{"id":18236,"date":"2022-07-14T08:12:04","date_gmt":"2022-07-14T12:12:04","guid":{"rendered":"https:\/\/www.m2sys.com\/blog\/?p=18236"},"modified":"2024-11-11T06:48:53","modified_gmt":"2024-11-11T11:48:53","slug":"api-security-vs-application-security-whats-the-difference","status":"publish","type":"post","link":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/","title":{"rendered":"API Security vs. Application Security: What\u2019s the difference?"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">It is commonly misconstrued that there is no difference between application security (Appsec) and API security. In various ways, API security is very different from application security, and a lack of understanding of these differences can be dangerous and expose your organization to a series of API attacks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">API security should be treated differently from traditional application security in general. This has been highlighted in the<\/span>\u00a0<span style=\"font-weight: 400;\">Open Web Application Security Project (OWASP) API Security Top 10<\/span><span style=\"font-weight: 400;\">,<\/span><span style=\"font-weight: 400;\"> which documents API security threats that do not apply to general application security. Therefore, it is not enough to implement security practices and products that protect your applications but not your API traffic, as API security should not be considered merely as an extension of application security but as an independent component of Appsec.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Application security<\/span><span style=\"font-weight: 400;\"> involves developing, adding, or testing security features within applications to prevent security vulnerabilities against threats like unauthorized access and modification. It is simply security precautions used at the application level to prevent data or code theft within the application. Appsec aims to make applications secure by finding, fixing, and enhancing security.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">On the other hand, Application Programming Interfaces (APIs) allow applications to access data and interact with others, including external software components. APIs are intermediaries that enable applications to communicate with each other, while API security refers to preventing and mitigating attacks on APIs. API security is an integral component of modernizing Appsec programs and should be integrated from the development and testing process to the production stage to detect and prevent API exploitation. To effectively understand the difference between API security and Application security, it is essential to highlight the threats associated with both.\u00a0<\/span><\/p>\n<h1>Threats Associated With Application Security<\/h1>\n<p><span style=\"font-weight: 400;\">There are various threats that users and application developers face which should be understood, managed, and mitigated to prevent attacks. Common threats associated with application security are:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Injection Attacks:<\/span> <span style=\"font-weight: 400;\">Applications are vulnerable to injection attacks like SQL injection, Cross-Site Scripting, Email Header injection, et al., which could lead to unauthorized database access and exploration.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Security Misconfigurations:<\/span> <span style=\"font-weight: 400;\">Applications with unchanged default settings and configurations create vulnerabilities that can be explored by attackers.\u00a0<\/span><\/p>\n<p><b>Broken Authentication: <\/b><span style=\"font-weight: 400;\">This refers to the inadequate implementation of authentication and session management tokens. Attackers can exploit this by stealing a legitimate user&#8217;s identity and exploiting privileges of the said user.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Buffer Overflow:<\/span><span style=\"font-weight: 400;\"> Attacks from buffer overflow result from bad programming. Attackers attempt to input more data than a buffer is programmed to hold, causing the buffer to overflow and inherently crashing the system\/application.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Broken Access Control:<\/span><span style=\"font-weight: 400;\"> Insufficient central access control measures are a threat to applications. Gaps in an application can be exploited by a threat actor who gained access by masquerading as a legitimate user. Organizations should prioritize access control when developing applications.\u00a0<\/span><\/p>\n<h1>Threats Associated With API Security<\/h1>\n<p><span style=\"font-weight: 400;\">Attacks on APIs have risen in recent months, with a <\/span><span style=\"font-weight: 400;\">681%<\/span><span style=\"font-weight: 400;\"> increase in the past 12 months. Organizations are struggling to protect their APIs and keep them safe from attacks and malicious hacks. Common threats associated with APIs are:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Broken Object Level Authorization (BOLA):<\/span> <span style=\"font-weight: 400;\">Broken authorization controls around objects like data files and database records give attackers unauthorized access to sensitive data and compromise an organization&#8217;s security.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Broken Function Level Authorization:<\/span> <span style=\"font-weight: 400;\">Access to specific functions or resources that require privileged authorization can be compromised if left open. Well-defined policies outlining access levels and roles within an organization should be implemented to prevent attacks.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Insufficient Logging and Monitoring:<\/span> <span style=\"font-weight: 400;\">API security threats are largely missed due to poor logging and monitoring practices. Logging and monitoring play an essential part in API security, preventing cyber attacks by gaining visibility into abnormal API usage. Therefore, implementing effective logging and monitoring systems is necessary to detect malicious activities in real time.