{"id":28105,"date":"2017-11-21T13:12:06","date_gmt":"2017-11-21T18:12:06","guid":{"rendered":"https:\/\/sdtimes.com\/?p=28105"},"modified":"2017-11-21T13:12:06","modified_gmt":"2017-11-21T18:12:06","slug":"owasp-releases-top-10-2017-security-risks","status":"publish","type":"post","link":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/","title":{"rendered":"OWASP releases the Top 10 2017 security risks"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The Open Web Application Security Project (OWASP) officially released its Top 10 most critical web application security risks. This is the first time the organization has updated the Top 10 since 2013. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cChange has accelerated over the last four years, and the OWASP Top 10 needed to change. We&#8217;ve completely refactored the OWASP Top 10, revamped the methodology, utilized a new data call process, worked with the community, re-ordered our risks, rewritten each risk from the ground up, and added references to frameworks and languages that are now commonly used,\u201d the OWASP <\/span><a href=\"https:\/\/www.owasp.org\/images\/7\/72\/OWASP_Top_10-2017_%28en%29.pdf.pdf\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">wrote<\/span><\/a><span style=\"font-weight: 400;\"> in the Top 10 2017.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">According to the OWASP, some significant changes over the past couple of years that resulted in an update to the Top 10 include microservices, single page apps, and the dominance of JavaScript as a primary language on the web. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Top 10 now consists of:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Injection<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Broker Authentication<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Sensitive Data Exposure<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">XML External Entities (XXE)<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Broken Access Control<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Security Misconfiguration <\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Cross-Site Script (XSS)<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Insecure Deserialization<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Using Components with Known Vulnerabilities<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Insufficient Logging and Monitoring<\/span><span style=\"font-weight: 400;\"><br \/>\n<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">XXE, insecure deserialization and insufficient logging and monitoring are new to the Top 10. Broken access control is a combination of 2013\u2019s insecure direct object references and missing function level access control. In addition, the OWASP has removed unvalidated redirects and forwards, and cross-site request forgery from the Top 10. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cWhy have CSRF and unvalidated redirects and forwards been removed? It&#8217;s time to move on. The data for these is no longer strong enough to warrant inclusion, especially when we only have 8 data supported spots with our new methodology, and these two items didn&#8217;t rank in the community survey. This is actually a sign of success; the fact that CSRF is finally going away is a sign that the OWASP Top 10 has been successful at its mission,\u201d the OWASP wrote in a <\/span><a href=\"https:\/\/owasp.blogspot.com\/2017\/11\/owasp-is-pleased-to-announce-release-of.html\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">blog post<\/span><\/a><span style=\"font-weight: 400;\">. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">The community survey, which received more than 500 responses, did agree on the inclusion insecure deserialization and insufficient logging and monitoring, according to the OWASP. \u201cThese two items were obviously top of mind for many this year considering the era of the mega breach is not slowing down,\u201d the OWASP wrote. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">According to the OWASP, insecure deserialization leads to remote code execution, and insufficient logging and monitoring coupled with missing or weak integration results in hackers being able to attack systems and maintain persistence. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">XXE is a new category supported by data. \u201cMany older or poorly configured XML processors evaluate external entity references within XML documents. External entities can be used to disclose internal files using the file URI handler, internal file shares, internal port scanning, remote code execution, and denial of service attacks,\u201d the OWASP wrote. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">To defend against the Top 10, the OWASP believes developers need to establish and use repeatable processes and security controls, security testers need to establish continuous application security testing, application managers need to take charge of the full application lifecycle from an IT perspective, and the organization as a whole needs to have an application security program in place. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cA great deal of feedback was received during the creation of the OWASP Top 10 &#8211; 2017, more than for any other equivalent OWASP effort. This shows how much passion the community has for the OWASP Top 10, and thus how critical it is for OWASP to get the Top 10 right for the majority of use cases,\u201d the OWASP wrote.<\/span><\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>The Open Web Application Security Project (OWASP) officially released its Top 10 most critical web application security risks. This is the first time the organization has updated the Top 10 since 2013. \u201cChange has accelerated over the last four years, and the OWASP Top 10 needed to change. We&#8217;ve completely refactored the OWASP Top 10,  &hellip; <a class=\"read-more\" href=\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\">continue reading<\/a><!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":490,"featured_media":28106,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"cybocfi_hide_featured_image":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[1],"tags":[1676,3803,1636,3244,12335],"coauthors":[11614],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>OWASP releases the Top 10 2017 security risks - SD Times<\/title>\n<meta name=\"description\" content=\"OWASP adds XXE, insecure deserialization and insufficient logging and monitoring to the Top 10 web app security risks\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OWASP releases the Top 10 2017 security risks - SD Times\" \/>\n<meta property=\"og:description\" content=\"OWASP adds XXE, insecure deserialization and insufficient logging and monitoring to the Top 10 web app security risks\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\" \/>\n<meta property=\"og:site_name\" content=\"SD Times\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SDTimesD2\" \/>\n<meta property=\"article:published_time\" content=\"2017-11-21T18:12:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png\" \/>\n\t<meta property=\"og:image:width\" content=\"311\" \/>\n\t<meta property=\"og:image:height\" content=\"320\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christina Cardoza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@chriscatdoza\" \/>\n<meta name=\"twitter:site\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christina Cardoza\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\"},\"author\":{\"name\":\"Christina Cardoza\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972\"},\"headline\":\"OWASP releases the Top 10 2017 security risks\",\"datePublished\":\"2017-11-21T18:12:06+00:00\",\"dateModified\":\"2017-11-21T18:12:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\"},\"wordCount\":552,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png\",\"keywords\":[\"app development\",\"Open Web Application Security Project\",\"OWASP\",\"software security\",\"Top 10\"],\"articleSection\":[\"Latest News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\",\"url\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\",\"name\":\"OWASP releases the Top 10 2017 security risks - SD Times\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png\",\"datePublished\":\"2017-11-21T18:12:06+00:00\",\"dateModified\":\"2017-11-21T18:12:06+00:00\",\"description\":\"OWASP adds XXE, insecure deserialization and insufficient logging and monitoring to the Top 10 web app security risks\",\"breadcrumb\":{\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png\",\"width\":311,\"height\":320},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sdtimes.