{"id":11641,"date":"2022-11-10T09:19:05","date_gmt":"2022-11-10T09:19:05","guid":{"rendered":"https:\/\/ee.yelkdev.site\/?p=11641"},"modified":"2024-12-09T14:45:09","modified_gmt":"2024-12-09T14:45:09","slug":"are-penetration-tests-all-you-need-to-ensure-your-cyber-security","status":"publish","type":"post","link":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/","title":{"rendered":"Are penetration tests all you need to ensure your cyber security?"},"content":{"rendered":"<p>Of course they aren\u2019t!<\/p>\n<p>But despite the continued parade of major information security breaches by companies large and small, this title (<a href=\"https:\/\/en.wikipedia.org\/wiki\/Betteridge%27s_law_of_headlines\" target=\"_blank\" rel=\"noopener\">Betteridge\u2019s law<\/a> anyone?!) is justified by the amount of organisations that still rely upon penetration tests as their only line of defence against security vulnerabilities. This isn&#8217;t a good idea.<\/p>\n<h2>The problem with relying on penetration tests<\/h2>\n<p>Relying on penetration tests as your sole cyber-security control is like assessing the health of the Titanic using a photo taken from the iceberg.<\/p>\n<p>A penetration test is unable to give you any indication of what&#8217;s coming in the future because it&#8217;s static, point-in-time, and outside-in (just like that photo!). It has a limited value in understanding health.<\/p>\n<p>Penetration tests also have costs. Both the direct costs of paying for them (most organisations seem to use third-parties for this) but maybe more significantly &#8211; because they almost always act as approval gates &#8211; they can actually block value from being regularly, and frequently, delivered to your customers.<\/p>\n<p>This isn\u2019t to say that penetration tests have zero-value, they are a useful tool as part of a wider set of security controls &#8211; but their use should be determined through deliberate security risk assessment and threat modelling.<\/p>\n<h2>What we recommend instead<\/h2>\n<p><strong>Continuous Security<\/strong><\/p>\n<p>The primary recommendation is to operate a system of continuous security as described in our <a href=\"https:\/\/www.equalexperts.com.\/blog\/our-thinking\/introducing-the-secure-delivery-playbook\/\" target=\"_blank\" rel=\"noopener\">Secure Delivery Playbook<\/a> (published under a Creative Commons licence!)<\/p>\n<p>However &#8211; we understand that simply telling you where you should be, isn\u2019t always helpful. We also like to help our clients understand where they currently are.<\/p>\n<p>If you feel you have a Security Blind Spot &#8211; i.e. products, already in use, that you think may have been delivered without active engagement from an infosec team, and you lack\u00a0 confidence that they have sufficient security controls in place &#8211; then there is another approach that we can share.<\/p>\n<p><strong>Security Health Check<\/strong><\/p>\n<p>The objective of a security health check is, in a very objective way (sympathetic to the culture of a \u201cblameless post-mortem\u201d), to ensure that the team, the stakeholders, and the organisation are aligned in their understanding of the current state of security controls around a system\/product.<\/p>\n<p>This involves:<\/p>\n<ul>\n<li>Celebrating the good work involved in the security controls that are already in place (often we find that a lack of confidence is caused by a lack of visibility, rather than a complete lack of controls)<\/li>\n<li>Taking a risk-based approach to prioritising which controls should be next to be added<\/li>\n<li>Providing practical tools and advice to the engineering team to help them most easily adopt new controls and practices<\/li>\n<\/ul>\n<h2>The Nitty Gritty<\/h2>\n<p>The general approach that we take, and are happy to share, is as follows:<\/p>\n<p><strong>1. Gather Review Team\/Squad<\/strong><\/p>\n<p>It\u2019s important that those expecting to contribute to the review are explicitly identified. What you need will depend on the Context and Scope agreed (see below) but we have found that we typically need 2-3 people dedicated to the review for a period of 5-10 days &#8211; as well as time from the development team. Those doing the review should be \u201cexternal\u201d. This doesn\u2019t necessarily mean third-party, it could be sourced from inside your own organisation if you have the requisite skills &#8211; but it should be independent from both the product development team and the infosec individuals who are currently responsible for this part of the portfolio.<\/p>\n<p><strong>2. Establish System Context<\/strong><\/p>\n<p>Identify the key stakeholders and meet with them to understand their vision and needs.<\/p>\n<p>Security controls can only be identified and prioritised in the context of an actual system, organisation and business usecase (which is why off-the-shelf security scans have limited value).<\/p>\n<p><strong>3. Agree Scope of Review<\/strong><\/p>\n<p>Be clear about the specific areas of your systems and processes that were under review, to ensure you (a) have enough time and (b) have the right expertise available, to achieve a comprehensive and technically deep review.<\/p>\n<p><strong>4. Gather Information\/Data<\/strong><\/p>\n<p>The specific activities you need to carry out should vary depending on the context and scope you\u2019ve established above &#8211; but an example from a recent health check we carried out is:<\/p>\n<ul>\n<li>Asset and Data Identification &#8211; assets, functions, sensitivity and business impact if compromised.<\/li>\n<li>Architectural Security Review &#8211; flow of data, authorised principals, component authentication, access controls, data protection, and monitoring.