Name: Imperva API Security
Rating: 4.5 (94 reviews)

Overview

Product Information on Imperva API Security

Updated 8th October 2024

What is Imperva API Security?

Imperva API Security offers comprehensive protection for your entire API landscape—whether public, private, or shadow. It automatically discovers and classifies all APIs, enabling organizations to gain full visibility and control. By assessing risk effectively across all API environments, Imperva reduces the potential for security vulnerabilities. Its robust threat detection and mitigation capabilities ensure protection against both known and emerging API risks, regardless of where they are deployed—on-premises, in the cloud, or hybrid. With Imperva, organizations can safeguard sensitive data, maintain regulatory compliance, and confidently manage their APIs without worrying about location or deployment complexities. Know your APIs are secure, reducing risks while supporting operational efficiency and securing digital assets and API endpoints in an increasingly interconnected world.

Overall experience with Imperva API Security

ENGINEER

250M - 500M USD, Software

FAVORABLE

“Automated API Discovery Reduces Blind Spots and Enhances Overall Security Visibility”

5.0

Dec 9, 2025

Our experience with Imperva API Security has been reliable and the platform has helped us uncover previously unseen APIs and provided much clearer insight into overall API activity. Real-time protection feature has also reduced potentioal risks and improved our visibility across our environment. Although some tuning was needed during the initial rollout, the accuracy of detection and reliability of the monitoring have been strong and continue to support our security operations effectively.

Information Security Specialist

<50M USD, Transportation

CRITICAL

“Easy Implementation Highlighted, But Challenges Remain With Complex API Architectures”

3.0

Jan 15, 2026

Imperva API Security platform mainly focuses on API Inventory on the edge, allowing to detect api endpoints on already protected or published services on their CDN/WAF. The product feels overall compliant and on an initial level of configuration, but lacks on deep detections and protections.

About Company

Company Description

Imperva is a cybersecurity firm that assists organizations in safeguarding critical applications, APIs, and data across various scales and locations. It adopts a comprehensive approach that amalgamates edge, application security, and data security to offer protection to businesses at all levels of their digital journey. Imperva Threat Research and the worldwide intelligence community contribute to Imperva's knowledge of the evolving threat landscape. This understanding allows incorporation of the most recent security, privacy, and compliance expertise into the offered solutions.

Company Details

Company type

Private

Year Founded

2002

Head office location

San Mateo, United States

Number of employees

1001 - 5000

Website

http://www.imperva.com

Do You Manage Peer Insights at Thales Group (Imperva)?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Imperva API Security

Reviewer Insights for: Imperva API Security

Deciding Factors: Imperva API Security Vs. Market Average

Performance of Imperva API Security Across Market Features

Imperva API Security Likes & Dislikes

1. Comprehensive API Discovery: The automated dicsovery feature makes it easy to identify overlooked or untracked APIs, giving us better control and governance across the ecosystem. 2. Effective Threat Prevention: Real-time monitoring and blocking of suspicious API behavior such as abuse, bot and abnormal traffic helps maintain a stable and secure environment. 3. Smooth Integration: The solution fits so well into our system and security setup, allowing us to benefit from enhanced API visibility without requiring major infrastructure updates

The easiness of implementation, since most apis are publicly accessible, just enabling a feature on the console was the requirement for the implementation.

Continuous discovery of APIs and automatic gives us better visibility across our environments. Detection of risky behavior and threats helps us stop inappropriate API calls quickly.

1. Setup Can Be Time Consuming: Configuring policies and tuning thresholds requires additional effort, particularly for complex or high-traffic applications 2. Requires Familiarization: Some of the advanced dashboards and features take time for new members to fully understand. 3. Noise in High Volume APIs: A few of our busiest APIs occasionally trigger extra alerts, which require manual adjustments to minimize unnecessary notifications.

The main deficit of the service would be on architectures that centralize apis on one domain, and it requires to detect hundreds or thousand of api operations. It would take months to actually detect the endpoints, and on paths with dynamic parameters it would create false positives by detecting constantly used parameters as new endpoints.

Some documentation felt outdated, making initial setup harder than expected. Support can be slow to respond or lacks depth on certain specific questions. Customizing advanced policies sometimes requires extra effort or manual steps.

Top Imperva API Security Alternatives

Peer Discussions

Imperva API Security Reviews and Ratings

Recommended Gartner Insights

Market Guide for API Protection

50M-1B USD

Software

Review Source

Automated API Discovery Reduces Blind Spots and Enhances Overall Security Visibility

<50M USD

Transportation

Easy Implementation Highlighted, But Challenges Remain With Complex API Architectures

Manager, IT Security and Risk Management

Banking

Strong API Visibility and Threat Detection with Some Room to Improve in Support and Documentation

4.0

Dec 23, 2025

We have used Imperva API Security in our environment and it has improved our API visibility and threat detection overall. Deployment went smoothly after internal coordination, but we had to tweak some settings for accurate alerts. Support has been helpful, though response times vary. The solution has met our core needs.

Seamless Integration and Clear Insights Offset Analytics and Configuration Limitations

Dec 3, 2025

My experience with Imperva API Security has been very good and reliable. The platform has made it easier to understand API traffic patterns for better results, identify unusual behavior early and maintain better control over the environment. Deployment went very smoothly, and day to day use has been straightforward. Some features take a bit of time to learn but are not that difficult, but once configured, the system has consistently helped us strengthen our API Secuirty posture.

ASSISTANCE MANAGER, IT SECURITY AND RISK

Services (non-Government)

Single Dashboard Management and Auto Application Learning Aid API Security Handling

Dec 15, 2025

real time protection classification of private api multiple deployment on offer saas on-prim hybrid manage api with single dashboard covering all essentials initial difficulty in managing false positive alerts which require user input signature based security so covering zero day attack is impossible