Application Security Platform, it denies all forms of malicious attempts to the sites, including SQL injection, brute force attack, DDoS, and all of that. It denies that and provides information about it through logs that indicate which particular IP was denied and the region, so I have the location based on the IP. I can get the location of where the attacks or injections are coming from. Basically, I receive a clean request based on the rules I've set, made to the server, and then receive their request back, while the ones that are not clean are blocked.
Regarding other features, Imperva Application Security Platform has safe logging capability and, as mentioned earlier, it's primarily for my WAF , web application firewall. Any basic web filtering capabilities are there, and that's all I use it for.
What is most valuable?
The best features Imperva Application Security Platform offers include DDoS protection, anti-DDoS capabilities, and connection protection against different malicious web attacks.
Imperva Application Security Platform has positively impacted my organization, as before its introduction, I usually had a lot of logs on my router, with many foreign attempts from anonymous IPs trying to gain access, including a lot of brute force logs. The CPU of the router would struggle with what it wasn't supposed to be doing while legitimate users suffered. Since implementing Imperva Application Security Platform WAF, as mentioned earlier, only legitimate traffic reaches the server and the router to request what they need, and of course, the response is given. This allows us to accommodate more legitimate traffic, faster and more securely.
While I can't provide a specific metric at this moment as I'm not in front of my system, I can confidently say that we have significantly noticed improved performance in terms of latency, an increased number of requests we can handle, and a reduction in attack attempts.
What needs improvement?
One improvement I would like to see in Imperva Application Security Platform is the ability to fail over to different sites for my same application. I want to have my disaster recovery site, my current site, and my cloud environment, all different, about three sites so that I can load balance across those sites. It would be beneficial if that could be included as a baseline feature without needing a special license.
I also think about the ability of Imperva Application Security Platform to integrate its logs with various systems; the integration with SIEM solutions is limited to certain types of OEM. I would prefer a situation where they are more agnostic in terms of log integration with SIEM solutions, such as SentinelOne.
For how long have I used the solution?
I have been using Imperva Application Security Platform for more than three years.
What do I think about the stability of the solution?
Imperva Application Security Platform is very stable.
What do I think about the scalability of the solution?
In terms of scalability, I believe it's within their infrastructure; there has never been any downtime.
How are customer service and support?
I use the channel partner for support and have never had a need to raise a ticket directly with Imperva.
How was the initial setup?
Imperva Application Security Platform is deployed in a cloud solution, as I was provided with login details, logged in, and configured Imperva Application Security Platform, putting in my public IP. From Imperva, I received a certain CNAME that I placed in my DNS, so all traffic coming to my domain goes through that DNS, through the CNAME to Imperva Application Security Platform, and then Imperva Application Security Platform forwards it to my public IP. Therefore, I would classify it as a private cloud.
What was our ROI?
I have the impression that there is a return on investment; we enjoy cleaner traffic in our environment, and more requests are being served, indicating a huge return on investment.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup cost, and licensing is that the pricing is not transparent to me; it's what the vendors give, or whatever the channel partner offers that you can negotiate on. The setup process is pretty easy, and the vendor is very transparent in terms of support.
Which other solutions did I evaluate?
Prior to choosing Imperva Application Security Platform, I did not evaluate other options in terms of a proof of concept; I only did a feedback assessment on the internet.
What other advice do I have?
I would rate Imperva Application Security Platform a nine on a scale of one to ten. I choose a nine because it has not failed me since I've been using it, and I've not had any attack. My advice to others looking into using Imperva Application Security Platform is that it is highly recommended and certainly worth trying out, at least for web application firewall purposes.