Onapsis vs. F5 Distributed Cloud Bot Defense

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Onapsis
Score 9.0 out of 10
N/A
Onapsis, headquartered in Boston, offers application security software to enterprises in the form of the Onapsis Security Platform for SAP and the Onapsis Security Platform for Oracle E-Business Suite.N/A
F5 Distributed Cloud Bot Defense
Score 8.7 out of 10
N/A
F5 Distributed Cloud Bot Defense (formerly Shape Defense, acquired January 2020) provides security to protect a website from bots, fake users, and unauthorized transactions, preventing large scale fraud and eroded user experiences. Companies get visibility, detection and mitigation outcomes to reduce fraud and cloud hosting, bandwidth and compute costs, improve user experiences, and optimize their business based on real human traffic.N/A
Pricing
OnapsisF5 Distributed Cloud Bot Defense
Editions & Modules
No answers on this topic
Enterprise
Custom Quote
per year
Offerings
Pricing Offerings
OnapsisF5 Distributed Cloud Bot Defense
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
OnapsisF5 Distributed Cloud Bot Defense
Considered Both Products
Onapsis
Chose Onapsis
Onapsis reduces risk and protects critical operations which protect the applications powering business by continuously monitoring for vulnerabilities and prioritizing remediation based on risk assessment. Onapsis is also a great tool as it implements continuous compliance. It …
Chose Onapsis
Honestly, I havent use something like Onapsis before and currently I am not aware if there is something similiar out there. They are one of a kind and is a complete suit, so is unlikelly that someone from outside will appear with a better solution.
F5 Distributed Cloud Bot Defense
Chose F5 Distributed Cloud Bot Defense
Siendo una Telco, google recaptcha no permita a nuestro usuarios la navegación gratuita

Being a Telco, Google recaptcha does not allow our users to browse for free.
Chose F5 Distributed Cloud Bot Defense
To mitigate security issues and make application more available
Chose F5 Distributed Cloud Bot Defense
NGINX and F5 BIG-IP
Chose F5 Distributed Cloud Bot Defense
Akamai Bot Manager
Chose F5 Distributed Cloud Bot Defense
Bot Defense
Chose F5 Distributed Cloud Bot Defense
F5 Distributed Cloud Bot Defense provides strong protection against automated threats, but there are always opportunities for enhancement.
Chose F5 Distributed Cloud Bot Defense
Friendly Captcha – Too slow, no support for mobile apps, can be bypassed with automation.reCAPTCHA – Not GDPR-compliant, no support for mobile apps.
Chose F5 Distributed Cloud Bot Defense
Akamai Bot Manager, Cloudflare and HUMAN Bot Defender
Chose F5 Distributed Cloud Bot Defense
Leaps and bounds ahead of the game from competitors
Chose F5 Distributed Cloud Bot Defense
We have tried a whole bunch of solutions before we got Shape bot defense solution. But non of them worked for us the way F5 Shape solution worked
Chose F5 Distributed Cloud Bot Defense
No other product have been used so far.
Chose F5 Distributed Cloud Bot Defense
We had already been using Cloudflare as our CDN, so it was a natural first choice. We however passed because it didn't offer deep behavior analytics. We ran simulations with scripted bots mimicking human cursor movements and variable delays. It missed about 30% of them. That …
Chose F5 Distributed Cloud Bot Defense
AWS Waf is limited to apps hosted entirely on AWS.
Chose F5 Distributed Cloud Bot Defense
Clodflare bot management was our other obvious option for us. We tested it on a staging version of our RFQ platform. It was great for broad traffic filtering but had a hard time with nuanced differences between real subcontractors and low volume bots mimickingt human input …
Best Alternatives
OnapsisF5 Distributed Cloud Bot Defense
Small Businesses
GitLab
GitLab
Score 8.7 out of 10
GitLab
GitLab
Score 8.7 out of 10
Medium-sized Companies
Veracode
Veracode
Score 8.7 out of 10
Veracode
Veracode
Score 8.7 out of 10
Enterprises
Veracode
Veracode
Score 8.7 out of 10
Veracode
Veracode
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
OnapsisF5 Distributed Cloud Bot Defense
Likelihood to Recommend
9.0
(0 ratings)
8.7
(0 ratings)
Support Rating
-
(0 ratings)
8.5
(0 ratings)
Implementation Rating
-
(0 ratings)
8.2
(0 ratings)
User Testimonials
OnapsisF5 Distributed Cloud Bot Defense
Likelihood to Recommend
As a user, I would recommend Onapsis for people who are shorthanded in security or basis teams. One thing to be clear is that this is not a cheap product but still every penny counts here. If your SAP system has multiple products and connections then Onapsis is a great tool.
