For Internal and Partner Use Only Do not share this document externally, including with customers 2021 Gartner Magic Quadrant for Web Application and API Protection Gartner has named Imperva a Magic Quadrant Leader in Web Application and API Protection (WAAP making us an 8-time Leader and positioned highest for Completeness of Vision. Gartner has named Imperva as the only eight-year Leader in their 2021 Magic Quadrant for Web Application and API Protection (WAAP. Even more importantly, we scored highest in Completeness of Vision in a time when they claim that Cloud Web Application and API Protection (WAAP is the present and the future. Leading in Vision means that, while our history warrants instant credibility, our unified cloud WAF, Advanced Bot, DDoS, and API Protection strategy and insight position us to protect customers better than any competitor in 2021 and beyond. imperva.com
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
For Internal and Partner Use OnlyDo not share this document externally, including with customers
2021 Gartner Magic Quadrant for WebApplication and API Protection
Gartner has named Imperva a Magic Quadrant Leader in WebApplication and API Protection (WAAP making us an 8-time Leaderand positioned highest for Completeness of Vision.
Gartner has named Imperva as the only eight-year Leader in their 2021 Magic Quadrantfor Web Application and API Protection (WAAP. Even more importantly, we scoredhighest in Completeness of Vision in a time when they claim that Cloud Web Applicationand API Protection (WAAP is the present and the future. Leading in Vision means that,while our history warrants instant credibility, our unified cloud WAF, Advanced Bot, DDoS,and API Protection strategy and insight position us to protect customers better than anycompetitor in 2021 and beyond.
imperva.com
Frequently Asked QuestionsWhat has changed since 2020?
Ability to execute (Y-axis)Imperva had little to no change in Ability to Execute.
Completeness of vision (X-axis)Imperva is the leader, which is reassuring to prospects & customers that wehave the best strategy to protect their mission critical applications.
Competitive Landscape11 players vs. 10 last year.
1 Addition / 1 Name Change
ThreatX is the new addition to the field in the visionaries quadrant
Signal Sciences was acquired by Fastly.
What strengths does Gartner list for Imperva?
Market Segmentation
CapabilitiesThe Imperva Account Takeover (ATO module includes several interesting features, suchas the detection of credential stuffing, but also malicious intent from successful logins.Users can choose different actions based on the risk level (low, medium, high)associated with the account login.
Customer ExperienceCustomers noted the recent improvement in the management and monitoringinterfaces. They gave good scores to the vendor’s product capabilities, both for theGateway and Cloud products.
imperva.com
Product OfferingImperva has released a first version of API discovery, which shows API endpoints andincludes additional insights such as when the API transports sensitive PII. The recentacquisition of CloudVector shows the vendor’s willingness to make API security a majorcomponent of Imperva Cloud.
Product StrategyImperva announced its intent to build Sonar, a unified cloud-delivered management andmonitoring console, for all of its application security products. In the meantime, thevendor has completely revamped its management UI for Imperva Cloud, making morevisible security- and performance-related insights.
What cautions does Gartner list for Imperva? Howshould I explain each?
What it says:
Sales Execution:While Imperva remains one of the largest market share vendors for WAAP services, itsvisibility has grown slower than its competitors during the last few months. Gartnerestimates that Imperva Cloud slightly lost market share in this segment.
What to say:Imperva continues to focus on enterprises with hybrid architectures (Offering a WAFportfolio that includes a mature on-premises solution with the option of managed servicesand a SaaS platform). However, the cloud-first segment grew at a faster rate thanImperva in 2020. With our continued investment in innovation, such as the CloudVectoracquisition, we are already seeing this growth accelerated.
What it says:
Product Offering:As yet, Imperva does not offer a containerized WAAP, or the ability to deploy its WAAP asa Kubernetes sidecar.
