{"id":28213,"date":"2017-12-04T11:00:18","date_gmt":"2017-12-04T16:00:18","guid":{"rendered":"https:\/\/sdtimes.com\/?p=28213"},"modified":"2017-12-04T09:34:11","modified_gmt":"2017-12-04T14:34:11","slug":"gartners-guide-to-successful-devsecops","status":"publish","type":"post","link":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/","title":{"rendered":"Gartner\u2019s guide to successful DevSecOps"},"content":{"rendered":"

In a recent survey conducted by Gartner, the organization found that the highest-ranked strategy for a successful DevOps approach was collaboration with information security. \u201cIn the past 12 months at Gartner, how to securely integrate security into DevOps \u2014 delivering DevSecOps \u2014 has been one of the fastest-growing areas of interest of clients, with more than 600 inquiries across multiple Gartner analysts in that time frame,\u201d Gartner\u2019s research director Ian Head, and distinguished analyst Neil MacDonald, wrote in a <\/span>report<\/span><\/a>. <\/span><\/p>\n

The analysts have taken lessons learned from the organization and its clients, and released 10 steps they believes will set businesses on a successful DevSecOps path. \u00a0<\/span><\/p>\n

    \n
  1. “Adapt your security testing tools and processes to the developers, not the other way around:”\u00a0According to the analysts, the Sec in DevSecOps should be silent. That means the security team needs to change their processes and tools to be integrated into DevOps, instead of trying to enforce their old processes be adopted. <\/span><\/b><\/li>\n
  2. “Quit trying to eliminate all vulnerabilities during development.”<\/b> \u201cPerfect security is impossible. Zero risk is impossible. We must bring continuous risk- and trust-based assessment and prioritization of application vulnerabilities to DevSecOps,\u201d Head and MacDonald wrote in their report. DevSecOps should be thought of as a continuous improvement process, meaning security can go beyond development and can be searching and protecting against vulnerabilities even after services are deployed into production. <\/span><\/li>\n
  3. “Focus first on identifying and removing the known critical vulnerabilities.”\u00a0Instead of wasting time trying to break a system, find focus on known security issues from pre built components, libraries, containers and frameworks; and protect against those before they are put into production. <\/span><\/b><\/li>\n
  4. “Don’t expect to use traditional DAST\/SAST without changes<\/strong>.”\u00a0Scan custom code for unknown vulnerabilities by integrating testing into the IDE, providing autonomous scans that don\u2019t require a security expert, reducing false positives, and delivering results into a bug tracking system or development dashboard.<\/span><\/li>\n
  5. “Train all developers on the basics of secure coding, but don’t expect them to become security experts.”<\/strong> Training all developers on the basis of security issues will help prevent them from creating harmful scenarios. Developers should be expected to know simple threat modeling scenarios, how to think like a hacker, and know not to put secrets like cryptographic keys and passwords into the code, according to Head. \u00a0<\/span><\/li>\n
  6. “Adopt a security champion model and implement a simple security requirements gathering tool.”<\/strong>\u00a0A security champion is someone who can effectively lead the security community of practice, stay up to date with maturity issues, and evangelize, communicate and market what to do with security and how to adapt. <\/span><\/li>\n
  7. “Eliminate the use of known vulnerable components at the source.”<\/strong> \u201cAs previously stated, most risk in modern application assembly comes from the use of known vulnerable components, libraries and frameworks. Rather than wait until an application is assembled to scan and identify these known vulnerabilities, why not address this issue at its source by warning developers not to download and use these known vulnerable components,\u201d Head and MacDonald wrote. <\/span><\/li>\n
  8. “Secure and apply operational discipline to automation scripts<\/strong>.” \u201cTreat automation code, scripts, recipes, formation scripts and other such infrastructure and platform artifacts as valuable source code with specific additional risk. Therefore, use source-code-type controls including audit, protection, digital signatures, change control and version control to protect all such infrastructure and platform artifacts,\u201d according to the report.<\/span><\/li>\n
  9. “Implement strong version control on all code and components.”<\/strong> Be able to capture every change from what was changed, when the change happened and who made the change.<\/span><\/li>\n
  10. “Adopt an immutable infrastructure mindset<\/strong>.“<\/strong>\u00a0Teams should work towards a place where all the infrastructure is only updated by the tools. This is a sign that the team is maturing, and it provides a more secure way to maintain applications, according to Head. <\/span><\/li>\n<\/ol>\n

