{"id":12054,"date":"2020-08-24T11:37:22","date_gmt":"2020-08-24T06:07:22","guid":{"rendered":"https:\/\/www.getastra.com\/blog\/?p=12054"},"modified":"2025-10-30T17:44:15","modified_gmt":"2025-10-30T12:14:15","slug":"how-to-conduct-saas-security-audit","status":"publish","type":"post","link":"https:\/\/www.getastra.com\/blog\/security-audit\/how-to-conduct-saas-security-audit\/","title":{"rendered":"How to Conduct a SaaS Security Audit in 7 Easy Steps"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">SaaS security audits are becoming increasingly important as hackers find clever new ways to exploit websites and applications\u2014especially those of small and medium businesses.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Unfortunately, such businesses are often easy targets for people with malicious intentions, as their security practices are not paid much attention to or ignored altogether.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"what-is-a-saas-security-audit\"><span class=\"ez-toc-section\" id=\"What_is_a_SaaS_Security_Audit\"><\/span>What is a SaaS Security Audit?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A SaaS security audit is a comprehensive assessment that examines various aspects of a SaaS platform, including employee security awareness, data protection measures, application security, and compliance with industry standards to identify potential CVEs that malicious actors could exploit and recommend corrective actions to strengthen the platform&#8217;s overall security.<\/p>\n\n\n<style>\n.newctaWrapper{\n  background-color: #f8f2e4;\n  padding: 40px;\n  border-radius: 10px;\n  margin: 20px 0px;\n}\n.ctaHead{\n  display: flex;\n  align-items: center;\n  grid-gap: 1rem;\n}\n.newctaHeading{\n  font-size: 36px;\n  font-weight: 600;\n  line-height: 1.1;\n  margin-bottom: 0px;\n  color: #403F3E;\n}\n.spanBold{\n  color: #164DB3;\n  font-weight: 700;\n}\n.ctaOne{\n  text-decoration: none;\n  background-color: #2F76F8;\n  color: #ffffff!important;\n  padding: 10px 25px;\n  border-radius: 6px;\n  font-weight: 600;\n}\n.ctaOne:hover{\n  color:#fff;\n}\n.ctaTwo{\n  text-decoration: none;\n  background-color: #24BC94;\n  color: #ffffff!important;\n  padding: 10px 25px;\n  border-radius: 6px;\n  font-weight: 600;\n}\n.ctaTwo:hover{\n  color:#fff;\n}\n.ctaBody{\n  padding-top: 40px;\n  display: flex;\n  align-items: flex-end;\n  grid-gap: 1rem;\n}\n.ctoImg{\n  height: 310px;\n  width: 300px;\n}\n@media(max-width: 768px){\n}\n\n@media(max-width: 576px){\n  .ctaBody{\n    flex-direction: column;\n  }\n  .ctoImg{\n     display: none;\n  }\n<\/style>\n<div class=\"newctaWrapper\">\n<div class=\"ctaHead\"><img loading=\"lazy\" decoding=\"async\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/08\/ceb80994-shield.png\" alt=\"shield\" width=\"58\" height=\"62\" \/>\n<p class=\"newctaHeading\">What Makes Astra the Best VAPT Solution?<\/p>\n\n<\/div>\n<div class=\"ctaBody\">\n<div>\n<ul style=\"margin: 0px 25px 25px;\">\n \t<li>We\u2019re the only company that\u00a0<span class=\"spanBold\">combines automated &amp; manual pentest<\/span>\u00a0to create a one-of-a-kind pentest platform.<\/li>\n \t<li>The Astra Vulnerability Scanner runs <span class=\"spanBold\">10,000+ tests<\/span> to uncover every single vulnerability<\/li>\n \t<li>Vetted scans ensure<span class=\"spanBold\">\u00a0zero false positives.<\/span><\/li>\n \t<li>Our intelligent <span class=\"spanBold\">vulnerability scanner emulates hacker behavior<\/span>\u00a0&amp; evolves with every pentest.<\/li>\n \t<li>Astra\u2019s scanner helps you shift left by integrating with your CI\/CD.<\/li>\n \t<li>Our platform helps you\u00a0<span class=\"spanBold\">uncover, manage &amp; fix<\/span>\u00a0vulnerabilities in one place.<\/li>\n \t<li>Trusted by the brands\u00a0<span class=\"spanBold\">you trust<\/span>\u00a0like Agora, Spicejet, Muthoot, Dream11, etc.<\/li>\n<\/ul>\n<div class=\"ctaHead\"><a class=\"ctaOne\" href=\"https:\/\/astra.sh\/681d8\" target=\"_blank\" rel=\"noopener\">Let\u2019s Talk<\/a>\n<a class=\"ctaTwo\" href=\"https:\/\/astra.sh\/rK6rl\" target=\"_blank\" rel=\"noopener\">Get Started<\/a><\/div>\n<\/div>\n<div><img decoding=\"async\" class=\"ctoImg\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/08\/b262d665-cto.png\" alt=\"cto\" width=\"\" \/><\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\" id=\"how-can-you-conduct-a-saas-security-audit\"><span class=\"ez-toc-section\" id=\"How_can_you_Conduct_a_SaaS_Security_Audit\"><\/span>How can you Conduct a SaaS Security Audit?