{"id":125106,"date":"2022-12-07T09:00:00","date_gmt":"2022-12-07T17:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=125106"},"modified":"2023-05-15T23:06:37","modified_gmt":"2023-05-16T06:06:37","slug":"mitigate-threats-with-the-new-threat-matrix-for-kubernetes","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/","title":{"rendered":"Mitigate threats with the new threat matrix for Kubernetes"},"content":{"rendered":"\n

Today, we are glad to release the third version of the threat matrix for Kubernetes<\/a>, an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by Microsoft in 2020, was the first attempt to systematically cover the attack landscape of Kubernetes. Since then, the project has received great attention and interest from the Kubernetes security community and was updated last year<\/a> to keep up with the evolving threat landscape. The latest version of the matrix comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats. The new matrix is available at: http:\/\/aka.ms\/KubernetesThreatMatrix<\/a>.<\/p>\n\n\n\n

What\u2019s new<\/h2>\n\n\n\n

Mitigations methods<\/h3>\n\n\n\n

Understanding the attack surface of containerized environments is the first step of building security solutions for these environments. In addition to helping organizations measure and assess coverage of threats with matching detections, the updated threat matrix for Kubernetes can now also help organizations with a systematic approach to apply mitigation techniques that prevent attacks from being successfully launched.<\/p>\n\n\n\n

In this third version of the threat matrix, we introduce a collection of mitigations<\/a> specific to Kubernetes environments and associate each with relevant threat techniques. Those mitigations, as displayed below in Figure 1, provide practical tools to prevent the various attack techniques, using built-in Kubernetes and cloud tools.<\/p>\n\n\n\n

\"A
Figure 1. A technique page with a mitigation section<\/figcaption><\/figure>\n\n\n\n

When reviewing the different threat techniques in the matrix, a list of relevant mitigations is provided so that organizations can see if they are taking all the necessary steps to prevent a threat. Additionally, when looking at a specific mitigation, a list of relevant threat techniques is displayed and can help organizations prioritize their mitigation implementation plan according to their threat assessment and detection coverage in each area.<\/p>\n\n\n\n

Mapping to MITRE ATT&CK techniques<\/h3>\n\n\n\n

Last year, MITRE added a container matrix to the MITRE ATT&CK framework. MITRE ATT&CK for containers matrix, inspired by Microsoft threat matrix for Kubernetes, is a result of a joint effort<\/a> between MITRE, Microsoft, and additional companies in the industry. The differences between Microsoft\u2019s and MITRE\u2019s matrices are described in this blog<\/a>. In the new version of the Microsoft threat matrix for Kubernetes, we include a mapping between the Microsoft matrix and MITRE ATT&CK techniques and mitigations, as displayed below in Figure 2. This can help organizations to efficiently use the two frameworks.<\/p>\n\n\n\n

\"A
Figure 2. Mapping to MITRE ATT&CK techniques<\/figcaption><\/figure>\n\n\n\n

MITRE ATT&CK matrix for containers does not have an equivalent technique for each of the techniques in the Microsoft threat matrix for Kubernetes. When there is no equivalent technique in the MITRE matrix, the Microsoft techniques might be mapped to a MITRE technique that is not part of MITRE\u2019s containers matrix but shares the same principle. For example, the Backdoor Container (MS-TA9012<\/a>) technique explains that attackers can use Kubernetes controllers (such as daemonsets) to run their code and survive reboots of the pods\\nodes. This is very similar to MITRE\u2019s Create or Modify System Process technique (T1543<\/a>), which is about using services\\daemons for the exact same purpose. Another example is the mapping between Malicious Admission Controller (MS-TA9015<\/a>) and MITRE\u2019s Event Triggered Execution. Although MITRE doesn\u2019t talk about containerized environment, those two techniques share the same idea. In cases when there is no matching MITRE technique with the same principle, the Microsoft technique will not point back to a MITRE technique.<\/p>\n\n\n\n

New techniques<\/h3>\n\n\n\n

The new version of the matrix also introduces two new techniques and additional re-categorization of existing techniques:<\/p>\n\n\n\n

    \n
  1. New technique: Static pods<\/strong><\/li>\n<\/ol>\n\n\n\n

    A persistence technique which allows attackers to deploy pods that aren\u2019t managed by the Kubernetes API server.<\/p>\n\n\n\n

      \n
    1. New technique: Collecting data from pod<\/strong><\/li>\n<\/ol>\n\n\n\n

      Kubernetes-native technique which allows attackers to extract data from running pods.<\/p>\n\n\n\n

        \n
      1. Extending existing technique: Container service account<\/strong><\/li>\n<\/ol>\n\n\n\n

        Attackers may create new service accounts or steal tokens of existing service accounts for future use from inside and outside the cluster. Therefore, we also added this technique to the persistence tactic.<\/p>\n\n\n\n

          \n
        1. Extending existing technique: Exposed sensitive interfaces<\/strong><\/li>\n<\/ol>\n\n\n\n

