{"id":48,"date":"2025-06-25T09:43:17","date_gmt":"2025-06-25T09:43:17","guid":{"rendered":"https:\/\/tham098.thamtuuytin.org\/?p=48"},"modified":"2025-06-25T09:43:17","modified_gmt":"2025-06-25T09:43:17","slug":"endpoint-detection-and-response-edr-detect-investigate-and-stop-cyber-threats-at-the-edge","status":"publish","type":"post","link":"https:\/\/tham098.thamtuuytin.org\/?p=48","title":{"rendered":"Endpoint Detection and Response (EDR): Detect, Investigate, and Stop Cyber Threats at the Edge"},"content":{"rendered":"<p data-start=\"396\" data-end=\"467\">In today\u2019s threat landscape, traditional antivirus is no longer enough.<\/p>\n<p data-start=\"469\" data-end=\"631\">Attackers now use advanced, stealthy techniques \u2014 like fileless malware, living-off-the-land binaries (LOLBins), and credential theft \u2014 to bypass legacy security.<\/p>\n<p data-start=\"633\" data-end=\"757\">This is why <strong data-start=\"645\" data-end=\"686\">Endpoint Detection and Response (EDR)<\/strong> has become a <strong data-start=\"700\" data-end=\"756\">must-have layer in any modern cybersecurity strategy<\/strong>.<\/p>\n<hr data-start=\"759\" data-end=\"762\" \/>\n<h2 data-start=\"764\" data-end=\"779\">What Is EDR?<\/h2>\n<p data-start=\"781\" data-end=\"863\"><strong data-start=\"781\" data-end=\"822\">Endpoint Detection and Response (EDR)<\/strong> is a cybersecurity solution designed to:<\/p>\n<ul data-start=\"865\" data-end=\"1013\">\n<li data-start=\"865\" data-end=\"911\">\n<p data-start=\"867\" data-end=\"911\"><strong data-start=\"867\" data-end=\"911\">Continuously monitor endpoint activities<\/strong><\/p>\n<\/li>\n<li data-start=\"912\" data-end=\"961\">\n<p data-start=\"914\" data-end=\"961\"><strong data-start=\"914\" data-end=\"961\">Detect and investigate threats in real time<\/strong><\/p>\n<\/li>\n<li data-start=\"962\" data-end=\"1013\">\n<p data-start=\"964\" data-end=\"1013\"><strong data-start=\"964\" data-end=\"1013\">Respond to incidents with speed and precision<\/strong><\/p>\n<\/li>\n<\/ul>\n<p data-start=\"1015\" data-end=\"1152\">EDR provides <strong data-start=\"1028\" data-end=\"1047\">deep visibility<\/strong> into what\u2019s happening on endpoints \u2014 and enables <strong data-start=\"1097\" data-end=\"1125\">proactive threat hunting<\/strong> and <strong data-start=\"1130\" data-end=\"1151\">rapid remediation<\/strong>.<\/p>\n<hr data-start=\"1154\" data-end=\"1157\" \/>\n<h2 data-start=\"1159\" data-end=\"1190\">Why EDR Is Essential in 2025<\/h2>\n<ul data-start=\"1192\" data-end=\"1527\">\n<li data-start=\"1192\" data-end=\"1252\">\n<p data-start=\"1194\" data-end=\"1252\"><strong data-start=\"1194\" data-end=\"1216\">Work-from-anywhere<\/strong> culture increases attack surfaces<\/p>\n<\/li>\n<li data-start=\"1253\" data-end=\"1310\">\n<p data-start=\"1255\" data-end=\"1310\"><strong data-start=\"1255\" data-end=\"1308\">Endpoints are the initial vector in most breaches<\/strong><\/p>\n<\/li>\n<li data-start=\"1311\" data-end=\"1384\">\n<p data-start=\"1313\" data-end=\"1384\"><strong data-start=\"1313\" data-end=\"1364\">Ransomware, zero-days, and supply chain attacks<\/strong> are more frequent<\/p>\n<\/li>\n<li