{"id":11853,"date":"2019-04-18T11:41:38","date_gmt":"2019-04-18T10:41:38","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=11853"},"modified":"2020-01-02T11:23:09","modified_gmt":"2020-01-02T10:23:09","slug":"new-tools-soc-33","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/","title":{"rendered":"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3)"},"content":{"rendered":"

After the first article which covered “Extending the scope of detection to new perimeters<\/em>\u201d (see here<\/a>), and the second, dedicated to \u201cEnhancing detection through new approaches\u201d<\/em> (available here<\/a>)… this is the conclusion to this (epic!) saga. This last installment will cover the last two strategic areas.<\/p>\n

 <\/p>\n

Improving knowledge of threats and attackers<\/h2>\n

Cyber-threat intelligence (CTI) platforms<\/h3>\n

Cyber-Threat Intelligence (CTI or Threat Intel) is a discipline that brings together the collection, consolidation, and exploitation of all information on cyber-threats<\/strong>. \u201cKnow your enemy” says Sun Tzu in the Art of War. Although this quote refers to “physical” wars, the principle remains true, and is probably even more true when it comes to “cyber” battles.<\/p>\n

Today, a large number of security approaches rely on knowledge of attacks<\/strong>: the signature-based approach of antivirus and IDS solutions, targeted detection scenarios, etc. Even though this trend is reversing (in particular with the detection of anomalies) the vast majority of security products still rely\u2014and will continue to rely\u2014on the principles of Threat Intelligence<\/strong>.<\/p>\n

With companies\u2019 needs becoming more specific, and attackers ever more specialized, Threat Intel solutions are becoming increasingly popular, with services being offered directly to companies. In addition to commercial offerings, more and more exchange platforms and partnerships are enabling direct collaboration with other companies (in the same sector or geographical area, etc.).<\/p>\n

Threat Intel offers a range of services. On the one hand, \u2018strategic\u2019 Threat Intel <\/strong>helps an SOC better understand the context and specific threats to the company.<\/strong>\u00a0To do this, the risks from various ecosystems are studied: geographical, political, ideological, sectoral, etc. This information enables security teams to better understand the threats they face and guides their decisions to define “long-term” strategy<\/strong> (solutions to be deployed, etc.).<\/p>\n

On the other hand, \u2018tactical\u2019 Threat Intel<\/strong> provides more precise information on attackers’ methods, allowing the SOC to facilitate detection and tailor existing measures: new threat scenarios to monitor, ports to block, etc.<\/p>\n

In addition to these approaches, \u2018technical\u2019 Threat Intel<\/strong> contributes greatly to the analysis of security events<\/strong> by providing, on request (from SOAR in particular\u2014see below), elements that enable the veracity of an alert to be judged: an IP belonging to a botnet, a file hash corresponding to a known virus, etc.<\/p>\n

Threat Intelligence approaches are therefore among an SOC\u2019s most versatile tools, enabling it to make the most of existing devices, by remaining up to date and prioritizing the threats to be detected, as well as identifying future tools and measures to be deployed.<\/p>\n

Examples of Threat Intelligence publishers:<\/u><\/strong><\/p>\n

\"\"<\/figure>\n

 <\/p>\n

The standardization and automation of the response process<\/h2>\n

Security Orchestration, Automation and Response<\/h3>\n

Security Orchestration, Automation and Response (SOAR) is derived from the combination of three SOC tools: Security Incident Response Platforms (SIRPs<\/strong>\u2014more details here),<\/a> Security Orchestration Automation<\/strong> (SOA\u2014<\/strong> orchestration and automation solutions) and some of the functionality of Threat Intelligence<\/strong> platforms. In summary, these are platforms that provide help and automate responses<\/strong> to security incidents. The solutions are similar to traditional ticketing tools (ITSMs) but include functionalities specific to cybersecurity issues. SOARs offer three main capabilities, each linked to one of the three types of tools from which they are derived.<\/p>\n

First, like SIRPs, they allow the definition of response processes<\/strong> that are tailored to each security event. These are based on pre-defined playbooks provided by the publisher,<\/strong> published by the community<\/strong> using the solution, or created manually<\/strong> to better tailor things to the needs of the business. In particular, this task requires response teams to establish a clearly defined process that encourages them to ask themselves the right questions when they create response procedures, as well as to capitalize on and retain the knowledge gained.<\/p>\n

The benefits of a SOAR, however, come more from the automation of the various stages that follow detection. During the analysis phase, the tool will automatically<\/strong> enrich knowledge about a security event by<\/strong> retrieving contextual information about the IS<\/strong> (identity in the AD, criticality of a resource, etc.), and querying external Threat Intelligence services<\/strong> (via<\/em> APIs) or those that are offered as part of the solution. In addition to automating the enrichment and analysis steps, SOARs also facilitate the work of analysts: <\/strong>\u00a0the investigation of terminals, the interrogation of VirusTotal etc. in one click\u2014when their involvement is required.<\/p>\n

But automation doesn\u2019t stop there! Although controversial, the automation of the response<\/strong> (via the connection to security equipment, a legacy of SOA) can represent an important gain for security teams: the blocking of a URL, the generation of the signature of a file and its propagation to antivirus tools, the blacklisting of an IP, etc.<\/p>\n