Read full review
I'd strongly recommend it, but with a few caveats depending on how mature the team is with behavioral based security tools. One of our fintech clients was getting hit with low volume, widely spread login attempts, below our rate limiting thresholds. F5 Distributed Cloud Bot Defense was able to flag abnormal input timings, inconsistent device fingerprinting and high entropy in field population behavior. You can only imagine the wave of downstream account lockouts this saved the client. On the other end we had a client with a real time trading platform using Graphql over websockets. F5 Distributed Cloud Bot Defense wasn't able to tap into that stream natively. we had to reverse engineer a proxy layer to inspect events. It worked but it was clunky and not officially supported
Read full review
Pros
  • Eliminating the manual process improves the overall accuracy of results and also frees up valuable resources to focus on other different projects.
  • Onapsis provides great leverage to our technical teams in order to review in a standardized way of the landscape.
  • Onapsis always matches vulnerabilities with useful context and finds possible solutions.
  • Onapsis is usually implemented to continuously monitor, and alert us on any issues on the SAP systems. Not only this but implementing Onapsis also eliminates the network on the year-end and month-end audits and helps in making the overall process faster, smooth, efficient as well as accurate.
Read full review
  • Regularly analyze traffic patterns and bot activity. Use the insights provided by the platform to refine rules and policies.
  • Configure rules to specify acceptable behavior for user interactions and alter sensitivity levels as appropriate to reduce false positives.
  • Integrate F5 Bot Defense into our existing security stack, which may include WAFs (Web Application Firewalls) and SIEM (Security Information and Event Management) solutions.
Read full review
Cons
  • Multiple UIs
  • No proper customization of UI log-off
  • Tedious setup of Control component
  • No proper error messages received
Read full review
  • On a technical side, we've had a lot of deployment issues. This is not a one-sprint solution.
  • We ran into undocumented failure modes and had to rely on L2 and L3 customer support, delaying troubleshooting significantly [in our experience].
  • Accurate log ingestion is a larger challenge than one would want in a security tool.
Read full review
Likelihood to Renew
No answers on this topic
We are more likely than not, to renew it. It saved us from a really huge data breach 4 months ago. It has earned its shower so far
Read full review
Support Rating
No answers on this topic
Official support can sometimes take time to reach the right people. However, once you are in contact with the appropriate experts, the support is excellent, as F5 staff are true specialists. On the other hand, we always receive prompt assistance from our local sales team, who typically help us connect with the right people quickly.
Read full review
Implementation Rating
No answers on this topic
Implementation of Distributed Cloud is accomplished a few different ways, it would pay to meet with the F5 team and map out your implementation prior to acquisition to make sure you Infrastructure and Operations teams are aligned to the approach and requirements.
Read full review
Alternatives Considered
There are other tools which we have compared with Onapsis,
  1. SAP ETD
  2. SAP CVA
  3. SecurityBridge
These tools along with the highlighted ones in the above list do not cover all components of Onapsis and as far as we have seen, there is no tool providing the same competencies. It provides good insights, and is constantly updating. On top of that Onapsis Research Labs constantly contributes towards SAP Patch Tuesday regarding multiple "Hot News" vulnerabilities.
Read full review
Clodflare bot management was our other obvious option for us. We tested it on a staging version of our RFQ platform. It was great for broad traffic filtering but had a hard time with nuanced differences between real subcontractors and low volume bots mimickingt human input whereas that's where F5 Distributed Cloud Bot Defense thrived
Read full review
Return on Investment
  • Helps in automating the regulatory compliances
  • Increases productivity by freeing resources in the firm
  • Provides better protection for sensitive information
  • Tedious to implement
  • Time difference between the ERP systems and Onapsis Appliances may cause an issue
  • Difficult to troubleshoot as error messages are not clear
Read full review
  • We experience large web/data scraping attack campaigns and F5 Distributed Cloud Bot Defense over the years has helped mitigate these for us and significantly reducing load off of our origin servers.
  • Also, we experience many large Credential Stuffing attacks and F5 Distributed Cloud Bot Defense helps us stop these attacks and protects our customers.
Read full review
ScreenShots