    In addition, the analyst predict by 2021, DevSecOps will be embedded into 80% of rapid development teams. \u201cIntegrating security into DevOps to deliver “DevSecOps” requires changing mindsets, processes and technology. Security and risk management leaders must adhere to the collaborative, agile nature of DevOps to be seamless and transparent in the development process, making the Sec in DevSecOps silent,\u201d they wrote. <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

    In a recent survey conducted by Gartner, the organization found that the highest-ranked strategy for a successful DevOps approach was collaboration with information security. \u201cIn the past 12 months at Gartner, how to securely integrate security into DevOps \u2014 delivering DevSecOps \u2014 has been one of the fastest-growing areas of interest of clients, with more … continue reading<\/a><\/p>\n","protected":false},"author":490,"featured_media":28263,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"cybocfi_hide_featured_image":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[2432,1],"tags":[90,254,8749,376,45,3244],"coauthors":[11614],"acf":[],"yoast_head":"\nGartner\u2019s guide to successful DevSecOps - SD Times<\/title>\n<meta name=\"description\" content=\"Gartner releases its 10 things organizations should do to be successful at DevSecOps, it includes security champions\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gartner\u2019s guide to successful DevSecOps - SD Times\" \/>\n<meta property=\"og:description\" content=\"Gartner releases its 10 things organizations should do to be successful at DevSecOps, it includes security champions\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\" \/>\n<meta property=\"og:site_name\" content=\"SD Times\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SDTimesD2\" \/>\n<meta property=\"article:published_time\" content=\"2017-12-04T16:00:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-12-04T14:34:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"425\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Christina Cardoza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@chriscatdoza\" \/>\n<meta name=\"twitter:site\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christina Cardoza\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\"},\"author\":{\"name\":\"Christina Cardoza\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972\"},\"headline\":\"Gartner\u2019s guide to successful DevSecOps\",\"datePublished\":\"2017-12-04T16:00:18+00:00\",\"dateModified\":\"2017-12-04T14:34:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\"},\"wordCount\":688,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg\",\"keywords\":[\"developers\",\"DevOps\",\"DevSecOps\",\"Gartner\",\"security\",\"software security\"],\"articleSection\":[\"In-Depth\",\"Latest News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\",\"url\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\",\"name\":\"Gartner\u2019s guide to successful DevSecOps - SD Times\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg\",\"datePublished\":\"2017-12-04T16:00:18+00:00\",\"dateModified\":\"2017-12-04T14:34:11+00:00\",\"description\":\"Gartner releases its 10 things organizations should do to be successful at DevSecOps, it includes security champions\",\"breadcrumb\":{\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg\",\"width\":640,\"height\":425},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sdtimes.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Gartner\u2019s guide to successful DevSecOps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sdtimes.com\/#website\",\"url\":\"https:\/\/sdtimes.com\/\",\"name\":\"SD Times\",\"description\":\"Software Development News\",\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sdtimes.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/sdtimes.com\/#organization\",\"name\":\"SD Times\",\"url\":\"https:\/\/sdtimes.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"width\":225,\"height\":90,\"caption\":\"SD Times\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SDTimesD2\",\"https:\/\/x.com\/sdtimes\",\"https:\/\/www.linkedin.com\/company\/sdtimes\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972\",\"name\":\"Christina Cardoza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/image\/66d89d09eb7f22eba27a82092a3bae8e\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g\",\"caption\":\"Christina Cardoza\"},\"description\":\"Christina Cardoza is the News Editor of SD Times. She is responsible for the oversight of the daily news published to the website as well as the company's weekly newsletter, News on Monday. She covers agile, DevOps, AI, machine learning, mixed reality and software security. She is an undeniable nerd who loves Marvel comics and Star Wars. On Follow her on Twitter at @chriscatdoza!