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OWASP releases the Top 10 2017 security risks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sdtimes.com\/#website\",\"url\":\"https:\/\/sdtimes.com\/\",\"name\":\"SD Times\",\"description\":\"Software Development News\",\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sdtimes.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/sdtimes.com\/#organization\",\"name\":\"SD Times\",\"url\":\"https:\/\/sdtimes.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"width\":225,\"height\":90,\"caption\":\"SD Times\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SDTimesD2\",\"https:\/\/x.com\/sdtimes\",\"https:\/\/www.linkedin.com\/company\/sdtimes\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972\",\"name\":\"Christina Cardoza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/image\/66d89d09eb7f22eba27a82092a3bae8e\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g\",\"caption\":\"Christina Cardoza\"},\"description\":\"Christina Cardoza is the News Editor of SD Times. She is responsible for the oversight of the daily news published to the website as well as the company's weekly newsletter, News on Monday. She covers agile, DevOps, AI, machine learning, mixed reality and software security. She is an undeniable nerd who loves Marvel comics and Star Wars. On Follow her on Twitter at @chriscatdoza!\",\"sameAs\":[\"https:\/\/x.com\/chriscatdoza\"],\"url\":\"https:\/\/sdtimes.com\/author\/christina-mulligan\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OWASP releases the Top 10 2017 security risks - SD Times","description":"OWASP adds XXE, insecure deserialization and insufficient logging and monitoring to the Top 10 web app security risks","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/","og_locale":"en_US","og_type":"article","og_title":"OWASP releases the Top 10 2017 security risks - SD Times","og_description":"OWASP adds XXE, insecure deserialization and insufficient logging and monitoring to the Top 10 web app security risks","og_url":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/","og_site_name":"SD Times","article_publisher":"https:\/\/www.facebook.com\/SDTimesD2","article_published_time":"2017-11-21T18:12:06+00:00","og_image":[{"width":311,"height":320,"url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png","type":"image\/png"}],"author":"Christina Cardoza","twitter_card":"summary_large_image","twitter_creator":"@chriscatdoza","twitter_site":"@sdtimes","twitter_misc":{"Written by":"Christina Cardoza","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#article","isPartOf":{"@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/"},"author":{"name":"Christina Cardoza","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972"},"headline":"OWASP releases the Top 10 2017 security risks","datePublished":"2017-11-21T18:12:06+00:00","dateModified":"2017-11-21T18:12:06+00:00","mainEntityOfPage":{"@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/"},"wordCount":552,"commentCount":0,"publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"image":{"@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png","keywords":["app development","Open Web Application Security Project","OWASP","software security","Top 10"],"articleSection":["Latest News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/","url":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/","name":"OWASP releases the Top 10 2017 security risks - SD Times","isPartOf":{"@id":"https:\/\/sdtimes.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage"},"image":{"@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png","datePublished":"2017-11-21T18:12:06+00:00","dateModified":"2017-11-21T18:12:06+00:00","description":"OWASP adds XXE, insecure deserialization and insufficient logging and monitoring to the Top 10 web app security risks","breadcrumb":{"@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#primaryimage","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/11\/OWASP.png","width":311,"height":320},{"@type":"BreadcrumbList","@id":"https:\/\/sdtimes.com\/app-development\/owasp-releases-top-10-2017-security-risks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sdtimes.com\/"},{"@type":"ListItem","position":2,"name":"OWASP releases the Top 10 2017 security risks"}]},{"@type":"WebSite","@id":"https:\/\/sdtimes.com\/#website","url":"https:\/\/sdtimes.com\/","name":"SD Times","description":"Software Development News","publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sdtimes.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sdtimes.com\/#organization","name":"SD Times","url":"https:\/\/sdtimes.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","width":225,"height":90,"caption":"SD Times"},"image":{"@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SDTimesD2","https:\/\/x.com\/sdtimes","https:\/\/www.linkedin.com\/company\/sdtimes\/"]},{"@type":"Person","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972","name":"Christina Cardoza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/image\/66d89d09eb7f22eba27a82092a3bae8e","url":"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g","caption":"Christina Cardoza"},"description":"Christina Cardoza is the News Editor of SD Times. She is responsible for the oversight of the daily news published to the website as well as the company's weekly newsletter, News on Monday. She covers agile, DevOps, AI, machine learning, mixed reality and software security. She is an undeniable nerd who loves Marvel comics and Star Wars. On Follow her on Twitter at @chriscatdoza!","sameAs":["https:\/\/x.com\/chriscatdoza"],"url":"https:\/\/sdtimes.com\/author\/christina-mulligan\/"}]}},"_links":{"self":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/28105"}],"collection":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/users\/490"}],"replies":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/comments?post=28105"}],"version-history":[{"count":1,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/28105\/revisions"}],"predecessor-version":[{"id":28107,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/28105\/revisions\/28107"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media\/28106"}],"wp:attachment":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media?parent=28105"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/categories?post=28105"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/tags?post=28105"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/coauthors?post=28105"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}