data-start=\"1385\" data-end=\"1444\">\n<p data-start=\"1387\" data-end=\"1444\"><strong data-start=\"1387\" data-end=\"1442\">Legacy antivirus can\u2019t detect sophisticated threats<\/strong><\/p>\n<\/li>\n<li data-start=\"1445\" data-end=\"1527\">\n<p data-start=\"1447\" data-end=\"1527\"><strong data-start=\"1447\" data-end=\"1472\">Regulatory compliance<\/strong> requires real-time detection and response capabilities<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"1529\" data-end=\"1597\">EDR transforms endpoint security from <strong data-start=\"1567\" data-end=\"1579\">reactive<\/strong> to <strong data-start=\"1583\" data-end=\"1596\">proactive<\/strong>.<\/p>\n<hr data-start=\"1599\" data-end=\"1602\" \/>\n<h2 data-start=\"1604\" data-end=\"1636\">Key Features of EDR Platforms<\/h2>\n<ol data-start=\"1638\" data-end=\"2372\">\n<li data-start=\"1638\" data-end=\"1803\">\n<p data-start=\"1641\" data-end=\"1673\"><strong data-start=\"1641\" data-end=\"1671\">Real-Time Threat Detection<\/strong><\/p>\n<ul data-start=\"1677\" data-end=\"1803\">\n<li data-start=\"1677\" data-end=\"1740\">\n<p data-start=\"1679\" data-end=\"1740\">Monitor file executions, process behavior, registry changes<\/p>\n<\/li>\n<li data-start=\"1744\" data-end=\"1803\">\n<p data-start=\"1746\" data-end=\"1803\">Detect malware, exploits, lateral movement, and anomalies<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"1805\" data-end=\"1949\">\n<p data-start=\"1808\" data-end=\"1836\"><strong data-start=\"1808\" data-end=\"1834\">Forensic Investigation<\/strong><\/p>\n<ul data-start=\"1840\" data-end=\"1949\">\n<li data-start=\"1840\" data-end=\"1903\">\n<p data-start=\"1842\" data-end=\"1903\">Visualize attack chains (kill chains, MITRE ATT&amp;CK mapping)<\/p>\n<\/li>\n<li data-start=\"1907\" data-end=\"1949\">\n<p data-start=\"1909\" data-end=\"1949\">Identify root cause and affected systems<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"1951\" data-end=\"2101\">\n<p data-start=\"1954\" data-end=\"1978\"><strong data-start=\"1954\" data-end=\"1976\">Automated Response<\/strong><\/p>\n<ul data-start=\"1982\" data-end=\"2101\">\n<li data-start=\"1982\" data-end=\"2015\">\n<p data-start=\"1984\" data-end=\"2015\">Isolate compromised endpoints<\/p>\n<\/li>\n<li data-start=\"2019\" data-end=\"2067\">\n<p data-start=\"2021\" data-end=\"2067\">Kill malicious processes or quarantine files<\/p>\n<\/li>\n<li data-start=\"2071\" data-end=\"2101\">\n<p data-start=\"2073\" data-end=\"2101\">Trigger scripts or playbooks<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"2103\" data-end=\"2231\">\n<p data-start=\"2106\" data-end=\"2139\"><strong data-start=\"2106\" data-end=\"2137\">Threat Hunting Capabilities<\/strong><\/p>\n<ul data-start=\"2143\" data-end=\"2231\">\n<li data-start=\"2143\" data-end=\"2183\">\n<p data-start=\"2145\" data-end=\"2183\">Use behavioral queries (YARA, Sigma)<\/p>\n<\/li>\n<li data-start=\"2187\" data-end=\"2231\">\n<p data-start=\"2189\" data-end=\"2231\">Search for indicators of compromise (IOCs)<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<li data-start=\"2233\" data-end=\"2372\">\n<p data-start=\"2236\" data-end=\"2274\"><strong