<\/li>\n<li>Cloud Security Compliance Scan &#8211; automated scanning tools to check configuration of the team\u2019s cloud estate against industry benchmarks (CIS).<\/li>\n<li>Secure SDLC Maturity Review &#8211; software delivery lifecycle (SDLC) workflows: release management, security reviews, scanning tools and system operation (against industry benchmark).<\/li>\n<\/ul>\n<p><strong>5. Play Back Findings<\/strong><\/p>\n<p>We find it useful to separate the findings into 4 sections (depending on your needs and the team carrying this out these could be more or less formal):<\/p>\n<ul>\n<li>Overall Security Findings Report &#8211; Detailing review processes, inventory of assessed systems and principals, a matrix of identified issues and their corresponding business impact.<\/li>\n<li>Security Program Maturity Report &#8211; Report identifying current secure delivery maturity, including recommended approach to reach an agreed maturity level in terms of processes, policies and security tools.<\/li>\n<li>Compliance Benchmark Recommendations Report &#8211; A triaged report showing compliance with benchmarks such as CIS, including recommended remediation path based on impact.<\/li>\n<li>Architectural Control Recommendations Report &#8211; A set of security requirements and implementation recommendations to remediate any large-scale architectural findings, allowing engineers to understand the impact of control deficiencies and a recommended approach to remediation.<\/li>\n<\/ul>\n<h2>More Info<\/h2>\n<p>A structured security health check reduces your risk by ensuring that all parties have an aligned and up\u2013to-date view of the state of current security controls around a system or product. It will also provide a tangible plan of pragmatic remedial actions which is well understood by both stakeholders and delivery teams.<\/p>\n<p>If you have concerns about any of your systems\/products then please <a href=\"https:\/\/www.equalexperts.com\/contact-us\/\" target=\"_blank\" rel=\"noopener\">get in touch<\/a>.<\/p>\n<p>There are more resources available on our <a href=\"https:\/\/www.equalexperts.com\/our-services\/deliver\/securedelivery\/\" target=\"_blank\" rel=\"noopener\">Secure Delivery hub<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?<\/p>\n","protected":false},"author":203,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[264],"location":[397],"class_list":["post-11641","post","type-post","status-publish","format-standard","hentry","category-our-thinking","tag-secure-delivery-playbook"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.9 (Yoast SEO v25.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Are penetration tests all you need to ensure your cyber security? | Equal Experts<\/title>\n<meta name=\"description\" content=\"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Are penetration tests all you need to ensure your cyber security?\" \/>\n<meta property=\"og:description\" content=\"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Equal Experts\" \/>\n<meta property=\"article:published_time\" content=\"2022-11-10T09:19:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-09T14:45:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.equalexperts.com\/wp-content\/uploads\/2022\/11\/Penetration-tests-fb.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"1260\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Phil Parker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Are penetration tests all you need to ensure your cyber security?\" \/>\n<meta name=\"twitter:description\" content=\"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?\" \/>\n<meta name=\"twitter:creator\" content=\"@EqualExperts\" \/>\n<meta name=\"twitter:site\" content=\"@EqualExperts\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Phil Parker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\"},\"author\":{\"name\":\"Phil Parker\",\"@id\":\"https:\/\/www.equalexperts.com\/#\/schema\/person\/cbd345befe59389137f9f4098d09d7fa\"},\"headline\":\"Are penetration tests all you need to ensure your cyber security?\",\"datePublished\":\"2022-11-10T09:19:05+00:00\",\"dateModified\":\"2024-12-09T14:45:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\"},\"wordCount\":995,\"publisher\":{\"@id\":\"https:\/\/www.equalexperts.com\/#organization\"},\"keywords\":[\"secure delivery playbook\"],\"articleSection\":[\"Our Thinking\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\",\"url\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\",\"name\":\"Are penetration tests all you need to ensure your cyber security? | Equal Experts\",\"isPartOf\":{\"@id\":\"https:\/\/www.equalexperts.com\/#website\"},\"datePublished\":\"2022-11-10T09:19:05+00:00\",\"dateModified\":\"2024-12-09T14:45:09+00:00\",\"description\":\"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?\",\"breadcrumb\":{\"@id\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.equalexperts.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Are penetration tests all you need to ensure your cyber security?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.equalexperts.com\/#website\",\"url\":\"https:\/\/www.equalexperts.com\/\",\"name\":\"Equal Experts\",\"description\":\"Making Software. Better.\",\"publisher\":{\"@id\":\"https:\/\/www.equalexperts.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.equalexperts.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.equalexperts.com\/#organization\",\"name\":\"Equal Experts\",\"url\":\"https:\/\/www.equalexperts.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.equalexperts.