{"id":2037565,"date":"2024-11-25T10:30:49","date_gmt":"2024-11-25T15:30:49","guid":{"rendered":"https:\/\/www.legitsecurity.com\/blog\/reduce-risk-exposed-secrets"},"modified":"2024-11-25T10:30:49","modified_gmt":"2024-11-25T15:30:49","slug":"how-to-reduce-risk-from-exposed-secrets","status":"publish","type":"post","link":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/","title":{"rendered":"How to Reduce Risk From Exposed Secrets"},"content":{"rendered":"<p><span style=\"font-style: italic;\">Understand how secrets end up exposed, and how to prevent this risk.&nbsp;<\/span><\/p>\n<p><span>Secrets are extremely pervasive in software development environments, and their exposure is one of the most common risks unearthed by the Legit platform. This is troubling because secrets are often the first foothold that attackers leverage to mount much larger attacks.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span>The types of exposed secrets we find most often include:&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<ul>\n<li><span>Cloud keys (AWS\/GCP)&nbsp;<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li><span>GitHub personal access tokens and CI\/CD server keys (Jenkins, ADO)&nbsp;<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li><span>PII, such as Social Security and credit card numbers&nbsp;<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<p><span>And exposed secrets are not just a hypothetical risk. In a recent survey of 350 IT and cybersecurity professionals and application developers, TechTarget\u2019s Enterprise Strategy Group (ESG) found that the top cybersecurity incident (related to internally developed cloud-native apps) experienced by survey respondents in the previous 12 months was secrets stolen from a source code repository.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<h2><strong><span>Where do we find exposed secrets?&nbsp;<\/span><\/strong><\/h2>\n<p><span>We regularly find exposed secrets in source code, which can be accessed by any user with access to the repository.&nbsp;<\/span><span>&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span>But increasingly, we are finding exposed secrets in many other places as well \u2014 like yaml files, build logs, containers, bash scripts, artifacts, Jira, Confluence, Slack, and more.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<h2><strong><span>Why is secrets exposure pervasive? &nbsp; &nbsp;<\/span><\/strong><span>&nbsp;<\/span><span>&nbsp;<\/span><\/h2>\n<p><span>Secrets sprawl has become a significant issue in modern development, largely due to the increasing complexity of tools and integrations required to build and run applications. Modern apps depend on hundreds of secrets\u2014such as API keys, third-party tokens, and cloud credentials\u2014to function effectively.<\/span><span>&nbsp;<\/span><\/p>\n<p><span>At the same time, developers face pressure to innovate and deliver code quickly, often resorting to shortcuts to save time. One common shortcut is embedding secrets directly into code during development to streamline testing and quality assurance (QA).<\/span><span>&nbsp;<\/span><\/p>\n<p><span>The problem arises when these secrets are unintentionally left exposed. For instance, a developer might use a key during testing and move the code into production without removing or replacing it. Whether it\u2019s due to oversight or convenience, this practice leaves secrets exposed, creating a continuously growing risk to the organization.<\/span><span>&nbsp;<\/span><\/p>\n<h3><span>Related attacks<\/span><\/h3>\n<p><span>A significant data breach at <\/span><a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2024\/04\/11\/compromise-sisense-customer-data\"><span>Sisense<\/span><\/a><span> was traced back to an accidental exposure of sensitive data via a GitLab repository. A hardcoded secret in the repository provided unauthorized users access to Sisense\u2019s cloud storage, leading to the compromise of vast amounts of customer data.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><a href=\"https:\/\/www.legitsecurity.com\/blog\/toyota-customer-data-leaked-due-to-software-supply-chain-attack\"><span>Toyota<\/span><\/a><span> announced a data breach caused by a subcontractor who accidentally published source code containing a hardcoded secret access key on a public GitHub repository. This exposed the personal data of nearly 300,000 customers, highlighting the risks associated with insufficient security practices around sensitive information management.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<h2><strong><span>What we recommend to prevent exposed secrets&nbsp;<\/span><\/strong><span>&nbsp;<\/span><\/h2>\n<p><span>&nbsp;<\/span><span>Focus first on SaaS services keys (e.g., AWS access keys), since if code is leaked, credentials to SaaS services are immediately usable if they are valid, whereas internal credentials require attackers to also have network connectivity.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span>Our recommended best practices include:&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: normal;\">Avoid committing secrets to any Git repository. Once in the Git history, remediation steps are lengthy:<\/span><span><\/span><\/p>\n<ul>\n<li><span>Avoid git add * commands.