data-start=\"2236\" data-end=\"2272\">Integration with SIEM, SOAR, XDR<\/strong><\/p>\n<ul data-start=\"2278\" data-end=\"2372\">\n<li data-start=\"2278\" data-end=\"2332\">\n<p data-start=\"2280\" data-end=\"2332\">Share telemetry for broader detection and response<\/p>\n<\/li>\n<li data-start=\"2336\" data-end=\"2372\">\n<p data-start=\"2338\" data-end=\"2372\">Enable unified security visibility<\/p>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<hr data-start=\"2374\" data-end=\"2377\" \/>\n<h2 data-start=\"2379\" data-end=\"2410\">EDR vs Traditional Antivirus<\/h2>\n<div class=\"_tableContainer_16hzy_1\">\n<div class=\"_tableWrapper_16hzy_14 group flex w-fit flex-col-reverse\" tabindex=\"-1\">\n<table class=\"w-fit min-w-(--thread-content-width)\" data-start=\"2412\" data-end=\"3159\">\n<thead data-start=\"2412\" data-end=\"2517\">\n<tr data-start=\"2412\" data-end=\"2517\">\n<th data-start=\"2412\" data-end=\"2445\" data-col-size=\"sm\">Feature<\/th>\n<th data-start=\"2445\" data-end=\"2479\" data-col-size=\"sm\">Antivirus<\/th>\n<th data-start=\"2479\" data-end=\"2517\" data-col-size=\"sm\">EDR<\/th>\n<\/tr>\n<\/thead>\n<tbody data-start=\"2625\" data-end=\"3159\">\n<tr data-start=\"2625\" data-end=\"2731\">\n<td data-start=\"2625\" data-end=\"2657\" data-col-size=\"sm\">Detection method<\/td>\n<td data-start=\"2657\" data-end=\"2692\" data-col-size=\"sm\">Signature-based<\/td>\n<td data-start=\"2692\" data-end=\"2731\" data-col-size=\"sm\">Behavioral + heuristic + AI\/ML<\/td>\n<\/tr>\n<tr data-start=\"2732\" data-end=\"2838\">\n<td data-start=\"2732\" data-end=\"2764\" data-col-size=\"sm\">Real-time monitoring<\/td>\n<td data-start=\"2764\" data-end=\"2799\" data-col-size=\"sm\">Limited<\/td>\n<td data-start=\"2799\" data-end=\"2838\" data-col-size=\"sm\">Continuous<\/td>\n<\/tr>\n<tr data-start=\"2839\" data-end=\"2945\">\n<td data-start=\"2839\" data-end=\"2871\" data-col-size=\"sm\">Threat investigation<\/td>\n<td data-start=\"2871\" data-end=\"2906\" data-col-size=\"sm\">No<\/td>\n<td data-start=\"2906\" data-end=\"2945\" data-col-size=\"sm\">Yes<\/td>\n<\/tr>\n<tr data-start=\"2946\" data-end=\"3052\">\n<td data-start=\"2946\" data-end=\"2978\" data-col-size=\"sm\">Response automation<\/td>\n<td data-start=\"2978\" data-end=\"3013\" data-col-size=\"sm\">Minimal<\/td>\n<td data-start=\"3013\" data-end=\"3052\" data-col-size=\"sm\">Built-in<\/td>\n<\/tr>\n<tr data-start=\"3053\" data-end=\"3159\">\n<td data-start=\"3053\" data-end=\"3085\" data-col-size=\"sm\">Best for<\/td>\n<td data-start=\"3085\" data-end=\"3120\" data-col-size=\"sm\">Known threats<\/td>\n<td data-start=\"3120\" data-end=\"3159\" data-col-size=\"sm\">Advanced &amp; unknown threats<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"sticky end-(--thread-content-margin) h-0 self-end select-none\">\n<div class=\"absolute end-0 flex items-end\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<p data-start=\"3161\" data-end=\"3327\">EDR is often a <strong data-start=\"3176\" data-end=\"3201\">core component of XDR<\/strong> (Extended Detection and Response), providing deep endpoint-level data to correlate with network, cloud, and identity signals.