Quick Start Guide

Welcome to tCell!

tCell by Rapid7 is a next-gen cloud web application firewall (WAF) and runtime application self-protection (RASP) tool that gives you complete visibility into your application and provides in-depth defense.

Protect your deployment with tCell

tCell workflow

Top benefits of tCell

  • Real Time Application Monitoring dramatically reduces the number of false positives, alerts you when malicious activity is suspected, and allows a real-time view of events. tCell alerts you about the risks your applications are facing, what attacks are active, and most importantly whether breaches require action or are actively being blocked.
  • Self Protection Without Intervention allows you to automatically identify and block attacks at every application level with agents. tCell allows your applications to defend themselves from OWASP Top Ten attacks, zero-day attacks, and more so your team can focus on building better infrastructures and more secure applications
  • Security and Remediation at the Speed of DevOps is possible by tCell simplifying the security process by removing the lag between security and DevOps to help your team build the foundation for a true DevSecOps organization. tCell’s analytics aggregate millions of data points from your servers, web browsers, and external threat intelligence sources to give you clear, actionable information in one simple step.

Getting to know the tCell UI

HomeWhen you log in to tCell, you'll see apps, their agents, and the newsfeed.

For more information, see Newsfeed and Alerts.
tCell home
Admin menuAll users can view the admin menu, but role-based access determines which actions are available.

For more information, see Users and Access.
tCell admin menu
Application dashboardThe Application Dashboard lists your applications and the number of agents installed for each app.

To view the full application dashboard, click Home and select an app from the home page.
App dashboard
AgentsAn agent is a software application that integrates with your web application and web server code to monitor all incoming requests, and block malicious requests that can attack your application.

For guides on specific agents, check out the User Guides section of the help.
Download Java Agent
Agent dashboardThe Agent Dashboard shows you the agent you have installed and the IP and host name of the system it's installed on.

  1. In the application dashboard, hover over the application for which you want to view agents.
  2. Click Agents Dashboard.
agent dashboard

New to tCell?

You can sign up for tCell here.

Getting started and creating an app

Quick start install and configure workflow

Install and configure

Admins responsible for installing and configuring tCell must do the following before users can interact with tCell.

  1. Obtain access to tCell from the Rapid7 Insight Cloud.
  2. Add Rapid7 IPs to the allowlist.
  3. Configure user access.

Log in

When you sign up for tCell, you will receive a Rapid7 Insight account. Visit the Rapid7 Insight Platform at https://insight.rapid7.com and enter your credentials to access tCell. If you did not receive a login email, please contact Rapid7 Support.

Create Your First App

tCell monitors and protects your web applications. Creating an app within tCell enables it to know that all the data that is coming to it from the agents are all associated with a single app instance. You must create a new app for each unique application in your environment.

  1. Click tCell Admin in the top toolbar to open the Admin panel.
  2. In the Admin panel, select the Applications tab, and click Add Application.
  3. In the Add Application window, enter a name, description, and tags. Tags help you easily identify and group your applications in the future.
  4. Click Add application.
  5. On the Admin > Applications page, ensure your app was created.

Application ID

Every app has a unique application ID that is used throughout the system. When you copy configurations to another app, the new app will have a different application ID.

Install an Agent

An agent is a software application that integrates with your web application and web server code to monitor all incoming requests, and block malicious requests that can attack your application. tCell integrates with the following agents to meet your needs:

Start your Application

Start your app to collect data.

Verify tCell is collecting data

You can perform the following simple checks to see if things are working properly:

  • Check via the browser developer console or similar to see if there are CSP headers in the response body from the application.
  • Check via the browser developer console or similar to see if JSAgent is being loaded in page.
  • Check the tcell.log file in the tCell folder for recent activity. If you are testing with a Rails project, check to see if there are any recent writes to the ./tcell directory.

Optimize your deployment

tCell offers many features and options that you can enable and configure.

quick start for optimizing your deployment

Set up alerts

You can configure the alert types and notifications provided by tCell to deliver the right information to the right people at the right time.

Integrate with other tools

Integrating with tools that you already use can help streamline your workflow. tCell integrates with SIEM, ticketing, and other tools.

Review newsfeed and alerts

By default, all features are monitored and you can view the activity in the Newsfeed and Alerts. Based on the data from the Newsfeed and Alerts, you can configure additional options to better protect your apps.

Configure additional options

You can further refine your scans and configure additional options to protect your apps.