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.equalexperts.com\/wp-content\/uploads\/2018\/08\/Equal_Experts_Logo_CMYK_Colour.jpg\",\"contentUrl\":\"https:\/\/www.equalexperts.com\/wp-content\/uploads\/2018\/08\/Equal_Experts_Logo_CMYK_Colour.jpg\",\"width\":719,\"height\":340,\"caption\":\"Equal Experts\"},\"image\":{\"@id\":\"https:\/\/www.equalexperts.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/EqualExperts\",\"https:\/\/www.linkedin.com\/company\/equal-experts\/?viewAsMember=true\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.equalexperts.com\/#\/schema\/person\/cbd345befe59389137f9f4098d09d7fa\",\"name\":\"Phil Parker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.equalexperts.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0cd3ec08ffd9740d7ba6ae599477802ec83d3fc00da1998f778b64e8e5a69412?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0cd3ec08ffd9740d7ba6ae599477802ec83d3fc00da1998f778b64e8e5a69412?s=96&d=mm&r=g\",\"caption\":\"Phil Parker\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Are penetration tests all you need to ensure your cyber security? | Equal Experts","description":"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/","og_locale":"en_GB","og_type":"article","og_title":"Are penetration tests all you need to ensure your cyber security?","og_description":"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?","og_url":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/","og_site_name":"Equal Experts","article_published_time":"2022-11-10T09:19:05+00:00","article_modified_time":"2024-12-09T14:45:09+00:00","og_image":[{"width":2400,"height":1260,"url":"https:\/\/www.equalexperts.com\/wp-content\/uploads\/2022\/11\/Penetration-tests-fb.jpg","type":"image\/jpeg"}],"author":"Phil Parker","twitter_card":"summary_large_image","twitter_title":"Are penetration tests all you need to ensure your cyber security?","twitter_description":"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?","twitter_creator":"@EqualExperts","twitter_site":"@EqualExperts","twitter_misc":{"Written by":"Phil Parker","Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/#article","isPartOf":{"@id":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/"},"author":{"name":"Phil Parker","@id":"https:\/\/www.equalexperts.com\/#\/schema\/person\/cbd345befe59389137f9f4098d09d7fa"},"headline":"Are penetration tests all you need to ensure your cyber security?","datePublished":"2022-11-10T09:19:05+00:00","dateModified":"2024-12-09T14:45:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/"},"wordCount":995,"publisher":{"@id":"https:\/\/www.equalexperts.com\/#organization"},"keywords":["secure delivery playbook"],"articleSection":["Our Thinking"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/","url":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/","name":"Are penetration tests all you need to ensure your cyber security? | Equal Experts","isPartOf":{"@id":"https:\/\/www.equalexperts.com\/#website"},"datePublished":"2022-11-10T09:19:05+00:00","dateModified":"2024-12-09T14:45:09+00:00","description":"A large number of organisations still rely upon penetration tests as their only line of defence against security vulnerabilities. Is that enough?","breadcrumb":{"@id":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.equalexperts.com\/blog\/our-thinking\/are-penetration-tests-all-you-need-to-ensure-your-cyber-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.equalexperts.com\/"},{"@type":"ListItem","position":2,"name":"Are penetration tests all you need to ensure your cyber security?"}]},{"@type":"WebSite","@id":"https:\/\/www.equalexperts.com\/#website","url":"https:\/\/www.equalexperts.com\/","name":"Equal Experts","description":"Making Software. Better.","publisher":{"@id":"https:\/\/www.equalexperts.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.equalexperts.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/www.equalexperts.com\/#organization","name":"Equal Experts","url":"https:\/\/www.equalexperts.com\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.equalexperts.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.equalexperts.com\/wp-content\/uploads\/2018\/08\/Equal_Experts_Logo_CMYK_Colour.jpg","contentUrl":"https:\/\/www.equalexperts.com\/wp-content\/uploads\/2018\/08\/Equal_Experts_Logo_CMYK_Colour.jpg","width":719,"height":340,"caption":"Equal Experts"},"image":{"@id":"https:\/\/www.equalexperts.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/EqualExperts","https:\/\/www.linkedin.com\/company\/equal-experts\/?viewAsMember=true"]},{"@type":"Person","@id":"https:\/\/www.equalexperts.com\/#\/schema\/person\/cbd345befe59389137f9f4098d09d7fa","name":"Phil Parker","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.equalexperts.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/0cd3ec08ffd9740d7ba6ae599477802ec83d3fc00da1998f778b64e8e5a69412?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0cd3ec08ffd9740d7ba6ae599477802ec83d3fc00da1998f778b64e8e5a69412?s=96&d=mm&r=g","caption":"Phil Parker"}}]}},"_links":{"self":[{"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/posts\/11641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/users\/203"}],"replies":[{"embeddable":true,"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/comments?post=11641"}],"version-history":[{"count":0,"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/posts\/11641\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/media?parent=11641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/categories?post=11641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/tags?post=11641"},{"taxonomy":"location","embeddable":true,"href":"https:\/\/www.equalexperts.com\/wp-json\/wp\/v2\/location?post=11641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}