<\/p>\n<hr data-start=\"3329\" data-end=\"3332\" \/>\n<h2 data-start=\"3334\" data-end=\"3362\">Top EDR Solutions in 2025<\/h2>\n<h3 data-start=\"3364\" data-end=\"3395\">1. <strong data-start=\"3371\" data-end=\"3393\">CrowdStrike Falcon<\/strong><\/h3>\n<ul data-start=\"3396\" data-end=\"3564\">\n<li data-start=\"3396\" data-end=\"3431\">\n<p data-start=\"3398\" data-end=\"3431\">Cloud-native, lightweight agent<\/p>\n<\/li>\n<li data-start=\"3432\" data-end=\"3463\">\n<p data-start=\"3434\" data-end=\"3463\">AI-powered threat detection<\/p>\n<\/li>\n<li data-start=\"3464\" data-end=\"3514\">\n<p data-start=\"3466\" data-end=\"3514\">Fast incident response and real-time telemetry<\/p>\n<\/li>\n<li data-start=\"3515\" data-end=\"3564\">\n<p data-start=\"3517\" data-end=\"3564\">Built-in threat hunting and identity protection<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"3566\" data-end=\"3569\" \/>\n<h3 data-start=\"3571\" data-end=\"3607\">2. <strong data-start=\"3578\" data-end=\"3605\">SentinelOne Singularity<\/strong><\/h3>\n<ul data-start=\"3608\" data-end=\"3766\">\n<li data-start=\"3608\" data-end=\"3645\">\n<p data-start=\"3610\" data-end=\"3645\">Autonomous EDR with AI\/ML engines<\/p>\n<\/li>\n<li data-start=\"3646\" data-end=\"3696\">\n<p data-start=\"3648\" data-end=\"3696\">On-device analysis without internet dependency<\/p>\n<\/li>\n<li data-start=\"3697\" data-end=\"3731\">\n<p data-start=\"3699\" data-end=\"3731\">Full attack story (Storyline\u2122)<\/p>\n<\/li>\n<li data-start=\"3732\" data-end=\"3766\">\n<p data-start=\"3734\" data-end=\"3766\">ActiveEDR for real-time response<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"3768\" data-end=\"3771\" \/>\n<h3 data-start=\"3773\" data-end=\"3817\">3. <strong data-start=\"3780\" data-end=\"3815\">Microsoft Defender for Endpoint<\/strong><\/h3>\n<ul data-start=\"3818\" data-end=\"3990\">\n<li data-start=\"3818\" data-end=\"3870\">\n<p data-start=\"3820\" data-end=\"3870\">Deeply integrated with Windows and Microsoft 365<\/p>\n<\/li>\n<li data-start=\"3871\" data-end=\"3926\">\n<p data-start=\"3873\" data-end=\"3926\">Threat analytics and attack surface reduction rules<\/p>\n<\/li>\n<li data-start=\"3927\" data-end=\"3963\">\n<p data-start=\"3929\" data-end=\"3963\">Powerful for hybrid environments<\/p>\n<\/li>\n<li data-start=\"3964\" data-end=\"3990\">\n<p data-start=\"3966\" data-end=\"3990\">Unified security console<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"3992\" data-end=\"3995\" \/>\n<h3 data-start=\"3997\" data-end=\"4028\">4. <strong data-start=\"4004\" data-end=\"4026\">Sophos Intercept X<\/strong><\/h3>\n<ul data-start=\"4029\" data-end=\"4166\">\n<li data-start=\"4029\" data-end=\"4071\">\n<p data-start=\"4031\" data-end=\"4071\">Combines EDR with anti-ransomware tech<\/p>\n<\/li>\n<li data-start=\"4072\" data-end=\"4107\">\n<p data-start=\"4074\" data-end=\"4107\">Exploit prevention and rollback<\/p>\n<\/li>\n<li data-start=\"4108\" data-end=\"4140\">\n<p data-start=\"4110\" data-end=\"4140\">Centralized cloud management<\/p>\n<\/li>\n<li data-start=\"4141\" data-end=\"4166\">\n<p data-start=\"4143\" data-end=\"4166\">Great for SMBs and MSPs<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4168\" data-end=\"4171\" \/>\n<h3 