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">There are a few things to do before you conduct an audit &#8211; namely, do some preliminary research about your platform and make sure that your platform meets the <a aria-label=\" (opens in a new tab)\" class=\"rank-math-link\" href=\"https:\/\/uit.stanford.edu\/cloud-transformation\/saas-considerations\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">SaaS Considerations<\/a>. Then, you can follow these broad categories as convenient:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"2048\" height=\"1536\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/09\/416c1633-saas-security-audit-process.png\" alt=\"SaaS Security Audit Process\" class=\"wp-image-34633\" srcset=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/09\/416c1633-saas-security-audit-process.png 2048w, \/cdn-cgi\/image\/width=1536,height=1152,fit=crop,quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/09\/416c1633-saas-security-audit-process.png 1536w\" sizes=\"auto, (max-width: 2048px) 100vw, 2048px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"1-make-sure-your-employees-are-security-smart\">1. Make Sure Your Employees are Security Smart<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The security practices of your organization&#8217;s employees make a world of difference to your overall security. <span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\">Ensuring that every person has their own accounts (following the&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Principle_of_least_privilege\" target=\"_blank\" rel=\"noopener\">principle of least privilege<\/a>&nbsp;to decide how to assign permissions), using strong passwords regularly changed, and using two-factor authentication.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Finding out how security-aware your team is a good foundation for a <a href=\"https:\/\/www.getastra.com\/blog\/security-audit\/saas-security-guide\/\" data-type=\"link\" data-id=\"https:\/\/www.getastra.com\/blog\/security-audit\/saas-security-guide\/\">SaaS security<\/a>. This can also help you decide whether you need to conduct specialized security awareness sessions for your employees.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"2-assessing-your-customers\">2. Assessing Your Customers<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\" id=\"fcb9\">Protecting your customers is essential. Making sure your customers are security-aware can help them better deal with security incidents. You can also enforce two-factor authentication to uphold security.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Assessing your customers&#8217; awareness during a <a href=\"https:\/\/www.getastra.com\/blog\/security-audit\/saas-security-assessment\/\">SaaS security assessment<\/a> would help paint a clearer picture of your security scenario.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2021\/06\/Astra-Pentest-Dashboard-1.png\" alt=\"Astra pentest platform\" class=\"wp-image-14798\"\/><figcaption class=\"wp-element-caption\"><strong><em>Image: SaaS security testing with Astra<\/em><\/strong><\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"3-making-sure-data-is-protected\">3. Making Sure Data is Protected<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Data is next, one of the most critical components of a SaaS security audit. Data is usually in one of three states, each with a different level of vulnerability and needing to be secured differently.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"1-data-at-rest\">1. <strong>Data at Rest<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Data stored on your cloud is at rest, a relatively secure state. Information is primarily protected by defenses such as firewalls and anti-virus programs. However, you would need additional layers of defense to protect sensitive data from intruders in the event of a hack.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Another good security practice is storing individual data elements in separate locations to decrease the likelihood of attackers gaining access to all information simultaneously.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"2-data-being-used\">2. <strong>Data Being Used<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Data that you\u2019re currently using is more vulnerable than data at rest because, by definition, it must be accessible to those who need it. The more people and devices that have access to the data, the greater is the risk that it can be compromised. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The key to securing data is to authenticate and control who has access to it. Ensure you can track and report any relevant activity that might mean your data is in danger.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"3-data-in-transit\">3. <strong>Data in Transit<\/strong><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Data is at its most vulnerable when it is in motion. Anyone with the right tools can intercept your data from source to destination. The best way to ensure your data remains confidential is to transmit it through an encryption platform that integrates with your existing systems and workflows.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In addition to the above points, you might want to ensure the following too:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data is validated and sanitized upon entry<\/strong><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\"><strong>.&nbsp;<\/strong>Data that has not been validated or sanitized can lead to many dangerous attacks, most commonly<\/span> injection attacks. Make sure you check this during your audit. <\/li>\n\n\n\n<li><strong>All data is encrypted:<\/strong> All data coming in and going out must be segregated meaningfully and encrypted separately and securely. The encryption keys must also be handled carefully. <\/li>\n\n\n\n<li><strong>Data is protected and has a well-tested recovery plan:<\/strong> Data security must be carefully monitored. Even in the case of data loss, you should have a great, foolproof Incident Response plan.