Sold by: Imperva
Deployed on AWS
Free Trial
Imperva SecureSphere Web Application Firewall (WAF) for AWS is the world's leading WAF, and is the first enterprise-class WAF tailored specifically for AWS. Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications.
4.5
Overview
Imperva SecureSphere WAF for AWS extends all of the security and management capabilities of the world's most-trusted web application firewall to Amazon Web Services environments. SecureSphere for AWS is the first enterprise-class Web Application Firewall tailored specifically for Amazon Web Services. Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications. SecureSphere applies multiple defenses and correlates results to offer laser-accurate attack detection. Certified by ICSA Labs, SecureSphere addresses PCI 6.6 and provides ironclad protection against the OWASP Top Ten, including SQL Injection, XSS and CSRF.
Highlights
- Automated Protection - Patented Dynamic Profiling technology streamlines management and lowers operations costs by learning application changes over time. Security updates from the Imperva ADC protect applications against the latest threats.
- Flexible Deployment Options - The SecureSphere WAF offers organizations automated, adaptable security and easy deployment into Amazon environments with full support for elastic load balancing and CloudFormation.
- Fraud and Automated Attack Protection - With advanced bot detection capabilities, IP Reputation, granular custom rules, and fraud integration, SecureSphere stops dangerous threats like site scraping, application DDoS, comment spam, and web fraud.
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5a.2xlarge Recommended | $1.16 |
m4.4xlarge | $1.16 |
m5.4xlarge | $1.16 |
m6i.xlarge | $1.16 |
m7i.xlarge | $1.16 |
c7i.xlarge | $1.16 |
c7i.2xlarge | $1.16 |
c6i.2xlarge | $1.16 |
c4.large | $1.16 |
c5.xlarge | $1.16 |
Vendor refund policy
We do not support refunds, but customers can cancel at any time. Contact Imperva for more information.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
AUTOMATIC DEPLOYMENT (RECOMMENDED)
Imperva simplifies the deployment of your WAF Gateway infrastructure on AWS by providing dynamically generated CloudFormation and Terraform templates tailored to your specific requirements via the Imperva Cloud Template Tool.
For detailed instructions and additional information: https://docs.imperva.com/bundle/v15.4-waf-on-amazon-aws-byol-installation-guide/page/10450.htm
MANUAL DEPLOYMENT
DISCLAIMER:
- This procedure is not intended for use in large-scale production environments. For a best-practice installation, use the automated deployment method.
- You must obtain an account-unique unseal key from Imperva to complete this procedure.
-
Create a VPC, a key pair and at least one subnet.
-
Create a security group for the Management Server and another security group for the Gateway instances.
-
Create the following inbound rules:
- [Management Server SG] ==> [Gateway SG] @ TCP:443
- [Gateway SG] ==> [Management Server SG] @ TCP:8083, TCP:8085
- [Administrative IP ranges] ==> [Management Server SG] @ TCP:8083, TCP:22
- [Administrative IP ranges] ==> [Gateway SG] @ TCP:22
- [Client ranges] ==> [Gateway SG] @ [reverse proxy ports] (variable)
-
Launch your MX On-Demand instance using the product's AMI. Assign the Management Server security group and set the following user data (providing your own unseal key): ModelType : AVM150OD Component : server ProductLicensing : OnDemand ImpervaLicenseKey : <unseal_key>
-
Wait for the instance's status checks to pass and SSH as ec2-user using the supplied key pair's private key.
-
Enter 'admin' to switch to root (requires unsealed mode!).
-
Execute the First-Time login command below. This process can take up to 20 minutes.
/opt/imperva/impcli/commands/ftl --silent --product WAF --component Management --grub_password <grub_password> --database_password <database_password> --secure_password <secure_password> --system_password <system_password> --timezone <timezone> --model_type AVM150OD
- Replace all <variables> with your own values.
- Access your Management Server's user interface from a browser (https://<MX_IP>:8083).
- Accept the EULA and set the admin password as requested.