data-start=\"4173\" data-end=\"4208\">5. <strong data-start=\"4180\" data-end=\"4206\">Trend Micro Vision One<\/strong><\/h3>\n<ul data-start=\"4209\" data-end=\"4391\">\n<li data-start=\"4209\" data-end=\"4249\">\n<p data-start=\"4211\" data-end=\"4249\">EDR as part of extended XDR platform<\/p>\n<\/li>\n<li data-start=\"4250\" data-end=\"4308\">\n<p data-start=\"4252\" data-end=\"4308\">Correlates endpoint, email, server, and cloud activity<\/p>\n<\/li>\n<li data-start=\"4309\" data-end=\"4356\">\n<p data-start=\"4311\" data-end=\"4356\">Sandbox analysis and Zero Trust enforcement<\/p>\n<\/li>\n<li data-start=\"4357\" data-end=\"4391\">\n<p data-start=\"4359\" data-end=\"4391\">Advanced detection and analytics<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"4393\" data-end=\"4396\" \/>\n<h2 data-start=\"4398\" data-end=\"4430\">EDR Deployment Considerations<\/h2>\n<ul data-start=\"4432\" data-end=\"4761\">\n<li data-start=\"4432\" data-end=\"4508\">\n<p data-start=\"4434\" data-end=\"4508\"><strong data-start=\"4434\" data-end=\"4463\">Cloud-based vs on-premise<\/strong>: Cloud offers scale and simplified updates<\/p>\n<\/li>\n<li data-start=\"4509\" data-end=\"4567\">\n<p data-start=\"4511\" data-end=\"4567\"><strong data-start=\"4511\" data-end=\"4530\">Agent footprint<\/strong>: Ensure minimal performance impact<\/p>\n<\/li>\n<li data-start=\"4568\" data-end=\"4626\">\n<p data-start=\"4570\" data-end=\"4626\"><strong data-start=\"4570\" data-end=\"4587\">Compatibility<\/strong>: OS coverage (Windows, macOS, Linux)<\/p>\n<\/li>\n<li data-start=\"4627\" data-end=\"4697\">\n<p data-start=\"4629\" data-end=\"4697\"><strong data-start=\"4629\" data-end=\"4643\">Compliance<\/strong>: Meet regulatory logging and retention requirements<\/p>\n<\/li>\n<li data-start=\"4698\" data-end=\"4761\">\n<p data-start=\"4700\" data-end=\"4761\"><strong data-start=\"4700\" data-end=\"4722\">Skill requirements<\/strong>: Some EDRs require SOC-level expertise<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"4763\" data-end=\"4849\">Organizations must choose <strong data-start=\"4789\" data-end=\"4848\">based on environment size, maturity, and response needs<\/strong>.<\/p>\n<hr data-start=\"4851\" data-end=\"4854\" \/>\n<h2 data-start=\"4856\" data-end=\"4880\">Common EDR Challenges<\/h2>\n<div class=\"_tableContainer_16hzy_1\">\n<div class=\"_tableWrapper_16hzy_14 group flex w-fit flex-col-reverse\" tabindex=\"-1\">\n<table class=\"w-fit min-w-(--thread-content-width)\" data-start=\"4882\" data-end=\"5489\">\n<thead data-start=\"4882\" data-end=\"4967\">\n<tr data-start=\"4882\" data-end=\"4967\">\n<th data-start=\"4882\" data-end=\"4922\" data-col-size=\"sm\">Challenge<\/th>\n<th data-start=\"4922\" data-end=\"4967\" data-col-size=\"md\">Mitigation<\/th>\n<\/tr>\n<\/thead>\n<tbody data-start=\"5055\" data-end=\"5489\">\n<tr data-start=\"5055\" data-end=\"5141\">\n<td data-start=\"5055\" data-end=\"5095\" data-col-size=\"sm\">Too many alerts (false positives)<\/td>\n<td data-start=\"5095\" data-end=\"5141\" data-col-size=\"md\">Use AI tuning, behavioral baselines<\/td>\n<\/tr>\n<tr data-start=\"5142\" data-end=\"5228\">\n<td