<\/li>\n\n\n\n<li><strong>There is a strict data retention policy<\/strong><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\"><strong>.<\/strong>&nbsp;This is extremely important. By doing so, you free up space for your backups and make<\/span> your users feel more secure sharing their data with you. You can&#8217;t lose it if you don&#8217;t have it.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"4-following-secure-coding-and-secure-software-development-life-cycles\">4. Following Secure Coding and Software Development Life Cycles<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Your code is one of the most essential facets of your security, so assess it during your SaaS security audit. Secure code definitely helps take your security to the next level. By shifting the security earlier to the development stage, you can easily detect potential vulnerabilities or weaknesses in your applications early in the life cycle and build a secure application.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To effectively measure code quality, one needs to look at it under four measures: reliability, efficiency, security, and maintainability. Following are some points you should keep in mind while evaluating your code:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"1-reliability\">1. Reliability<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Protect state in multi-threaded code.<\/li>\n\n\n\n<li>Check inheritance and polymorphism usage.<\/li>\n\n\n\n<li>Analyze resource management and complex code.<\/li>\n\n\n\n<li>Assess resource allocation and timeouts.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"2-efficiency\">2. Efficiency<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Adhere to OOP best practices.<\/li>\n\n\n\n<li>Use optimal database and SQL practices.<\/li>\n\n\n\n<li>Avoid expensive computations in loops.<\/li>\n\n\n\n<li>Analyze static vs. connection pools.<\/li>\n\n\n\n<li>Implement effective garbage collection.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"3-security\">3. Security<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Check for the use of hard-coded credentials.<\/li>\n\n\n\n<li>Look for any buffer overflows.<\/li>\n\n\n\n<li>Look for missing initializations.<\/li>\n\n\n\n<li>Validate all array indices properly.<\/li>\n\n\n\n<li>Ensure proper locking.<\/li>\n\n\n\n<li>Check for uncontrolled format strings.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"4-maintainability\">4. Maintainability<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Make sure the code is well-structured.<\/li>\n\n\n\n<li>Analyze the cyclomatic complexity.<\/li>\n\n\n\n<li>Analyze the level of dynamic coding.<\/li>\n\n\n\n<li>Control over-parameterization of methods.<\/li>\n\n\n\n<li>Look for any complex coding of literals.<\/li>\n\n\n\n<li>Check and manage excessive component size.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"a77e\">5. Ensure that Applications are Deployed Safely<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Another great place to audit is the platform used to deploy your application. Established SaaS vendors like Amazon and Google go to great lengths to ensure security, and you can also create a checklist to ensure that appropriate safety measures are taken and safety standards are followed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"6-ensure-compliance-of-standards\">6. Ensure Compliance with Standards<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Make sure your application complies with well-known security standards. You can create a checklist of all the compliances and check and test them accordingly\u2014this may even help set a procedure for conducting your SaaS security audit.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You can also get a professional security team to conduct a security audit. Astra Security&#8217;s engineers quickly audit your application and help your development team patch it. At the end of the process, you are issued a safe-to-host certificate that you can proudly display. After all, such a secure application does call for some bragging!<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"7-invest-in-security-resources\">7. Invest in Security Resources<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Whether in-house or external professionals like <a href=\"https:\/\/www.getastra.com\/saas-vapt\">Astra Security<\/a> to conduct your SaaS security audits, investing in security teams is always a good idea (not just hassle-free), and it is one of the only tried-and-true methods to ensure you never get hacked.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2020\/04\/VAPTSecurityProcess1_5ad6c1a89ad381b114a7759f69cf1426_800.png\" alt=\"Website VAPT Process\" class=\"wp-image-10128\"\/><figcaption class=\"wp-element-caption\">Astra&#8217;s VAPT Process<\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\">With<\/span> round-the-clock professional support, you can rest easy knowing you&#8217;re in good hands.