Story image

Imperva garners sole 'leader' rank in WAF Magic Quadrant

27 Jul 15

Imperva has been named the sole leader in Gartner’s Magic Quadrant for web application firewalls.

The latest placement is the second year in a row the company has won the achievement.

Gartner says the web application firewall (WAF) market is growing quickly, with a range of deployments from ‘good enough’ to more complex WAF deployments aiming at high security.

“Enterpise security teams should evaluate how WAFs can provide improved security, require tolerable staff involvement and integrate their security ecosystem,” the report says.

Gartner says Imperva is assessed as a leader ‘because it continually wins based on security features and innovations, and resists price pressure from direct competitors with the recognition of its premium offering’.

“Imperva is a strong shortlist contender for organisations of all sizes, especially those with high-security requirements or those looking for an easy-to-deploy, cloud-based WAF,” Gartner says.

The analyst firm notes that as most pure-play competitors were acquired or disappeared, IMperva has continued to grow its share of the WAF market.

“Imperva Incapsula is the cloud-based or as-a-service WAF that is bundled with other services, including DDoS mitigation,” the report says.

“ThreatRadar is the family of add-on subscription services available for SecureSphere, delineated into four offerings: reputation, anti-bot, anti-fraud and community defence.

“The SecureSphere WAF is available for AWS, as a virtual appliance and on seven appliance models supporting up to 10Gbps. Two models of physical and virtual appliances are also available for dedicated management,” Gartner notes.

“Gartner sees a good attach rate level for Imperva’s WAF with its database security offering.

“The vendor has a good third-party ecosystem, which includes data loss prevention, anti-fraud, SIEM and vulnerability scanners.”

Gartner says Imperva consistently scores ‘very high’ and/or winning competitive assessments done by Gartner clients, with a high success rate when security, reporting and protection, rather than detection, are the most weighted criteria.

The analyst firm says post-sales, its client commentaries also ‘usually are very positive’.

“Imperva has continually led the WAF market in new features that forced competitors to react,” Gartner says. “It also includes several advanced techniques for better efficiency of protection that its competitors lack.

“Thus it is a good shortlist contender when protection is foremost and having a different vendor for WAFs and ADCs is an acceptable scenario.”

Gartner adds that Imperva has ‘consistently and effectively’ messaged on and delivered WAF features in response to changes in the data center and the application threat landscape, such as the first integration between Incapsula WAF and Skyfence CASB.

The analyst firm says having WAF-as-a-service via Incapsula and on-premises SecureSphere options gives the vendor access to a larger addressable market in the enterprise and SMBs, and provides a transition path for clients as their application security needs change.

Gartner does however, note that Imperva SecureSphere ‘is usually too advanced for SMBs or projects where the WAF is being deployed only as a ‘check in the box’ measure to meet compliance requirements’.

It notes SecureSphere also faces the most competition from WAFs provided by ADC vendors and that Imperva clients and prospects face pressure from Imperva’s channel and sales team to integrate with its database solutions, leading to increased cost.

F5, Citrix, Akamai and Barracuda Networks made the ‘challengers’ quadrant, while a number of companies, including Fortinet were recognised as niche players in the WAF market.

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.