Imperva has been named the sole leader in Gartner's Magic Quadrant for web application firewalls.

The latest placement is the second year in a row the company has won the achievement.

Gartner says the web application firewall (WAF) market is growing quickly, with a range of deployments from ‘good enough' to more complex WAF deployments aiming at high security.

“Enterpise security teams should evaluate how WAFs can provide improved security, require tolerable staff involvement and integrate their security ecosystem,” the report says.

Gartner says Imperva is assessed as a leader ‘because it continually wins based on security features and innovations, and resists price pressure from direct competitors with the recognition of its premium offering'.

“Imperva is a strong shortlist contender for organisations of all sizes, especially those with high-security requirements or those looking for an easy-to-deploy, cloud-based WAF,” Gartner says.

The analyst firm notes that as most pure-play competitors were acquired or disappeared, IMperva has continued to grow its share of the WAF market.

“Imperva Incapsula is the cloud-based or as-a-service WAF that is bundled with other services, including DDoS mitigation,” the report says.

“ThreatRadar is the family of add-on subscription services available for SecureSphere, delineated into four offerings: reputation, anti-bot, anti-fraud and community defence.

“The SecureSphere WAF is available for AWS, as a virtual appliance and on seven appliance models supporting up to 10Gbps. Two models of physical and virtual appliances are also available for dedicated management,” Gartner notes.

“Gartner sees a good attach rate level for Imperva's WAF with its database security offering.

“The vendor has a good third-party ecosystem, which includes data loss prevention, anti-fraud, SIEM and vulnerability scanners.

Gartner says Imperva consistently scores ‘very high' and/or winning competitive assessments done by Gartner clients, with a high success rate when security, reporting and protection, rather than detection, are the most weighted criteria.

The analyst firm says post-sales, its client commentaries also ‘usually are very positive'.

“Imperva has continually led the WAF market in new features that forced competitors to react,” Gartner says. “It also includes several advanced techniques for better efficiency of protection that its competitors lack.

“Thus it is a good shortlist contender when protection is foremost and having a different vendor for WAFs and ADCs is an acceptable scenario.

Gartner adds that Imperva has ‘consistently and effectively' messaged on and delivered WAF features in response to changes in the data center and the application threat landscape, such as the first integration between Incapsula WAF and Skyfence CASB.

The analyst firm says having WAF-as-a-service via Incapsula and on-premises SecureSphere options gives the vendor access to a larger addressable market in the enterprise and SMBs, and provides a transition path for clients as their application security needs change.

Gartner does however, note that Imperva SecureSphere ‘is usually too advanced for SMBs or projects where the WAF is being deployed only as a ‘check in the box' measure to meet compliance requirements'.

It notes SecureSphere also faces the most competition from WAFs provided by ADC vendors and that Imperva clients and prospects face pressure from Imperva's channel and sales team to integrate with its database solutions, leading to increased cost.

F5, Citrix, Akamai and Barracuda Networks made the ‘challengers' quadrant, while a number of companies, including Fortinet were recognised as niche players in the WAF market.