The goal of SOARs is clear: to make it easier for the teams in charge of analysis and response, by helping them to define processes and automate tasks to the greatest extent possible. Although SOARs are very adaptable and can therefore help in response to any type of attack, they really shine when it comes to automating the treatment of common attacks<\/strong> (such as ransomware, phishing, etc.), which are very repetitive and tie up the resources of response teams.<\/p>\n

Once these tasks have been automated, the security teams responsible for responding can focus on more complex alerts<\/strong>, where their knowledge adds real value.<\/p>\n

Provided they are prepared to put in the initial effort (the formalization of processes, etc.), the likely reactivity and load gains<\/strong> are significant. SOARs will change the way SOC teams work, especially with respect to top-level analysts. Even though these solutions are still rarely deployed in France, they are set to become an essential tool for SOCs in the coming years.<\/p>\n

Examples of SOAR publishers:<\/u><\/strong><\/p>\n

\"\"<\/p>\n

 <\/p>\n

\n
\"\"<\/figure>\n<\/figure>\n

 <\/p>\n

Even though tools are only part of equipping an SOC, each of these solutions has distinct advantages that can help detection teams keep up to date in terms of the evolution of ISs and threats.<\/em><\/p>\n

All the tools are promising, and some are coming to maturity. However, it\u2019s important to keep in mind that current toolkits already raise a raft of alerts, which presents a challenge when it comes to processing. It\u2019s therefore advisable to complete the deployment and automation of what exists (using SOARs, for example), before turning toward new solutions.<\/em><\/p>\n

And, as for any innovative product, a cool head is needed: the deployment of a new solution must be the result of well-defined needs.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

After the first article which covered “Extending the scope of detection to new perimeters\u201d (see here), and the second, dedicated to \u201cEnhancing detection through new approaches\u201d (available here)… this is the conclusion to this (epic!) saga. This last installment will…<\/p>\n","protected":false},"author":1297,"featured_media":11410,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3273],"tags":[3125,3128,3131,3127,3132,3120],"coauthors":[2886],"class_list":["post-11853","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response-en","tag-innovation-en","tag-machine-learning-en","tag-soar-en","tag-supervision-en","tag-threat-intelligence-en","tag-tool"],"acf":[],"yoast_head":"\nSOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3) - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3) - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"After the first article which covered “Extending the scope of detection to new perimeters\u201d (see here), and the second, dedicated to \u201cEnhancing detection through new approaches\u201d (available here)… this is the conclusion to this (epic!) saga. This last installment will...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-18T10:41:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-02T10:23:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1780\" \/>\n\t<meta property=\"og:image:height\" content=\"1068\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Amaury Coulomban\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Amaury Coulomban\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\"},\"author\":{\"name\":\"Amaury Coulomban\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/7a79197b594ac11df87325cd14be6eef\"},\"headline\":\"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3)\",\"datePublished\":\"2019-04-18T10:41:38+00:00\",\"dateModified\":\"2020-01-02T10:23:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\"},\"wordCount\":1068,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg\",\"keywords\":[\"innovation\",\"Machine learning\",\"SOAR\",\"supervision\",\"Threat intelligence\",\"tool\"],\"articleSection\":[\"Cybersecurity & Digital Trust\",\"Ethical Hacking & Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\",\"name\":\"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3) - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg\",\"datePublished\":\"2019-04-18T10:41:38+00:00\",\"dateModified\":\"2020-01-02T10:23:09+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg\",\"width\":1780,\"height\":1068},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/7a79197b594ac11df87325cd14be6eef\",\"name\":\"Amaury Coulomban\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/amaury-coulomban\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3) - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/","og_locale":"en_US","og_type":"article","og_title":"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3) - RiskInsight","og_description":"After the first article which covered “Extending the scope of detection to new perimeters\u201d (see here), and the second, dedicated to \u201cEnhancing detection through new approaches\u201d (available here)… this is the conclusion to this (epic!) saga. This last installment will...","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/","og_site_name":"RiskInsight","article_published_time":"2019-04-18T10:41:38+00:00","article_modified_time":"2020-01-02T10:23:09+00:00","og_image":[{"width":1780,"height":1068,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"Amaury Coulomban","twitter_misc":{"Written by":"Amaury Coulomban","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/"},"author":{"name":"Amaury Coulomban","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/7a79197b594ac11df87325cd14be6eef"},"headline":"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3)","datePublished":"2019-04-18T10:41:38+00:00","dateModified":"2020-01-02T10:23:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/"},"wordCount":1068,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg","keywords":["innovation","Machine learning","SOAR","supervision","Threat intelligence","tool"],"articleSection":["Cybersecurity & Digital Trust","Ethical Hacking & Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/","name":"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3) - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg","datePublished":"2019-04-18T10:41:38+00:00","dateModified":"2020-01-02T10:23:09+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2018\/11\/Fotolia_72601618_Subscription_Monthly_M.jpg","width":1780,"height":1068},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2019\/04\/new-tools-soc-33\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"SOAR, UEBA, CASB, EDR and others: which tools do you need for you SOC? (3\/3)"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/7a79197b594ac11df87325cd14be6eef","name":"Amaury Coulomban","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/amaury-coulomban\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/11853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1297"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=11853"}],"version-history":[{"count":4,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/11853\/revisions"}],"predecessor-version":[{"id":11867,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/11853\/revisions\/11867"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/11410"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=11853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=11853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=11853"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=11853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}