Quick Start Guide

Welcome to tCell!

tCell by Rapid7 is a next-gen cloud web application firewall (WAF) and runtime application self-protection (RASP) tool that gives you complete visibility into your application and provides defense in depth.

In this guide, we will walk through logging in, creating and starting an app, installing the server agent, viewing your dashboards, and performing sanity checks.

For guides on specific agents, check out the User Guides section of the help.

New to tCell?

You can sign up for tCell here.

Log in

When you sign up for tCell, you will receive a Rapid7 Insight account. Visit the Rapid7 Insight Platform at https://insight.rapid7.com and enter your credentials to access tCell. If you did not receive a login email, please contact Rapid7 Support.

Create Your First App

tCell monitors and protects your web applications. Creating an app within tCell enables it to know that all the data that is coming to it from the agents are all associated with a single app instance. You must create a new app for each unique application in your environment.

Create an App

  1. Click tCell Admin in the top toolbar to open the Admin panel.
  2. In the Admin panel, select the Applications tab, and click Add Application.
  3. In the Add Application window, enter a name, description, and tags. Tags help you easily identify and group your applications in the future.
  4. Click Add application.
  5. On the Admin > Applications page, ensure your app was created.

Application ID

Every app has a unique Application Id that is used throughout the system.

Copy App Configurations

After you create an app (source app), you can copy the configurations to another app (target app). If you want to customize what is copied, you can select specific feature modes and features to apply to the target app.

  1. Click tCell Admin to open the Admin panel.
  2. On the Copy Configs tab, select the app you want to copy in the Source App ID field.
  3. Select which configs to copy.
    • To copy all configs, select the Copy entire application configuration checkbox.
    • To copy only specific application configurations, clear the Copy entire application configuration checkbox and select the feature modes and features to copy.
  4. In the Target App field, select the app to which you want to copy the source app configs.
  5. Click Copy configs.

Install a Server Agent

An agent is a software application that integrates with your web application and web server code to monitor all incoming requests, and block malicious requests that can attack your application.

This quick start will assume that you have a Java application. To set up an agent in your server, go to Admin > Download Agent, select Java, and follow the instructions. Download Java Agent

Start your Application

You should now start your application, and you should be able to see some initial data go to the dashboard.

start your app

Dashboards

agent dashboard

Application Dashboard

The Application Dashboard lists your applications and the number of agents installed for each app.

In your tCell console, click Home in the sidebar to visit the application dashboard.

Agent Dashboard

The Agent Dashboard shows you the agent you have installed and the IP and host name of the system it's installed on.

  1. In the application dashboard, hover over the application for which you want to view agents.
  2. Click Agents Dashboard.

Sanity Checks

You can perform the following simple checks to see if things are working properly:

  • Check via the browser developer console or similar to see if there are CSP headers in the response body from the application.
  • Check via the browser developer console or similar to see if JSAgent is being loaded in page.
  • Check the tcell.log file in the tcell folder for recent activity. If you are testing with a Rails project, check to see if there are any recent writes to the ./tcell directory.