<\/p>\n\n\n<style>\n\n.ctaaBlockchainWrap{\n  padding:35px;\n  border: 6px;\n  background-image: url('https:\/\/cdn-blog.getastra.com\/2024\/09\/4ac747ff-greenbg.png');\n  background-size: cover;\n  background-repeat: no-repeat;\n  position: relative;\n  background-position: right;\n  height: 100%;\n  border-radius: 10px;\n  margin: 20px 0px; \n}\n\n.pentestHeading{\n  color: #575757;\n  font-size: 24px;\n  font-weight: 600;\n  color: #575757;\n  max-width: 450px;\n}\n\n.ctaaBlockchainHead {\n    display: flex;\n    align-items: center;\n    grid-gap: 1rem;\n}\n\n.ctaOne {\n    text-decoration: none;\n    background-color: #2F76F8;\n    color: #ffffff !important;\n    padding: 10px 25px;\n    border-radius: 6px;\n    font-weight: 600;\n}\n\n.ctaTwo {\n    text-decoration: none;\n    background-color: #24BC94;\n    color: #ffffff !important;\n    padding: 10px 25px;\n    border-radius: 6px;\n    font-weight: 600;\n}\n\n.spanBoldBlue {\n    color: #3078FE;\n    font-weight: 700;\n}\n\n.ctaaBlockchainImg{\n  position: absolute;\n  bottom: 0px;\n  right: 10px;\n  height: 250px;\n  width: 240px;\n}\n\n@media(max-width: 768px){\n\n}\n\n@media(max-width: 576px){\n   .pentestHeading{\n      font-size: 28px;\n    }\n\n   .ctaaBlockchainImg{\n     display: none;\n   }\n}\n\n<\/style>\n\n<div class=\"ctaaBlockchainWrap\">\n  <p class=\"pentestHeading\">No other pentest product combines <span class=\"spanBoldBlue\">automated scanning + expert guidance like we do.<\/span> <\/p>\n  <p style=\"font-size: 16px; line-height: 1.5;\">Discuss your security <br \/> needs &#038; get started today!<\/p>\n\n  <div class=\"ctaaBlockchainHead\">\n    <a href=\"\/contact-us\" class=\"ctaOne\">Schedule your call<\/a>\n  <\/div>\n\n  <img decoding=\"async\" src=\"\/cdn-cgi\/image\/quality=80,format=auto,onerror=redirect,metadata=none\/https:\/\/cdn-blog.getastra.com\/2024\/09\/4b5722b6-girlone.png\" alt=\"character\" class=\"ctaaBlockchainImg\" \/>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\" id=\"saas-security-audit-conclusion\"><span class=\"ez-toc-section\" id=\"Final_Thoughts\"><\/span>Final Thoughts<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\" id=\"isPasted\">By implementing robust security measures, educating employees and customers, and investing in security resources, you can effectively protect your sensitive data and mitigate the risks associated with data breaches.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A comprehensive 7-step SaaS security audit serves as a proactive measure to identify and address vulnerabilities, ensuring compliance with industry standards and fostering trust among customers while minimizing financial losses.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"FAQs\"><\/span>FAQs<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1727682829791\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \">How to assess SaaS security?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>To assess SaaS security, evaluate the provider&#8217;s security certifications, data privacy policies, incident response plans, and customer support. Additionally, consider the SaaS&#8217;s compliance with relevant industry regulations and if it offers features like multi-factor authentication, encryption, and regular <a href=\"https:\/\/www.getastra.com\/blog\/security-audit\/security-audits\/\" data-type=\"link\" data-id=\"https:\/\/www.getastra.com\/blog\/security-audit\/security-audits\/\">security audits<\/a>.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1727682835068\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \">How to do a SaaS audit?<\/h3>\n<div class=\"rank-math-answer \">\n\n<p>A SaaS audit assesses a SaaS provider&#8217;s security, compliance, and performance. It involves reviewing contracts, security policies, and data privacy practices. Additionally, it may include testing the provider&#8217;s systems for vulnerabilities and assessing their disaster recovery plans.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>It&#8217;s true &#8211; even the pandemic has not been able to slow down the terrifying rate at which more people are being hacked &#8211; in fact, since the world has had to move online, there have been more hacks. This means that everyone has to learn about good security practices to stay safe online. One such practice is to conduct regular security audits &#8211; read on to find out how you can do it yourself for your SaaS application.<\/p>\n","protected":false},"author":89,"featured_media":34632,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[340],"tags":[620],"class_list":["post-12054","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-audit","tag-saas-security-issues"],"_links":{"self":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/12054","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/users\/89"}],"replies":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/comments?post=12054"}],"version-history":[{"count":13,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/12054\/revisions"}],"predecessor-version":[{"id":42926,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/posts\/12054\/revisions\/42926"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/media\/34632"}],"wp:attachment":[{"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/media?parent=12054"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/categories?post=12054"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.getastra.com\/blog\/wp-json\/wp\/v2\/tags?post=12054"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}