- To deploy Gateways, view the instructions for one of following marketplace products:
- SecureSphere WAF for AWS (BYOL)
- SecureSphere WAF AV1000 Gateway for AWS (On-Demand)
- SecureSphere WAF AV2500 Gateway for AWS (On-Demand)
- Refer to the user guide to configure your environment as desired and protect your applications: https://docs.imperva.com/bundle/v15.4-waf-user-guide/page/70414.htm
Resources
Support
Vendor support
Imperva's team of Support Engineers is positioned across the globe to provide 24x7x365 coverage, and can be contacted by phone, email, or online via our Self Service Support Portal. Visit the Imperva Support page above for more details.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By DataSunrise Database and Data Security
By Immuta
Top
100
In Security
Top
10
In Databases & Caching, Network Infrastructure
Top
25
In Data Analysis
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Dynamic Application Profiling
Patented Dynamic Profiling technology that learns application changes over time to streamline management and reduce operational overhead.
OWASP Top Ten Protection
Certified protection against OWASP Top Ten vulnerabilities including SQL Injection, XSS, and CSRF attacks, with PCI 6.6 compliance.
Advanced Bot Detection and IP Reputation
Advanced bot detection capabilities combined with IP Reputation filtering to prevent site scraping, application DDoS, comment spam, and web fraud.
Native AWS Integration
Native deployment in AWS environments with full support for elastic load balancing and CloudFormation for automated and adaptable security.
Multi-Layer Attack Detection
Multiple defense mechanisms with result correlation for accurate attack detection and threat identification.
Database Activity Monitoring
Real-time monitoring and auditing of database activities across SQL and NoSQL databases including RDS, Aurora, DynamoDB, Redshift, Athena, and Elasticsearch
Data Masking Capabilities
Dynamic and static data masking for personally identifiable information (PII) and protected health information (PHI) with granular control over sensitive data access
Sensitive Data Discovery and Classification
Automated discovery and classification of sensitive data across databases, data warehouses, and data lakes with compliance mapping
Multi-Database Support
Support for major SQL and NoSQL databases including PostgreSQL, MySQL, MariaDB, Oracle, MSSQL, MongoDB, Cassandra, Snowflake, SAP HANA, and AWS managed services
Compliance and Authentication Integration
Integration with Active Directory, LDAP, IAM, CloudWatch, and SIEM systems with support for compliance frameworks including HIPAA, PCI-DSS, GDPR, SOX, and ISO27001
Fine-Grained Data Access Control
Dynamic, fine-grained access control on AWS services including Amazon Redshift, Amazon S3, Amazon SageMaker, and Amazon EMR using de-identification, hashing, masking, and privacy enhancing technologies (PETs).
Sensitive Data Discovery and Classification
Automated sensitive data discovery capabilities to tag and classify sensitive data in AWS with highly accurate metadata generation for data security purposes.
Policy Management and Enforcement
Write data security policies once in plain language or as-code and enforce them consistently across multiple AWS data sources without copying or moving data.
Attribute-Based Access Control
Attribute-based access control (ABAC) implementation to simplify and streamline data security policy management across connected data sources.
Data Activity Monitoring
Real-time continuous monitoring of data and user query behavior to track activity, identify risky patterns, and enable proactive policy updates.
Standard contract
No
No
No
Customer reviews
Stephen Tanimowo
Strong policies and bot defenses have secured critical APIs and have reduced attack noise
Reviewed on Apr 16, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case is regarding API Security , specifically trying to do some schema enforcement. I would say that is my main use case, so having to make sure the schema enforcement is done and also some DDoS protection in the aspect of web application firewalls and making sure DDoS protection is done also for bot protection, as well as some of the use cases I have had in recent projects.
In a recent project, we had one of our clients, a major financial institution in Eastern Europe. They were trying to resolve some issues with bots having access to some tangible data in their application. They had an external firewall they were using, but it was not backing up whatever alerts that needed to be obtained to make sure things are well secured. We came in and configured Imperva Application Security Platform on the web application. We made sure the DDoS protection feature was activated, so the admin is also alerted to whatever attack is coming in and then they are able to do the right measures to make sure it is stopped.
What is most valuable?
Some of the best features are the policy tuning, where you are able to tune policies the right way without stress or much hassle. The DDoS protection, the OWASP Top 10 feature, and the bot protection feature are also excellent. The API security feature is particularly valuable because most attackers do not try to come in from where it is expected. Most attackers attack the API that is being used on a platform.
