{"id":21948,"date":"2026-07-09T11:00:00","date_gmt":"2026-07-09T11:00:00","guid":{"rendered":"https:\/\/www.securitytoday.de\/2026\/07\/09\/what-is-siem-definition-benefits-limitations\/"},"modified":"2026-07-11T06:36:51","modified_gmt":"2026-07-11T06:36:51","slug":"what-is-siem-definition-benefits-limitations","status":"publish","type":"post","link":"https:\/\/www.securitytoday.de\/en\/2026\/07\/09\/what-is-siem-definition-benefits-limitations\/","title":{"rendered":"What Is SIEM? Definition, Benefits, and Limitations"},"content":{"rendered":"<div class=\"st-definition\">\n<p><strong>What is a SIEM?<\/strong> A SIEM (Security Information and Event Management) collects security-relevant logs from networks, endpoints, cloud services and applications in a central location, brings them into a uniform format and links them rule-based. When suspicious patterns occur, it triggers alarms and generates evidence for audits. It is the technical basis for detection, but does not replace the team that operates it.<\/p>\n<\/div>\n<div style=\"background:#003340;color:#fff;padding:32px 36px;margin:32px 0;border-radius:8px;\">\n<p style=\"margin:0 0 18px 0;font-size:0.95em;font-weight:800;text-transform:uppercase;letter-spacing:0.2em;color:#69d8ed;border-bottom:2px solid rgba(105,216,237,0.25);padding-bottom:12px;\">Key Takeaways<\/p>\n<ul style=\"margin:0;padding-left:22px;color:rgba(255,255,255,0.92);line-height:1.6;\">\n<li style=\"margin-bottom:10px;\"><strong style=\"color:#69d8ed;\">Core Function:<\/strong> Collect, Normalize, Correlate, Alert. Correlation across source boundaries is the true value.<\/li>\n<li style=\"margin-bottom:10px;\"><strong style=\"color:#69d8ed;\">Tool, not organization:<\/strong> The SIEM is the software. The SOC is the team that evaluates the alerts. One without the other falls far short of its potential.<\/li>\n<li style=\"margin-bottom:10px;\"><strong style=\"color:#69d8ed;\">Cost Driver:<\/strong> Licensing is often based on data volume, also on event rate, devices or users. Any log source without a defined detection purpose costs money without benefit.<\/li>\n<li style=\"margin-bottom:10px;\"><strong style=\"color:#69d8ed;\">Regulation:<\/strong> Neither NIS2 nor DORA mandates a SIEM. Both require detection and evidence, for which it is the most common tool.<\/li>\n<li style=\"margin-bottom:0;\"><strong style=\"color:#69d8ed;\">Trend:<\/strong> Cloud-native SIEM services shift the infrastructure, the core logic remains. EDR and XDR complement endpoint depth.<\/li>\n<\/ul>\n<\/div>\n<h2>What a SIEM actually means<\/h2>\n<p>The difference between a log server and a SIEM rests on a single word: correlation. A log server simply gathers and stores data, while a SIEM correlates events. Ten failed login attempts on a device are ten separate incidents. Only a correlation rule that links those same login attempts with a port scan from the same source address and an unusual data outflow a few minutes later turns them into an alert that wakes up an analyst.<\/p>\n<p>For this to work, the various sources must first speak the same language. Windows event logs, Linux syslog, firewall logs and cloud audit trails arrive in different formats. Normalizing them into a common schema is the step that projects most often underestimate.<\/p>\n<p>Beyond detection, a SIEM carries a second pillar: proof of compliance. Stored and analyzable logs provide auditors with evidence of what happened and when. For financial firms subject to DORA (Digital Operational Resilience Act) and operators covered by NIS2 (Network and Information Systems Directive), this is a crucial component of the value proposition.<\/p>\n<h2>When a SIEM Matters<\/h2>\n<p>Once IT complexity reaches a mid\u2011level, manual log review becomes impractical: multiple sites, hybrid cloud environments, and a growing device count. A SIEM streamlines this process. For CISOs, budget planning involves not just licensing but also the operational model: who evaluates the alerts and within what timeframe? Without that answer, even the best system generates nothing but noise.