What to sayFirst introduced in 2015, Kubernetes had various headwind challenges in the enterprise,especially on the topic of security. None of our SaaS competitors are likely to ever offerthis option, but we will be launching this capability, internally named “WAAP Anywhere”,later in 2021.
imperva.com
What it says:
Customer Experience:Imperva’s customers would like to see the vendor be more responsive when it comes tosupporting features regarded as “low hanging fruit.” They mentioned late support for TLS1.3, lack of SSO for back-end applications, and would expect better certificatemanagement. With the exception of the bot mitigation engines, Imperva Cloud is verysignature based, and lags behind some competitors for ML-based capabilities.
What to say:We believe this is factually incorrect as Imperva’s approach for the last couple of yearshas been to combine signature, challenges, and traffic/users real-time behavioralanalysis. The combined approach helps Imperva differentiate as it translates into accuratedetection leading to over 90% of our customers running in block mode.
Imperva uses Machine learning algorithms in different stages throughout tproductsecurity policies and mitigation. In some models, the output is directly contributing toImperva out of the box policies and in other cases, we expose our ML engine to letadvanced users decide how to use it in custom policies. Please see the attachment “HowImperva Uses ML in its WAAP Offering” for evidence of where and how Imperva uses MLin core WAF, DDoS, and Advanced Bot Protection.
What it says:
Geographic Strategy:Imperva’s presence in the Asia/Pacific region continues to lag behind its directcompetitors. The cloud service does not have local POPs in China and only has two inIndia. Overall, worldwide POPs are limited, compared with other CDN providers.
What to sayIf evaluated as a standalone CDN provider, we do offer fewer PoPs than somecompetitors. However, our security solutions have sufficient PoPs to offer thebest-in-class DDoS mitigation SLA of 3 seconds.
imperva.com
How did our key competitors fare?
AkamaiAkamai had the largest movement in the Magic Quadrant. This change is most likely dueto Akamai finally breaking apart their CDN and Security business into separate businessunits and showing the security business new growth. Even with this large move, Akamaistill sells the majority of their security business to existing CDN customers.
CloudflareCloudflare is in the same spot as last year. Cloudflare is still struggling to become a trueenterprise security solution. Gartner analysts have mentioned their lack of enterprisestability as a weakness. Their relative weakness in security offerings and reputation foroutages don’t help.
AWSAmazon WAF has moved into the challengers quadrant. They are still considered basicWAF for Amazon only, any multi-cloud WAAP approach would require something morerobust and advanced like Imperva.
F5 NetworksF5 moved down in both ability to execute and completeness of vision. There is a lack ofclear long-term strategy and vision while Imperva is viewed as the leader in vision.
RadwareRadware had almost zero movement in the Magic Quadrant. This shows that Radwarehas limited growth and product strategy when compared to last year.
FastlyWith the acquisition of Signal Sciences, Fastly has moved into the ChallengersQuadrant. Their position has improved due to the ability to sell Signal Sciences as FastlyNext Generation WAF to their existing CDN customers.
imperva.com
Questions & Answers
Q. I noticed Akamai’s significant leadership position for execution in the 2021Gartner report. Any insights?
A. Some key variables that Gartner considers to rate/rank execution come fromsales/marketing execution along with track record to product and operations.
Their annual revenue for the twelve months ending June 30, 2021 was $3.335B,a 9.65% increase year-over-year. However, further analysis of Akamai’s financialreporting showed a change effective March 1, 2021. They reorganized into twogroups: the Security Technology Group and the Edge Technology Group, whichboth utilize the Akamai Intelligent Edge Platform and its global salesorganization. Revenue from the Security Technology Group was previouslyreported as revenue from Cloud Security Solutions, and revenue from the EdgeTechnology Group was previously reported as revenue from CDN and all othersolutions. In their press release, it was stated that one of the key goals of thisreorganization was their goal of facilitating their continued strong growth forAkamai's $1 billion security business. Or, another interpretation is that theymight’ve over-weighted their percentage basis of allotting their AkamaiIntelligent Edge Platform revenues to the security technology group. We will bemonitoring this closely and provide additional insights.