The policy tuning is one of the easiest features that I know. Once you are trying to customize a policy, you just need to understand what kind of policy you are trying to customize, go through the right place from the security to policies, then create a policy. For example, you might be trying to set a policy to make sure that it does not save credit cards on a particular platform or website. That is basically one of the simplest ways of ensuring policy tuning works fine. It is one of the easiest features and I believe it has done a great deal for me in the aspect of operating Imperva Application Security Platform .
What needs improvement?
From my research regarding the IAM space that Imperva Application Security Platform is trying to look into, I believe they still need to do a lot of modeling and modification to make sure that also helps. There are several competitors in the IAM space, so Imperva would do well if they can do some basic modeling and modifications from my own personal research and my own experience in the IAM space. Alternatively, they could actually just focus on trying to be stronger in the web application space and the database activity monitoring space.
The main reason it is not a perfect ten is regarding support. At times, having to reach the support team takes eight hours to ten hours maximum. There are times when clients could have urgent issues to attend to. The support team could do more by having a faster response rate.
For how long have I used the solution?
I have been working for over three years in this space.
What do I think about the stability of the solution?
Imperva Application Security Platform is very stable, very, very stable.
What do I think about the scalability of the solution?
The scalability of Imperva Application Security Platform is easy and well organized, so you can easily upgrade the version of the model you are using. It is easy to always scale to add more users. It is easy to always scale to add more endpoints and apps you are trying to secure.
How are customer service and support?
For the customer support, the reason I rated Imperva nine over ten is basically because of the customer support. They need to work faster on the response time because of issues of urgent replies. They need to work perfectly on the faster response. Overall, it is a good customer experience with them. It has not really been hectic, but they can do better.
Which solution did I use previously and why did I switch?
We did not use any previous solution regarding that. We were always on Imperva Application Security Platform because Imperva is one of the leading organizations regarding WAF and DAM .
How was the initial setup?
Regarding licensing, it was a smooth experience. I had to reach out to the salesperson at Imperva who helped us with setting up costs and understanding what the client needs, and making sure the pricing and licensing is done. Licensing is always for a year. There are times when most of our clients do not actually remember where they do their licensing. The licensing certificate helps to understand the date and then gives the client the proper time to renew when necessary.
What was our ROI?
I was able to save over seven million dollars last year as return on investment in the company. Regarding fewer employees needed, we are able to employ more hands because we were one of the organizations that actually brought Imperva to Africa. We needed more Imperva engineers and from the way it is, Imperva engineers have not been that much in Africa. Training new employees and making sure they are attended to with Imperva is also an issue that we are trying to resolve in Africa.
What's my experience with pricing, setup cost, and licensing?
We have noticed faster response times and fewer security alerts because after doing some custom policy tuning, everything seemed to be aligned and we have fewer attacks to monitor and fewer alerts to monitor. It was possible where we were able to integrate a SIEM solution that we were using with Imperva Application Security Platform. That is one of the features I enjoy about Imperva. You can stimulate and integrate whatever SIEM platform you are using to Imperva. Imperva sends over the logs and alerts to the SIEM, so it is easier for the blue team of your organization to read the alert and provide adequate measures to stop whatever is happening in the enterprise.
Which other solutions did I evaluate?
We evaluated Trendis and we also evaluated Check Point.
What other advice do I have?
My basic advice would be to make your evaluations properly. It is okay to do demos as much as you can to fully see if it is going to work with whatever challenges you are trying to solve. I believe in thorough and proper evaluation of solutions. I can give a solid approval of Imperva Application Security Platform because it has really done a lot in helping my clients and giving them the best. Imperva is one of the best, if not the best. Almost every feature in Imperva Application Security Platform works really fine and it is what enterprises are battling, and what Imperva does in shaping the security culture of the digital world. Overall, I am going to rate Imperva Application Security Platform a nine out of ten, being one of the leading solution providers in the WAF space and the DAM space.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Nigus Machin Amare
Advanced API inspection has protected critical banking integrations and supports real-time analysis
Reviewed on Mar 06, 2026
Review provided by PeerSpot
What is our primary use case?
I use Imperva Application Security Platform for API security, which has a cloud solution where normal traffic flows horizontally, and a copy of the traffic goes to the cloud to be inspected. If there is something suspicious, it could be blocked depending on the action configured. Imperva Application Security Platform also has a solution for Database Activity Monitoring (DAM ) as well as API security. I have been working with these solutions for around one and a half years, more than one year, as a partner collaborating with the vendor. The communication from the vendor flows through us, then to the clients, particularly the financial institutions and banks.
