TCell by Rapid7 is a next-gen cloud web application firewall (WAF) and runtime application self-protection (RASP) tool that gives you complete visibility into your application and provide defense in depth.
You can sign up for tCell here.
When you sign up for
Visit the Rapid7 Insight Platform at https://insight.rapid7.com and enter your credentials to access
To create an application, click on the tCell Admin button in the top toolbar to launch the "Admin" panel. In the Admin panel, select the first tab called "Applications" and click the Add Application button. The "Add Application" window will appear. Enter a name for your application, and optionally enter a description and tag to easily identify and group your applications in the future. Click the Add application button.
After you have created your app, you should see it in the table on the Admin > Applications screen. Note that every app has a unique "Application Id" that is used throughout the system.
An agent is a software application that integrates with your web application and web server code to monitor all incoming requests, and block malicious requests that can attack your application.
This quick start will assume that you have a Java application. To set up an agent in your server, go to Admin > Download Agent , select Java, and follow the instructions.
You should now start your application, and you should be able to see some initial data go to the
Hover over the button to reveal a link for the Agents Dashboard. Click the Agents Dashboard link to open the "Server Agents" dashboard. You should see the one agent you have installed, displaying the IP and host name of the system it's installed on.
Some simple checks can be performed to see if things are not working properly:
- Check via the browser developer console or similar to see if there are CSP headers in the response body from the application.
- Check via the browser developer console or similar to see if JSAgent is being loaded in page.
- Check the
tcell.logfile in the tcell folder for recent activity. If you are testing with a Rails project, check to see if there are any recent writes to the ./tcell directory.