\",\"sameAs\":[\"https:\/\/x.com\/chriscatdoza\"],\"url\":\"https:\/\/sdtimes.com\/author\/christina-mulligan\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Gartner\u2019s guide to successful DevSecOps - SD Times","description":"Gartner releases its 10 things organizations should do to be successful at DevSecOps, it includes security champions","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/","og_locale":"en_US","og_type":"article","og_title":"Gartner\u2019s guide to successful DevSecOps - SD Times","og_description":"Gartner releases its 10 things organizations should do to be successful at DevSecOps, it includes security champions","og_url":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/","og_site_name":"SD Times","article_publisher":"https:\/\/www.facebook.com\/SDTimesD2","article_published_time":"2017-12-04T16:00:18+00:00","article_modified_time":"2017-12-04T14:34:11+00:00","og_image":[{"width":640,"height":425,"url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg","type":"image\/jpeg"}],"author":"Christina Cardoza","twitter_card":"summary_large_image","twitter_creator":"@chriscatdoza","twitter_site":"@sdtimes","twitter_misc":{"Written by":"Christina Cardoza","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#article","isPartOf":{"@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/"},"author":{"name":"Christina Cardoza","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972"},"headline":"Gartner\u2019s guide to successful DevSecOps","datePublished":"2017-12-04T16:00:18+00:00","dateModified":"2017-12-04T14:34:11+00:00","mainEntityOfPage":{"@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/"},"wordCount":688,"commentCount":2,"publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"image":{"@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg","keywords":["developers","DevOps","DevSecOps","Gartner","security","software security"],"articleSection":["In-Depth","Latest News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/","url":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/","name":"Gartner\u2019s guide to successful DevSecOps - SD Times","isPartOf":{"@id":"https:\/\/sdtimes.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage"},"image":{"@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg","datePublished":"2017-12-04T16:00:18+00:00","dateModified":"2017-12-04T14:34:11+00:00","description":"Gartner releases its 10 things organizations should do to be successful at DevSecOps, it includes security champions","breadcrumb":{"@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#primaryimage","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2017\/12\/checklist-2589418_640.jpg","width":640,"height":425},{"@type":"BreadcrumbList","@id":"https:\/\/sdtimes.com\/developers\/gartners-guide-to-successful-devsecops\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sdtimes.com\/"},{"@type":"ListItem","position":2,"name":"Gartner\u2019s guide to successful DevSecOps"}]},{"@type":"WebSite","@id":"https:\/\/sdtimes.com\/#website","url":"https:\/\/sdtimes.com\/","name":"SD Times","description":"Software Development News","publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sdtimes.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sdtimes.com\/#organization","name":"SD Times","url":"https:\/\/sdtimes.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","width":225,"height":90,"caption":"SD Times"},"image":{"@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SDTimesD2","https:\/\/x.com\/sdtimes","https:\/\/www.linkedin.com\/company\/sdtimes\/"]},{"@type":"Person","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/8291872d437355f6b12cbcd6857a1972","name":"Christina Cardoza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/image\/66d89d09eb7f22eba27a82092a3bae8e","url":"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/940fd7e02753c2aff1d037c42e0603ac?s=96&d=mm&r=g","caption":"Christina Cardoza"},"description":"Christina Cardoza is the News Editor of SD Times. She is responsible for the oversight of the daily news published to the website as well as the company's weekly newsletter, News on Monday. She covers agile, DevOps, AI, machine learning, mixed reality and software security. She is an undeniable nerd who loves Marvel comics and Star Wars. On Follow her on Twitter at @chriscatdoza!","sameAs":["https:\/\/x.com\/chriscatdoza"],"url":"https:\/\/sdtimes.com\/author\/christina-mulligan\/"}]}},"_links":{"self":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/28213"}],"collection":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/users\/490"}],"replies":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/comments?post=28213"}],"version-history":[{"count":2,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/28213\/revisions"}],"predecessor-version":[{"id":28264,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/28213\/revisions\/28264"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media\/28263"}],"wp:attachment":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media?parent=28213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/categories?post=28213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/tags?post=28213"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/coauthors?post=28213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}