<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li><span>Name sensitive files in .gitignore.<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li><span>Don\u2019t rely on code reviews to discover secrets.<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li><span>Use automated secrets scanning on repositories.&nbsp;<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li><span>Use CLI or pre-hook commit tools when able to catch secrets before they get to your Git repository.&nbsp;<\/span><span>&nbsp;<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: normal;\">Change the source code to not rely on hard-coded secrets by using a password manager, environment variable, etc. Then revoke the sensitive data.&nbsp;&nbsp;<\/span><span><\/span><\/p>\n<p><span>Use encryption to store secrets within Git repositories.&nbsp;<\/span><span>&nbsp;<\/span><span><\/span><\/p>\n<p><span>Use local environment variables, when feasible.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span>Use secrets as a service solutions (e.g., Hashicorp Vault, CyberArk Conjure, etc.).&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span>Avoid secrets within build logs and sharing secrets via messaging services.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<p><span>Reduce AuthZ and Admin credentials to least privileged.&nbsp;<\/span><span>&nbsp;<\/span><\/p>\n<h2><strong><span>Understanding common SDLC risks\u202f<\/span><\/strong><span>&nbsp;<\/span><\/h2>\n<p><span>As development environments grow increasingly more complex, they introduce more risk, such as vulnerable code or misconfigurations of build tools. Managing secrets effectively becomes critical in safeguarding your organization against potential threats.\u202f\u202f<\/span><span>&nbsp;<\/span><\/p>\n<p><span>Get our new guide on\u202f<\/span><a href=\"https:\/\/info.legitsecurity.com\/the-top-6-unknown-sdlc-risks-legit-uncovers\"><span>the top unknown SDLC risks we uncover<\/span><\/a><span>\u202fto get a sense of the risks that might be lurking in your development environment, and how to address them.\u202f<\/span><span>&nbsp;<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss\" alt=\"\" width=\"1\" height=\"1\" style=\"min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; \"><\/p>\n\n<p class=\"syndicated-attribution\">*** This is a Security Bloggers Network syndicated blog from <a href=\"https:\/\/www.legitsecurity.com\/blog\">Legit Security Blog<\/a> authored by <a href=\"https:\/\/securityboulevard.com\/author\/0\/\" title=\"Read other posts by Amanda Alvarez\">Amanda Alvarez<\/a>. Read the original post at: <a href=\"https:\/\/www.legitsecurity.com\/blog\/reduce-risk-exposed-secrets\">https:\/\/www.legitsecurity.com\/blog\/reduce-risk-exposed-secrets<\/a> <\/p>","protected":false},"excerpt":{"rendered":"<div class=\"hs-featured-image-wrapper\">\n <a href=\"https:\/\/www.legitsecurity.com\/blog\/reduce-risk-exposed-secrets\" title=\"\" class=\"hs-featured-image-link\"> <img decoding=\"async\" src=\"https:\/\/www.legitsecurity.com\/hubfs\/Blog%20Thumbnail-7.png\" alt=\"How to Reduce Risk From Exposed Secrets\" class=\"hs-featured-image\"> <\/a>\n<\/div>\n<p><span>Understand how secrets end up exposed, and how to prevent this risk.\u00a0<\/span><\/p>\n","protected":false},"author":21501,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20982,21132,5],"tags":[12407,9868,13987,10747,96141],"class_list":["post-2037565","post","type-post","status-publish","format-standard","hentry","category-ciso-suite","category-devops","category-sbn","tag-appsec","tag-best-practices","tag-ciso","tag-devops","tag-explainers"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.9 (Yoast SEO v23.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Reduce Risk From Exposed Secrets - Security Boulevard<\/title>\n<meta name=\"description\" content=\"Understand how secrets end up exposed, and how to prevent this risk.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Reduce Risk From Exposed Secrets\" \/>\n<meta property=\"og:description\" content=\"Understand how secrets end up exposed, and how to prevent this risk.\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Boulevard\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/groups\/24445075146\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-25T15:30:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss\" \/>\n<meta name=\"author\" content=\"Amanda Alvarez\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@securityblvd\" \/>\n<meta name=\"twitter:site\" content=\"@securityblvd\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/\",\"url\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/\",\"name\":\"How to Reduce Risk From Exposed Secrets - Security Boulevard\",\"isPartOf\":{\"@id\":\"https:\/\/securityboulevard.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss\",\"datePublished\":\"2024-11-25T15:30:49+00:00\",\"dateModified\":\"2024-11-25T15:30:49+00:00\",\"author\":{\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/dc93ef0d5f2ad338964ba3e1f8998f46\"},\"description\":\"Understand how secrets end up exposed, and how to prevent this risk.