<\/p>\n<p>For analysts, the SIEM is the first triage tool. Alert quality hinges critically on data quality, normalization, and detection logic. Poorly calibrated rules cause alert fatigue, where genuine incidents get lost in the noise. Tuning therefore becomes an ongoing task, not a one\u2011off project.<\/p>\n<h2>What Companies Must Verify Now<\/h2>\n<p>Before any implementation or expansion, the use\u2011case mindset takes hold: defined detection scenarios instead of log hoarding. Whoever pinpoints which attacks to monitor first can bind only the necessary data sources and thus keep costs under control.<\/p>\n<div data-element=\"checklist\" style=\"background:#23261f;border:1px solid rgba(105,216,237,0.22);border-radius:10px;padding:22px 24px;margin:32px 0;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 2px 10px rgba(0,0,0,0.22);\">\n<p style=\"margin:0 0 12px;font-family:'IBM Plex Mono',ui-monospace,SFMono-Regular,monospace;font-size:0.72em;letter-spacing:0.12em;text-transform:uppercase;color:#69d8ed;\">CHECK NOW<\/p>\n<ul style=\"margin:0;padding-left:0;list-style:none;\">\n<li style=\"margin:0 0 10px;padding-left:26px;position:relative;color:#e6e3da;line-height:1.5;\"><span style=\"position:absolute;left:0;color:#69d8ed;\">&#10003;<\/span>Use-Case Inventory: document prioritized concrete detection scenarios<\/li>\n<li style=\"margin:0 0 10px;padding-left:26px;position:relative;color:#e6e3da;line-height:1.5;\"><span style=\"position:absolute;left:0;color:#69d8ed;\">&#10003;<\/span>Measure data volumes: what is generated today and what of that is needed for detection<\/li>\n<li style=\"margin:0 0 10px;padding-left:26px;position:relative;color:#e6e3da;line-height:1.5;\"><span style=\"position:absolute;left:0;color:#69d8ed;\">&#10003;<\/span>Understand licensing model: where is the next cost threshold at volume<\/li>\n<li style=\"margin:0 0 10px;padding-left:26px;position:relative;color:#e6e3da;line-height:1.5;\"><span style=\"position:absolute;left:0;color:#69d8ed;\">&#10003;<\/span>Define operating model: who responds to alerts, around the clock or during business hours<\/li>\n<li style=\"margin:0 0 10px;padding-left:26px;position:relative;color:#e6e3da;line-height:1.5;\"><span style=\"position:absolute;left:0;color:#69d8ed;\">&#10003;<\/span>Clarify EDR\u2011 and XDR\u2011integration: does endpoint telemetry flow into the SIEM or run separately<\/li>\n<\/ul>\n<\/div>\n<h2>Distinguishing Related Concepts<\/h2>\n<p>SIEM (Security Information and Event Management), SOC (Security Operations Center), EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response) are often lumped together in the market. This overview separates the layers.<\/p>\n<div data-element=\"comparison_table\" style=\"overflow-x:auto;-webkit-overflow-scrolling:touch;margin:28px 0;\">\n<table style=\"width:100%;min-width:640px;border-collapse:collapse;font-size:0.92em;\">\n<thead>\n<tr style=\"border-bottom:2px solid #69d8ed;\">\n<th style=\"text-align:left;padding:12px 14px;color:#e6e3da;\">Term<\/th>\n<th style=\"text-align:left;padding:12px 14px;color:#e6e3da;\">Layer<\/th>\n<th style=\"text-align:left;padding:12px 14px;color:#e6e3da;\">Core Function<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr style=\"border-bottom:1px solid rgba(230,227,218,0.12);\">\n<td style=\"padding:11px 14px;color:#e6e3da;\">SIEM (Security Information and Event Management)<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Tool<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Collect, correlate, alert, and document<\/td>\n<\/tr>\n<tr style=\"border-bottom:1px solid rgba(230,227,218,0.12);\">\n<td style=\"padding:11px 14px;color:#e6e3da;\">SOC (Security Operations Center)<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Organization<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Evaluate