data-start=\"5142\" data-end=\"5182\" data-col-size=\"sm\">Lack of staff to investigate threats<\/td>\n<td data-start=\"5182\" data-end=\"5228\" data-col-size=\"md\">Enable managed detection &amp; response (MDR)<\/td>\n<\/tr>\n<tr data-start=\"5229\" data-end=\"5315\">\n<td data-start=\"5229\" data-end=\"5269\" data-col-size=\"sm\">Endpoint performance issues<\/td>\n<td data-start=\"5269\" data-end=\"5315\" data-col-size=\"md\">Select lightweight agents, optimize rules<\/td>\n<\/tr>\n<tr data-start=\"5316\" data-end=\"5402\">\n<td data-start=\"5316\" data-end=\"5356\" data-col-size=\"sm\">Data overload<\/td>\n<td data-start=\"5356\" data-end=\"5402\" data-col-size=\"md\">Integrate with SIEM\/XDR for correlation<\/td>\n<\/tr>\n<tr data-start=\"5403\" data-end=\"5489\">\n<td data-start=\"5403\" data-end=\"5443\" data-col-size=\"sm\">Limited visibility on BYOD devices<\/td>\n<td data-start=\"5443\" data-end=\"5489\" data-col-size=\"md\">Combine with MDM or endpoint hygiene tools<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"sticky end-(--thread-content-margin) h-0 self-end select-none\">\n<div class=\"absolute end-0 flex items-end\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<hr data-start=\"5491\" data-end=\"5494\" \/>\n<h2 data-start=\"5496\" data-end=\"5513\">Final Thoughts<\/h2>\n<p data-start=\"5515\" data-end=\"5653\">With cyberattacks becoming more targeted and evasive, <strong data-start=\"5569\" data-end=\"5610\">Endpoint Detection and Response (EDR)<\/strong> is no longer optional \u2014 it\u2019s foundational.<\/p>\n<p data-start=\"5655\" data-end=\"5830\">EDR equips security teams with <strong data-start=\"5686\" data-end=\"5750\">real-time visibility, advanced analytics, and rapid response<\/strong> capabilities \u2014 the key ingredients to <strong data-start=\"5789\" data-end=\"5829\">stopping breaches before they spread<\/strong>.<\/p>\n<p data-start=\"5832\" data-end=\"5939\">Whether you\u2019re defending 10 or 10,000 endpoints, EDR helps you stay ahead of today\u2019s ever-evolving threats.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In today\u2019s threat landscape, traditional antivirus is no longer enough. Attackers now use advanced, stealthy techniques \u2014 like fileless malware, living-off-the-land binaries (LOLBins), and credential theft \u2014 to bypass legacy security. This is why Endpoint Detection and Response (EDR) has&#8230; <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-48","post","type-post","status-publish","format-standard","hentry","category-tech"],"_links":{"self":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts\/48","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=48"}],"version-history":[{"count":1,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts\/48\/revisions"}],"predecessor-version":[{"id":49,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=\/wp\/v2\/posts\/48\/revisions\/49"}],"wp:attachment":[{"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=48"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=48"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tham098.thamtuuytin.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=48"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}