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#primaryimage\",\"url\":\"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss\",\"contentUrl\":\"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityboulevard.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Editorial Calendar\",\"item\":\"https:\/\/securityboulevard.com\/category\/editorial-calendar\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"AppSec\",\"item\":\"https:\/\/securityboulevard.com\/category\/editorial-calendar\/appsec\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"How to Reduce Risk From Exposed Secrets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityboulevard.com\/#website\",\"url\":\"https:\/\/securityboulevard.com\/\",\"name\":\"Security Boulevard\",\"description\":\"The Home of the Security Bloggers Network\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityboulevard.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/dc93ef0d5f2ad338964ba3e1f8998f46\",\"name\":\"Amanda Alvarez\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e2a982e20c818ccb44bec24b9e8fafd8?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e2a982e20c818ccb44bec24b9e8fafd8?s=96&d=mm&r=g\",\"caption\":\"Amanda Alvarez\"},\"sameAs\":[\"https:\/\/www.legitsecurity.com\/blog\"],\"url\":\"https:\/\/securityboulevard.com\/author\/amanda-alvarez\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Reduce Risk From Exposed Secrets - Security Boulevard","description":"Understand how secrets end up exposed, and how to prevent this risk.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/","og_locale":"en_US","og_type":"article","og_title":"How to Reduce Risk From Exposed Secrets","og_description":"Understand how secrets end up exposed, and how to prevent this risk.\u00a0","og_url":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/","og_site_name":"Security Boulevard","article_publisher":"https:\/\/www.facebook.com\/groups\/24445075146\/","article_published_time":"2024-11-25T15:30:49+00:00","og_image":[{"url":"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss"}],"author":"Amanda Alvarez","twitter_card":"summary_large_image","twitter_creator":"@securityblvd","twitter_site":"@securityblvd","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/","url":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/","name":"How to Reduce Risk From Exposed Secrets - Security Boulevard","isPartOf":{"@id":"https:\/\/securityboulevard.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#primaryimage"},"image":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#primaryimage"},"thumbnailUrl":"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss","datePublished":"2024-11-25T15:30:49+00:00","dateModified":"2024-11-25T15:30:49+00:00","author":{"@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/dc93ef0d5f2ad338964ba3e1f8998f46"},"description":"Understand how secrets end up exposed, and how to prevent this risk.\u00a0","breadcrumb":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#primaryimage","url":"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss","contentUrl":"https:\/\/track.hubspot.com\/__ptq.gif?a=20956152&amp;k=14&amp;r=https%3A%2F%2Fwww.legitsecurity.com%2Fblog%2Freduce-risk-exposed-secrets&amp;bu=https%253A%252F%252Fwww.legitsecurity.com%252Fblog&amp;bvt=rss"},{"@type":"BreadcrumbList","@id":"https:\/\/securityboulevard.com\/2024\/11\/how-to-reduce-risk-from-exposed-secrets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityboulevard.com\/"},{"@type":"ListItem","position":2,"name":"Editorial Calendar","item":"https:\/\/securityboulevard.com\/category\/editorial-calendar\/"},{"@type":"ListItem","position":3,"name":"AppSec","item":"https:\/\/securityboulevard.com\/category\/editorial-calendar\/appsec\/"},{"@type":"ListItem","position":4,"name":"How to Reduce Risk From Exposed Secrets"}]},{"@type":"WebSite","@id":"https:\/\/securityboulevard.com\/#website","url":"https:\/\/securityboulevard.com\/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityboulevard.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/dc93ef0d5f2ad338964ba3e1f8998f46","name":"Amanda Alvarez","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e2a982e20c818ccb44bec24b9e8fafd8?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e2a982e20c818ccb44bec24b9e8fafd8?s=96&d=mm&r=g","caption":"Amanda Alvarez"},"sameAs":["https:\/\/www.legitsecurity.com\/blog"],"url":"https:\/\/securityboulevard.com\/author\/amanda-alvarez\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p91vu9-8y3X","_links":{"self":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/users\/21501"}],"replies":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/comments?post=2037565"}],"version-history":[{"count":1,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037565\/revisions"}],"predecessor-version":[{"id":2037566,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037565\/revisions\/2037566"}],"wp:attachment":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media?parent=2037565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/categories?post=2037565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/tags?post=2037565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}