{"id":1775,"date":"2019-08-01T11:50:32","date_gmt":"2019-08-01T10:50:32","guid":{"rendered":"http:\/\/www.halkynconsulting.co.uk\/a\/?p=1775"},"modified":"2020-08-03T16:07:57","modified_gmt":"2020-08-03T15:07:57","slug":"incident-response-eradication","status":"publish","type":"post","link":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/","title":{"rendered":"Incident Response Phases &#8211; Eradication"},"content":{"rendered":"<p>In a <a href=\"https:\/\/www.halkynconsulting.co.uk\/a\/2019\/04\/incident-response-process-matters\/\" rel=\"noopener noreferrer\" target=\"_blank\">previous post<\/a> we discussed Incident Response (IR) processes and our preference is one that runs Preparation, Identification, Containment, Eradication, Recovery and Lessons Learned (PICERL). In this post, we are going to be looking a bit more into the Eradication phase of IR.<\/p>\n<figure id=\"attachment_1730\" aria-describedby=\"caption-attachment-1730\" style=\"width: 300px\" class=\"wp-caption alignleft\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"1730\" data-permalink=\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/04\/incident-response-process-matters\/picerl\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?fit=719%2C718&amp;ssl=1\" data-orig-size=\"719,718\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"Incident Response Process &#8211; PICERL\" data-image-description=\"&lt;p&gt;PICERL &#8211; Common incident response process \/ framework&lt;\/p&gt;\n\" data-image-caption=\"&lt;p&gt;PICERL &#8211; Common incident response process \/ framework&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?fit=300%2C300&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?fit=719%2C718&amp;ssl=1\" class=\"size-medium wp-image-1730\" src=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?resize=300%2C300&#038;ssl=1\" alt=\"Incident Response - PIC Eradication RL\" width=\"300\" height=\"300\" srcset=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?resize=300%2C300&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?resize=50%2C50&amp;ssl=1 50w, https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?resize=80%2C80&amp;ssl=1 80w, https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?w=719&amp;ssl=1 719w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" data-recalc-dims=\"1\" \/><figcaption id=\"caption-attachment-1730\" class=\"wp-caption-text\">PICERL &#8211; Common incident response process \/ framework<\/figcaption><\/figure>\n<p>If you&#8217;ve got this far, you have identified that an incident took place. Then you carried out an awesome investigation to understand what happened. Consequently, you were able to contain the attack. Now you need to get the attackers out. You need to eradicate them from your environment. <\/p>\n<h2>Eradication<\/h2>\n<p>Containment is a short term solution. Now we are looking at a long-term solution. In other words, we want to get the attacker completely out. In addition, we want to keep them out in the future. It is important to remember that every incident is different. As a result of this, eradication measures can vary wildly. This is a good example of why it is critically important to investigate well. You can&#8217;t eradicate the attacker&#8217;s access if you dont know how they got it.<\/p>\n<p>Sometimes you might manage this by simply deleting malware. In other incidents, you might need to completely rebuild the domain. Ultimately, you need to deal with the information you have and act decisively. Although speed of response matters, you must never, ever, be hasty.<\/p>\n<h3>Key Decisions<\/h3>\n<p>Previously we&#8217;ve talked about how important planning is. This is another phase where that is true. You cant plan the specific steps to be taken, but you can give guidance. For example, you need to give guidance on:<\/p>\n<ul>\n<li><strong>Confidence of Compromise<\/strong>. By this, it means how sure do you need to be that a specific device was compromised. Generally speaking, your investigators will never be 100% confident they have identified every compromised machine. You need to decide how to deal with &#8220;might&#8221; type statements. Often you will want to treat this as confirmed, but eradication can have a cost. For example, rebuilding takes time and resources. You can&#8217;t rebuild every time you find malware. As a result, you need a management decision in advance.<\/li>\n<li><strong>Rebuild, reinstall or remove<\/strong>. This seems simple but it isn&#8217;t. First, there is a difference in business impact. For example, simply deleting a virus is a lot cheaper than rebuilding an entire server. Next, it hinges on your risk tolerance. In general, you want to make sure your managers know this balance in advance.\t<\/li>\n<li><strong>Pace<\/strong>. Previously we&#8217;ve said about skipping containment. You cant skip eradication. If you do, you&#8217;ve ignored the incident. However, you do need to decide how fast you want to move. Remember the saying &#8220;<a href=\"https:\/\/en.wiktionary.org\/wiki\/more_haste,_less_speed\" rel=\"noopener noreferrer\" target=\"_blank\">More Haste, Less Speed<\/a>.&#8221; It really does apply in IR. If doing it completely is slow, that is still better.<\/li>\n<h2>Summary<\/h2>\n<p>As you can imagine, this is an important phase. You cant skip it. Also, you cant rush it. <\/p>\n<p>For these reasons, you need to build a methodological approach, then follow it.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Eradication is the fourth phase of the incident response cycle. This is the implementation of more permanent measures to get the attacker out of the network and keep them out.<\/p>\n","protected":false},"author":1,"featured_media":1730,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[5],"tags":[159,151,179,137,173],"class_list":["post-1775","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-cyber-security","tag-dfir","tag-eradication","tag-incident-response","tag-picerl","entry","has-media"],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Incident Response Phases - Eradication - Halkyn Security Blog<\/title>\n<meta name=\"description\" content=\"Eradication is the fourth phase of the incident response cycle. This is the implementation of long-term measures to get the attacker out.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Incident Response Phases - Eradication - Halkyn Security Blog\" \/>\n<meta property=\"og:description\" content=\"Eradication is the fourth phase of the incident response cycle. This is the implementation of long-term measures to get the attacker out.