Imunify 360 the take from bitninja
and I asked them to email me what the things they think imunify360 are lacking;
1) They have a completely out-of-date approach regarding security. Back then they copied our IP reputation module, completely, so for example this module is really similar, but now they focus on reactive defense ( malware scanning and backup ) and monitoring, while we do focus on real-time full-stack protection against every phase of attack ( eg: malicious scanning, infection, exploitation, outbound attack ) with a proactive approach.
2) The don't have such a powerful WAF that we do. They use SecRuleEngine DetectionOnly in mod_security configuration and it only blocks by mod_security events
with high severity. It's just a mod_security, integrated to an apache. While we have a team, constantly testing existing WAF rules to reduce false positives for
our partners and also add newer and newer rules to our safe ruleset. It is inegrated with our Captcha/BIC module too, so it provides a better user experience.
Not to mention that ours have far the best options for configuration: https://www.youtube.com/watch?v=i4c2rSzZUKI&t=15s
For expamle, their WAF can't be disabled or restricted on per domain basis.
3) Of course, our other modules would complete the list, what Imunify360 does not have, like : Port Honeypot, Web Honeypot, DoS Detection, Outbound WAF, Captcha for SMTP not only HTTP/S.
4) Their zero-day response is not the best also. It's 1 day at BitNinja in average, but they patch only around 40 days - based on the latest major CMS zerodays - Drupalgeddon 2 and 3
5) We see our current and former customer are complaining about very high server loads and false positive rates.
We do everything to have a minimal footprint, constantly optimizing our modules (e.g. Malware Detection 80x speed-up lately + senselog optimizationis in progress)
and monitor our false positive rates constantly to intervere in case of any issue. As you're customer's satisfaction is very important for us, too.
6) Centralized management that you mentioned is also a huge comfort for sysadmins/devops when handling security issues.
7) They store logs on the servers, which is not GDPR complient. We comply the guidelines, we're publishing the neccessary docs in 2 weeks.
8) We're shortly supporting IPv6 also, Imunify won't. Attackers are getting more and more comfortable with iPv6 protocol and start attacking it as there's not many security solutions for that.
2) The don't have such a powerful WAF that we do. They use SecRuleEngine DetectionOnly in mod_security configuration and it only blocks by mod_security events
with high severity. It's just a mod_security, integrated to an apache. While we have a team, constantly testing existing WAF rules to reduce false positives for
our partners and also add newer and newer rules to our safe ruleset. It is inegrated with our Captcha/BIC module too, so it provides a better user experience.
Not to mention that ours have far the best options for configuration: https://www.youtube.com/watch?v=i4c2rSzZUKI&t=15s
For expamle, their WAF can't be disabled or restricted on per domain basis.
3) Of course, our other modules would complete the list, what Imunify360 does not have, like : Port Honeypot, Web Honeypot, DoS Detection, Outbound WAF, Captcha for SMTP not only HTTP/S.
4) Their zero-day response is not the best also. It's 1 day at BitNinja in average, but they patch only around 40 days - based on the latest major CMS zerodays - Drupalgeddon 2 and 3
5) We see our current and former customer are complaining about very high server loads and false positive rates.
We do everything to have a minimal footprint, constantly optimizing our modules (e.g. Malware Detection 80x speed-up lately + senselog optimizationis in progress)
and monitor our false positive rates constantly to intervere in case of any issue. As you're customer's satisfaction is very important for us, too.
6) Centralized management that you mentioned is also a huge comfort for sysadmins/devops when handling security issues.
7) They store logs on the servers, which is not GDPR complient. We comply the guidelines, we're publishing the neccessary docs in 2 weeks.
8) We're shortly supporting IPv6 also, Imunify won't. Attackers are getting more and more comfortable with iPv6 protocol and start attacking it as there's not many security solutions for that.