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Excessive Data Exposure:<\/span><span style=\"font-weight: 400;\"> Data is excessively exposed when an API provides more data than is needed. Access to sensitive data through excessive data exposure by bad threat actors can lead to data exploitation to commit crimes like data theft, identity theft, and financial fraud.\u00a0<\/span><\/p>\n<h1>How is API Security Different From Application Security<\/h1>\n<p><span style=\"font-weight: 400;\">Security solutions, including API gateways, web application firewalls, API management tools, and Identity and Access Management (IAM), are not designed to prevent attacks on APIs. APIs are challenging to protect, and traditional security solutions are insufficient to handle the API ecosystem&#8217;s technicalities. <\/span><span style=\"font-weight: 400;\">Securing APIs presents unique challenges<\/span><span style=\"font-weight: 400;\">, amongst which are:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A Dynamic Threat Landscape:<\/span> <span style=\"font-weight: 400;\">Organizations deploy thousands of APIs to enhance productivity; therefore, there is a constantly changing landscape due to the pace of development. Documenting these APIs by keeping an inventory of deployed APIs, logging and monitoring API performance, and deploying regular patches are essential to keep APIs secure.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Periodic Testing:<\/span> <span style=\"font-weight: 400;\">Implementing shift-left tactics, a process involving pre-production testing to discover gaps in APIs, is ineffective as this process does not reveal vulnerabilities in your organization&#8217;s API business logic. Developers are not known to write fully secure codes; hence, organizations should conduct periodic vulnerability tests to identify and prevent API vulnerabilities and their potential organizational risks.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Unique Attacks:<\/span><span style=\"font-weight: 400;\"> Unlike Appsec, where traditional attacks like SQL injections or cross-site scripting attacks happen across various applications, attacks on APIs are similar yet unique. Every API is unique, so every attack on an API has to be unique.\u00a0<\/span><\/p>\n<h1>Conclusion<\/h1>\n<p><span style=\"font-weight: 400;\">API security and application security are ongoing concerns for organizations. APIs and applications must be monitored closely to detect and prevent attacks. Attacks against APIs are masked as ordinary traffic; therefore, application security tools cannot defend against them. It is pertinent that organizations implement both API security practices and application security practices to achieve optimum security.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>It is commonly misconstrued that there is no difference between application security (Appsec) and API security. In various ways, API<\/p>\n","protected":false},"author":398,"featured_media":18237,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_yoast_wpseo_focuskw":"","_yoast_wpseo_title":"%%title%% %%sep%% %%sitename%%","_yoast_wpseo_metadesc":"","_lmt_disableupdate":"no","_lmt_disable":"no","twitterCardType":"","cardImageID":0,"cardImage":"","cardTitle":"","cardDesc":"","cardImageAlt":"","cardPlayer":"","cardPlayerWidth":0,"cardPlayerHeight":0,"cardPlayerStream":"","cardPlayerCodec":"","footnotes":""},"categories":[90],"tags":[],"class_list":["post-18236","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guest-blog-posts"],"acf":{"_how_to_content":null,"_faq_content":null,"_structured_meta_data":null,"_tl_dr_content":null},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.6.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>API Security vs. Application Security: What\u2019s the difference? - Digital Transformation of Government Services<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"API Security vs. Application Security: What\u2019s the difference? - Digital Transformation of Government Services\" \/>\n<meta property=\"og:description\" content=\"It is commonly misconstrued that there is no difference between application security (Appsec) and API security. In various ways, API\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\" \/>\n<meta property=\"og:site_name\" content=\"Digital Transformation of Government Services\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/m2sys\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-14T12:12:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-11T11:48:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.m2sys.com\/blog\/wp-content\/uploads\/2022\/07\/API-Security-vs.-Application-Security-Whats-the-difference-800x445-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"445\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Guest\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@m2sys\" \/>\n<meta name=\"twitter:site\" content=\"@m2sys\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guest\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\"},\"author\":{\"name\":\"Guest\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/#\/schema\/person\/ccd2044dbd488486c30d37d437d0320c\"},\"headline\":\"API Security vs. Application Security: What\u2019s the difference?\",\"datePublished\":\"2022-07-14T12:12:04+00:00\",\"dateModified\":\"2024-11-11T11:48:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\"},\"wordCount\":931,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/#organization\"},\"articleSection\":[\"Guest Blog Posts\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\",\"url\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\",\"name\":\"API Security vs. Application Security: What\u2019s the difference? - Digital Transformation of Government Services\",\"isPartOf\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/#website\"},\"datePublished\":\"2022-07-14T12:12:04+00:00\",\"dateModified\":\"2024-11-11T11:48:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"API Security vs. Application Security: What\u2019s the difference?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/#website\",\"url\":\"https:\/\/www.m2sys.com\/blog\/\",\"name\":\"Digital Transformation of Government Services\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.m2sys.