\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\" \/>\n<meta property=\"og:site_name\" content=\"Halkyn Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-08-01T10:50:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-03T15:07:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?fit=719%2C718&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"719\" \/>\n\t<meta property=\"og:image:height\" content=\"718\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Halkyn Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@HalkynSecurity\" \/>\n<meta name=\"twitter:site\" content=\"@HalkynSecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Halkyn Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\"},\"author\":{\"name\":\"Halkyn Security\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2\"},\"headline\":\"Incident Response Phases &#8211; Eradication\",\"datePublished\":\"2019-08-01T10:50:32+00:00\",\"dateModified\":\"2020-08-03T15:07:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\"},\"wordCount\":512,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"keywords\":[\"Cyber Security\",\"DFIR\",\"Eradication\",\"Incident Response\",\"PICERL\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\",\"name\":\"Incident Response Phases - Eradication - Halkyn Security Blog\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\"},\"datePublished\":\"2019-08-01T10:50:32+00:00\",\"dateModified\":\"2020-08-03T15:07:57+00:00\",\"description\":\"Eradication is the fourth phase of the incident response cycle. This is the implementation of long-term measures to get the attacker out.\",\"breadcrumb\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Halkyn Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Incident Response Phases &#8211; Eradication\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"name\":\"Halkyn Security Blog\",\"description\":\"Specialist Security &amp; Risk Management Consultants\",\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\",\"name\":\"Halkyn Consulting\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"width\":\"990\",\"height\":\"170\",\"caption\":\"Halkyn Consulting\"},\"image\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/2329571\",\"https:\/\/twitter.com\/HalkynSecurity\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2\",\"name\":\"Halkyn Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g\",\"caption\":\"Halkyn Security\"},\"description\":\"Halkyn Security Consultants.\",\"sameAs\":[\"http:\/\/www.halkynconsulting.co.uk\/\"],\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/author\/halkyn-consulting\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Incident Response Phases - Eradication - Halkyn Security Blog","description":"Eradication is the fourth phase of the incident response cycle. This is the implementation of long-term measures to get the attacker out.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/","og_locale":"en_GB","og_type":"article","og_title":"Incident Response Phases - Eradication - Halkyn Security Blog","og_description":"Eradication is the fourth phase of the incident response cycle. This is the implementation of long-term measures to get the attacker out.","og_url":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/","og_site_name":"Halkyn Security Blog","article_published_time":"2019-08-01T10:50:32+00:00","article_modified_time":"2020-08-03T15:07:57+00:00","og_image":[{"width":719,"height":718,"url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?fit=719%2C718&ssl=1","type":"image\/png"}],"author":"Halkyn Security","twitter_card":"summary_large_image","twitter_creator":"@HalkynSecurity","twitter_site":"@HalkynSecurity","twitter_misc":{"Written by":"Halkyn Security","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#article","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/"},"author":{"name":"Halkyn Security","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2"},"headline":"Incident Response Phases &#8211; Eradication","datePublished":"2019-08-01T10:50:32+00:00","dateModified":"2020-08-03T15:07:57+00:00","mainEntityOfPage":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/"},"wordCount":512,"commentCount":0,"publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"keywords":["Cyber Security","DFIR","Eradication","Incident Response","PICERL"],"articleSection":["Security"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/","url":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/","name":"Incident Response Phases - Eradication - Halkyn Security Blog","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website"},"datePublished":"2019-08-01T10:50:32+00:00","dateModified":"2020-08-03T15:07:57+00:00","description":"Eradication is the fourth phase of the incident response cycle. This is the implementation of long-term measures to get the attacker out.","breadcrumb":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2019\/08\/incident-response-eradication\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Halkyn Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/"},{"@type":"ListItem","position":2,"name":"Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Incident Response Phases &#8211; Eradication"}]},{"@type":"WebSite","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","name":"Halkyn Security Blog","description":"Specialist Security &amp; Risk Management Consultants","publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization","name":"Halkyn Consulting","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","width":"990","height":"170","caption":"Halkyn Consulting"},"image":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/2329571","https:\/\/twitter.com\/HalkynSecurity"]},{"@type":"Person","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2","name":"Halkyn Security","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g","caption":"Halkyn Security"},"description":"Halkyn Security Consultants.","sameAs":["http:\/\/www.halkynconsulting.co.uk\/"],"url":"http:\/\/www.halkynconsulting.co.uk\/a\/author\/halkyn-consulting\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2019\/04\/PICERL.png?fit=719%2C718&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9yHvD-sD","jetpack_likes_enabled":false,"_links":{"self":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/1775","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/comments?post=1775"}],"version-history":[{"count":5,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/1775\/revisions"}],"predecessor-version":[{"id":1780,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/1775\/revisions\/1780"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media\/1730"}],"wp:attachment":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media?parent=1775"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/categories?post=1775"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/tags?post=1775"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}