The data center for the bank is usually the headquarter, where the main data center is located in our country, and there are branches at every street. For the branches, every access is through the firewall and the core banking application server, and there is an integration between banks from different institutions. In this case, every communication is done through the API, necessitating API inspection and API security.
The main benefit is the use case my clients find valuable. For the product and security, there is good API inspection. If any abnormal API appears or there are any similarities due to changes, the API security features will catch that because there is access for third-party applications from one bank to another. This setup ensures there is segmentation, and allowed APIs will get access while others will be blocked. It serves as the main channel for third-party application integration, and without API security, any similar URL related access could affect core banking, which is vital for every financial transaction.
For real-time analysis, the deployment is arranged so as not to interrupt transactions. The normal traffic flow will continue, while a copy of the API traffic will be mirrored to Imperva Application Security Platform for deep inspection. If any abnormalities are detected, even unusual behaviors for transactions, checks are done continuously, and actions are sent accordingly if any suspicious traffic is found.
What is most valuable?
For the fast response of signature-based comparisons, traffic will be matched against the solutions stored in the database to release actions if similarities occur. However, the main drawback for signature-based approaches happens when there is a new zero-day attack that is not in the database. Solutions usually include integrity with lab environments so that zero-day attack signatures are sent through subscriptions to provide the latest updates.
The comparison for API protection varies across solutions. For F5, API protection is part of WAF , and similarly for Fortinet. While Imperva Application Security Platform has basic features as part of WAF , its dedicated API protection solution is a strong point.
What needs improvement?
On the negative side, API security mainly supports cloud-based solutions, while most of my customers prefer on-prem setups, so achieving high performance with on-prem solutions would be beneficial. The attractiveness of Imperva Application Security Platform is that not all data is exposed to the cloud. Only a mirrored copy goes to the cloud and is inspected, allowing actions to be taken on-prem. To convince my clients, a purely on-prem solution would be ideal since they are financial institutions.
For how long have I used the solution?
I have been using the solution for more than one year.
What do I think about the stability of the solution?
I am more than happy with the technical support from Imperva Application Security Platform regarding data security and API security. For the support, however, one notable drawback is that, unlike Fortinet, which offers fast track labs and continuous enablement, Imperva Application Security Platform lacks lab access and fast track labs for enablement and product advertising. This weakness has shifted the marketplace toward other vendors. When creating a ticket for support during deployment, the response is satisfactory, though the gaps in enablement and lab sessions are clear.
What do I think about the scalability of the solution?
I find Imperva Application Security Platform to be a scalable product, as long as I subscribe and pay for the application I wish to use. It is scalable, and for about one and a half years, I have experienced no challenges in this area. I have not even needed support after deployment, since it has remained stable.
How are customer service and support?
When creating a ticket for support during deployment, the response is satisfactory, though the gaps in enablement and lab sessions are clear. Overall, I would rate support around an eight or nine, and my overall experience with security products spans around four years, with my particular engagement with Imperva Application Security Platform mainly during project deployment and client training.
How was the initial setup?
For installation, it primarily involves a cloud-based service, and I was using that as an operator. For database activity monitoring, I have deployed it, and while it is somewhat complex, there is a support channel where I communicate with vendors to resolve issues. The main challenge during installation is not unique to Imperva Application Security Platform. It is faced by many on-prem and virtual appliance products, particularly ensuring integrity with the virtualization environment and integration with third-party applications.
What other advice do I have?
I am not using CyberArk, as it is only a proposal for identity and access management that I have proposed for my clients.
Apart from One Identity, I am working with SentinelOne for AI, and I was looking for that. For Purple AI , I was communicating with the vendors and the distributor, and I have considered proposing it for my clients. Currently, I am using the load balancer Radware as an application load balancer. For the on-prem WAF, I am using Fortinet, regarding the WAF and the load balancer, Radware and Fortinet.
I am not working with some email security products, some EDR, or endpoint protection as an implementation. I was just looking into it and have proposed it for my clients, and I am waiting for the financial evaluation for FortiMail . For Fortinet, I am involved more with FortiMail , WAF, ADC , FortiGate firewall, NAC, WAF, and FortiClient EMS.