Q. Should I share this report with customers and prospects?
A. Absolutely. Imperva is one of only 2 leaders in the Magic Quadrant andranked higher than anyone in Completeness of Vision. Competitors would pay tobe in our position.
imperva.com
Q. How should I position this report with customers and prospects?
A. Organizations are under tremendous pressure because:- Web app attacks are the #1 cause of data breaches- Cloud migration and DevSecOps are accelerating and no one is better positioned to
help with these future efforts- Basic WAF is dead -- Cloud WAAP Web Application and API Protection) is a must
and Imperva is ahead for this
Position Imperva strengths utilizing Command of the Message:- Imperva frequently wins on the basis of security features and innovation, enabling
customers to mitigate security risk- Imperva is one of the only vendors providing both WAF appliances and cloud WAF
service to achieve strong visibility in shortlists and large customer bases for bothsegments.
- Imperva offers flexible licensing for organizations with a mix of on-premises andcloud-hosted applications to ease the burdens associated with digitaltransformation
- Imperva Attack Analytics provides unified detection across our Cloud WAAP,enabling greater security value by replacing 56 point products with centralizedvisibility.
Q. How can I make the report available to customers or prospects?
A. Simply provide this link, and only this link, to anyone who wants to view the2021 Gartner MQ Report.
Q. Will Imperva promote the MQ via other marketing channels?
A. Absolutely. Imperva is promoting the MQ on our own website, through ourblog, via email and social media, via partners, content syndication and a varietyof paid media channels.
Q. Can I create my own marketing collateral using the MQ?
A. No. Gartner has very strict restrictions on use/promotion of the MQ. Violatingthese restrictions can result in Gartner revoking Imperva’s right to use the MQentirely.
imperva.com
Q. I have presentations with the 2020 GMQ slide. Where can I get a newslide with the 2021 MQ?
A. A new slide on the 2021 MQ is here Under Gartner Review- will be updatedafter approved).
Q. Can I create my own slides using content from the 2021 MQ?
A. No. Gartner has very strict restrictions on how content from the MQ and theMQ graphic can be used. Violating these restrictions can result in Gartnerrevoking Imperva’s right to use the MQ entirely.
imperva.com
Q. How can I use my social media accounts to promote this report?
A. We encourage you to post the following Gartner approved text from yourpersonal social media accounts.
Please see the Social Media Guidelines in the following section.
PLEASE NOTE Do not alter the copy below as it is Gartner approved.Additionally, per Gartner rules, do not publish the quadrant image in your posts.
Social Media Guidelines
LinkedInCopy and paste the following:
Protect your applications now and in the future, with a WAAP solution that stopsDDoS, malicious bots, API attacks and more. Learn why Imperva is positioned as aLeader in the 2021 Gartner Magic Quadrant for Web Application and API Protection.https://bit.ly/3o0VXWO
Copy and paste the following
On-prem or in the cloud, Imperva stops DDoS, malicious bots, API attacks and more.See why we’re positioned as a Leader in the 2021 Gartner Magic Quadrant for WebApplication and API Protection. https://bit.ly/3o0VXWO
TwitterShare here or copy and paste the following:
Protect your applications now and in the future, with a WAAP solution thatstops DDoS attacks, bad bots, API attacks and more. Learn why @Imperva ispositioned as a Leader in the 2021 @Gartner_inc Magic Quadrant for WebApplication and API Protection. https://bit.ly/3tZY3r7 #TeamImperva
imperva.com
Share here or copy and paste the following
When it comes to security, you need the best protection. Learn why@Imperva is positioned as a Leader and furthest for completeness of visionin the 2021 @Gartner_inc Magic Quadrant for Web Application and APIProtection. https://bit.ly/3tZY3r7 #TeamImperva
imperva.com
Related Documents