          Attackers may use management interfaces for discovery purposes, after gaining initial access to the cluster. By using the network reachability between pods, attackers can connect to management interfaces from the internal network, allowing them to get valuable information about the workload. Thus, we also added this technique to the discovery tactic.<\/p>\n\n\n\n

          \"Version
          Figure 3. New techniques and re-categorization of existing techniques<\/figcaption><\/figure>\n\n\n\n

          New web interface<\/h3>\n\n\n\n

          As new threats were added to the Kubernetes matrix and additional content was introduced, it became increasingly harder to effectively deliver the breadth of information included in the matrix as a blog post. Looking for ways to make it easier to use the Kubernetes threats and mitigations matrix as reference material for day-to-day security operations, we are releasing the matrix as a web site, shown in Figure 4 below.<\/p>\n\n\n\n

          The new version of the threat matrix for Kubernetes is now available at: http:\/\/aka.ms\/KubernetesThreatMatrix<\/a><\/p>\n\n\n\n

          \"The
          Figure 4. The new interface of the threat matrix for Kubernetes<\/figcaption><\/figure>\n\n\n\n

          The threat matrix for Kubernetes can help organizations to have visibility to the unique attack surface of Kubernetes and help them to measure their coverage to those threats. With the new mitigation section, organizations can now understand the measures required to prevent those threats.<\/p>\n\n\n\n

          Microsoft Defender for Cloud can help detect and mitigate threats in your Kubernetes environments. Learn more<\/a> about Microsoft Defender for Cloud support for container security.<\/p>\n","protected":false},"excerpt":{"rendered":"

          The updated threat matrix for Kubernetes comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats. <\/p>\n","protected":false},"author":153,"featured_media":125112,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3663],"topic":[3687],"products":[3690,3691],"threat-intelligence":[3738,3739],"tags":[],"coauthors":[2290,3512],"class_list":["post-125106","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-research","topic-threat-intelligence","products-microsoft-defender","products-microsoft-defender-for-cloud","threat-intelligence-threat-actors","threat-intelligence-vulnerabilities-and-exploits"],"yoast_head":"\nMitigate threats with the new threat matrix for Kubernetes | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mitigate threats with the new threat matrix for Kubernetes | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"The updated threat matrix for Kubernetes comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-07T17:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:06:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1707\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Yossi Weizman, Dotan Patrich\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Yossi Weizman, Dotan Patrich\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/yossi-weizman\/\",\"@type\":\"Person\",\"@name\":\"Yossi Weizman\"},{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/dotan-patrich\/\",\"@type\":\"Person\",\"@name\":\"Dotan Patrich\"}],\"headline\":\"Mitigate threats with the new threat matrix for Kubernetes\",\"datePublished\":\"2022-12-07T17:00:00+00:00\",\"dateModified\":\"2023-05-16T06:06:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\"},\"wordCount\":914,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\",\"name\":\"Mitigate threats with the new threat matrix for Kubernetes | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg\",\"datePublished\":\"2022-12-07T17:00:00+00:00\",\"dateModified\":\"2023-05-16T06:06:37+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg\",\"width\":2560,\"height\":1707,\"caption\":\"a person sitting at a table using a laptop computer\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mitigate threats with the new threat matrix for Kubernetes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mitigate threats with the new threat matrix for Kubernetes | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/","og_locale":"en_US","og_type":"article","og_title":"Mitigate threats with the new threat matrix for Kubernetes | Microsoft Security Blog","og_description":"The updated threat matrix for Kubernetes comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/","og_site_name":"Microsoft Security Blog","article_published_time":"2022-12-07T17:00:00+00:00","article_modified_time":"2023-05-16T06:06:37+00:00","og_image":[{"width":2560,"height":1707,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg","type":"image\/jpeg"}],"author":"Yossi Weizman, Dotan Patrich","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Yossi Weizman, Dotan Patrich","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/yossi-weizman\/","@type":"Person","@name":"Yossi Weizman"},{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/dotan-patrich\/","@type":"Person","@name":"Dotan Patrich"}],"headline":"Mitigate threats with the new threat matrix for Kubernetes","datePublished":"2022-12-07T17:00:00+00:00","dateModified":"2023-05-16T06:06:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/"},"wordCount":914,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/","name":"Mitigate threats with the new threat matrix for Kubernetes | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg","datePublished":"2022-12-07T17:00:00+00:00","dateModified":"2023-05-16T06:06:37+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/12\/Featured-image-scaled.jpg","width":2560,"height":1707,"caption":"a person sitting at a table using a laptop computer"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/12\/07\/mitigate-threats-with-the-new-threat-matrix-for-kubernetes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Mitigate threats with the new threat matrix for Kubernetes"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/125106"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/153"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=125106"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/125106\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/125112"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=125106"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=125106"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=125106"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=125106"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=125106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=125106"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=125106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}