Regarding Check Point and WatchGuard, I have worked with Check Point for the firewall, specifically the perimeter firewall. For Check Point, I have already worked with the firewall only, which is a next-generation firewall, using a physical appliance on-prem. Most of my customers, particularly financial institutions, even if they invest their resources in the cloud, need an on-prem solution. It could be a virtual appliance deployed on a server or a physical appliance, but they mostly need on-prem.
Regarding the price, I find Imperva Application Security Platform affordable, with moderate pricing. My overall rating for this solution is eight out of ten.
KS10
Advanced threat detection has improved real-time traffic protection and mitigates DDoS attacks
Reviewed on Feb 20, 2026
Review provided by PeerSpot
What is our primary use case?
Clients can use Imperva Application Security Platform for various purposes, and as a reseller, I believe the best advantage in the product is its features that stand out for the client.
What is most valuable?
I have experience with the real-time traffic inspection feature of Imperva Application Security Platform , and it helps with network security.
I believe the reputational analysis in Imperva Application Security Platform is effective for blocking security threats before impact. I also believe that behavioral and signature-based techniques help to improve threat detection accuracy.
I see valuable benefits from advanced detection and traffic profiling during DDoS attacks, and I track some metrics related to DDoS protection performance.
What needs improvement?
I see some areas for improvement in Imperva Application Security Platform, especially regarding price. Regarding return on investment, ROI, I can say it is noticeable with Imperva Application Security Platform, and I see some significant differences compared to other firewalls such as Palo Alto, where there are pros and cons between Imperva Application Security Platform and some competitors.
As for the deployment of Imperva Application Security Platform, I would say it can be a complex process, and I ask this because we are partners with AWS . I have not purchased a solution from AWS Marketplace or deployed it on AWS Cloud for a client.
For how long have I used the solution?
I have been working and selling it for three years so far.
What do I think about the stability of the solution?
Regarding the scalability of Imperva Application Security Platform, I would say it is a scalable product with some limitations, but it is also a stable product without much glitch or downtime.
How are customer service and support?
My experience with technical support from Imperva Application Security Platform was good when I reached out to them.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I have been in this domain with firewalls longer than three years, overall in this sphere with firewalls and security solutions.
What was our ROI?
I see some areas for improvement in Imperva Application Security Platform, especially regarding price. Regarding return on investment, ROI, I can say it is noticeable with Imperva Application Security Platform, and I see some significant differences compared to other firewalls such as Palo Alto, where there are pros and cons between Imperva Application Security Platform and some competitors.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
reviewer2756250
Have noticed several areas that need improvement while some features are helpful during deployment
Reviewed on Sep 11, 2025
Review provided by PeerSpot
What is our primary use case?
I prefer not to do a review for EDR since it is a new product that I am using. Instead, I would like to review other products I have worked with before, such as Imperva products, Imperva Web Application Firewall , or Imperva DAM .
What is most valuable?
I worked as a consultant for the customer and was part of a design and deployment team for Imperva API Security .
What needs improvement?
Could you please describe the deployment process, initial setup process, and what challenges were faced?
What was my experience with deployment of the solution?
I would need to check with my manager and run this by the legal team in the US before I would be able to share this information.
What do I think about the stability of the solution?
Please repeat the question.
What do I think about the scalability of the solution?
That would be fine.
How are customer service and support?
The technical support team would be rated 5 out of 10, where 10 represents the best support and 1 represents very poor support.
Which solution did I use previously and why did I switch?
I would prefer to receive the form via email so I can fill it out manually myself. Additionally, I want this review to be anonymous, with neither my name nor my company's name appearing anywhere.
How was the initial setup?
We can schedule a call in two hours to discuss this further.
What about the implementation team?
Please describe the deployment process, initial setup process, and what challenges were faced.
What other advice do I have?
I would need to check with my manager and run this by the legal team in the US before sharing more information. We can schedule a call in two hours to discuss this further.
Financial Services
Good solution but poor support in my region
Reviewed on Jul 29, 2025
Review provided by G2
What do you like best about the product?
It is a reliable cybersecurity solution that has many tools to help protect web applications.
What do you dislike about the product?
It is very expensive for our South American region and the support from the partners is bad.
What problems is the product solving and how is that benefiting you?
The technical support from the local partners is bad.