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/#organization\",\"name\":\"Digital Transformation of Government Services\",\"url\":\"https:\/\/www.m2sys.com\/blog\/\",\"sameAs\":[\"https:\/\/instagram.com\/m2sys\",\"https:\/\/www.linkedin.com\/company\/m2sys-technology\",\"https:\/\/www.pinterest.com\/m2sys\/\",\"https:\/\/www.youtube.com\/user\/M2SYS\",\"https:\/\/www.facebook.com\/m2sys\",\"https:\/\/twitter.com\/m2sys\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.m2sys.com\/blog\/wp-content\/uploads\/2017\/12\/m2sys-blog.png\",\"contentUrl\":\"https:\/\/www.m2sys.com\/blog\/wp-content\/uploads\/2017\/12\/m2sys-blog.png\",\"width\":287,\"height\":48,\"caption\":\"Digital Transformation of Government Services\"},\"image\":{\"@id\":\"https:\/\/www.m2sys.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/#\/schema\/person\/ccd2044dbd488486c30d37d437d0320c\",\"name\":\"Guest\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.m2sys.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d201879437f2ccf21b1bd715f3d90d0f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d201879437f2ccf21b1bd715f3d90d0f?s=96&d=mm&r=g\",\"caption\":\"Guest\"},\"url\":\"https:\/\/www.m2sys.com\/blog\/author\/guest\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"API Security vs. Application Security: What\u2019s the difference? - Digital Transformation of Government Services","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/","og_locale":"en_US","og_type":"article","og_title":"API Security vs. Application Security: What\u2019s the difference? - Digital Transformation of Government Services","og_description":"It is commonly misconstrued that there is no difference between application security (Appsec) and API security. In various ways, API","og_url":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/","og_site_name":"Digital Transformation of Government Services","article_publisher":"https:\/\/www.facebook.com\/m2sys","article_published_time":"2022-07-14T12:12:04+00:00","article_modified_time":"2024-11-11T11:48:53+00:00","og_image":[{"width":800,"height":445,"url":"https:\/\/www.m2sys.com\/blog\/wp-content\/uploads\/2022\/07\/API-Security-vs.-Application-Security-Whats-the-difference-800x445-1.jpg","type":"image\/jpeg"}],"author":"Guest","twitter_card":"summary_large_image","twitter_creator":"@m2sys","twitter_site":"@m2sys","twitter_misc":{"Written by":"Guest","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#article","isPartOf":{"@id":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/"},"author":{"name":"Guest","@id":"https:\/\/www.m2sys.com\/blog\/#\/schema\/person\/ccd2044dbd488486c30d37d437d0320c"},"headline":"API Security vs. Application Security: What\u2019s the difference?","datePublished":"2022-07-14T12:12:04+00:00","dateModified":"2024-11-11T11:48:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/"},"wordCount":931,"commentCount":0,"publisher":{"@id":"https:\/\/www.m2sys.com\/blog\/#organization"},"articleSection":["Guest Blog Posts"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/","url":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/","name":"API Security vs. Application Security: What\u2019s the difference? - Digital Transformation of Government Services","isPartOf":{"@id":"https:\/\/www.m2sys.com\/blog\/#website"},"datePublished":"2022-07-14T12:12:04+00:00","dateModified":"2024-11-11T11:48:53+00:00","breadcrumb":{"@id":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.m2sys.com\/blog\/guest-blog-posts\/api-security-vs-application-security-whats-the-difference\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"API Security vs. Application Security: What\u2019s the difference?"}]},{"@type":"WebSite","@id":"https:\/\/www.m2sys.com\/blog\/#website","url":"https:\/\/www.m2sys.com\/blog\/","name":"Digital Transformation of Government Services","description":"","publisher":{"@id":"https:\/\/www.m2sys.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.m2sys.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.m2sys.com\/blog\/#organization","name":"Digital Transformation of Government Services","url":"https:\/\/www.m2sys.com\/blog\/","sameAs":["https:\/\/instagram.com\/m2sys","https:\/\/www.linkedin.com\/company\/m2sys-technology","https:\/\/www.pinterest.com\/m2sys\/","https:\/\/www.youtube.com\/user\/M2SYS","https:\/\/www.facebook.com\/m2sys","https:\/\/twitter.com\/m2sys"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.m2sys.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.m2sys.com\/blog\/wp-content\/uploads\/2017\/12\/m2sys-blog.png","contentUrl":"https:\/\/www.m2sys.com\/blog\/wp-content\/uploads\/2017\/12\/m2sys-blog.png","width":287,"height":48,"caption":"Digital Transformation of Government Services"},"image":{"@id":"https:\/\/www.m2sys.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.m2sys.com\/blog\/#\/schema\/person\/ccd2044dbd488486c30d37d437d0320c","name":"Guest","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.m2sys.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d201879437f2ccf21b1bd715f3d90d0f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d201879437f2ccf21b1bd715f3d90d0f?s=96&d=mm&r=g","caption":"Guest"},"url":"https:\/\/www.m2sys.com\/blog\/author\/guest\/"}]}},"modified_by":"Matthew Bennett","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/posts\/18236"}],"collection":[{"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/users\/398"}],"replies":[{"embeddable":true,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/comments?post=18236"}],"version-history":[{"count":4,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/posts\/18236\/revisions"}],"predecessor-version":[{"id":21607,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/posts\/18236\/revisions\/21607"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/media\/18237"}],"wp:attachment":[{"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/media?parent=18236"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/categories?post=18236"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.m2sys.com\/blog\/wp-json\/wp\/v2\/tags?post=18236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}