alerts, handle incidents<\/td>\n<\/tr>\n<tr style=\"border-bottom:1px solid rgba(230,227,218,0.12);\">\n<td style=\"padding:11px 14px;color:#e6e3da;\">EDR (Endpoint Detection and Response)<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Tool<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Deep telemetry and response at the endpoint<\/td>\n<\/tr>\n<tr style=\"border-bottom:1px solid rgba(230,227,218,0.12);\">\n<td style=\"padding:11px 14px;color:#e6e3da;\">XDR (Extended Detection and Response)<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Tool<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Correlation across endpoint, network, cloud, and identity<\/td>\n<\/tr>\n<tr style=\"\">\n<td style=\"padding:11px 14px;color:#e6e3da;\">Log Management<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Tool<\/td>\n<td style=\"padding:11px 14px;color:#e6e3da;\">Collecting and storing without security correlation<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>How endpoint detection and extended correlation interact is explored in the encyclopedia entry <a href=\"https:\/\/www.securitytoday.de\/en\/2026\/07\/10\/edr-vs-xdr-definition-key-differences\/\">What are EDR and XDR?<\/a>. The architectural perspective for mid-market companies provides <a href=\"https:\/\/www.securitytoday.de\/en\/2026\/04\/26\/itdr-joins-siem-and-edr-detection-architecture-2026\/\">ITDR alongside SIEM and EDR<\/a>.<\/p>\n<h2 style=\"padding-top:64px;margin-bottom:20px;\">Frequently Asked Questions<\/h2>\n<p class=\"st-faq-hint\">Every question is locked. A tap unlocks the answer.<\/p>\n<details>\n<summary><strong>What is the difference between SIEM and SOC?<\/strong><\/summary>\n<p style=\"margin:8px 0 4px 24px;color:#555;line-height:1.6;\">The SIEM is the software tool that collects, correlates, and generates alarms. The SOC is the team that evaluates and processes these alarms. Without a SOC, SIEM alarms remain unanswered. Conversely, a SIEM is the most common central correlation point for the SOC.<\/p>\n<\/details>\n<details>\n<summary><strong>Is a SIEM mandatory for NIS2 or DORA?<\/strong><\/summary>\n<p style=\"margin:8px 0 4px 24px;color:#555;line-height:1.6;\">Neither of the two regulations explicitly requires a Security Information and Event Management (SIEM). Still, both impose the need to detect and prove incidents. In practice, a Security Information and Event Management (SIEM) is the most frequently chosen technical solution for this purpose.<\/p>\n<\/details>\n<details>\n<summary><strong>What does a SIEM cost?<\/strong><\/summary>\n<p style=\"margin:8px 0 4px 24px;color:#555;line-height:1.6;\">Prices are manufacturer-specific. Billing is commonly based on data volume or event rate, besides there are device- and user-based models. The recurring cost factor is in most models the volume. Therefore it makes sense to connect only sources with a defined purpose of recognition.<\/p>\n<\/details>\n<details>\n<summary><strong>Do I need a SIEM if I already have EDR?<\/strong><\/summary>\n<p style=\"margin:8px 0 4px 24px;color:#555;line-height:1.6;\">EDR provides depth on the endpoint, but typically does not capture the full picture from firewall logs, cloud audit trails, and identity events. A SIEM is the most common place to correlate this breadth. For comprehensive detection, the two complement each other; they do not replace one another.<\/p>\n<\/details>\n<details>\n<summary><strong>What is the most common mistake when introducing SIEM?<\/strong><\/summary>\n<p style=\"margin:8px 0 4px 24px;color:#555;line-height:1.6;\">Log-collection frenzy: binding all available sources without a defined purpose. This drives up costs and creates noise. Right behind that comes insufficient alarm tuning, leading to alert fatigue and pushing real incidents into the background.<\/p>\n<\/details>\n<p><!--ST-LOWER-CARDS lang=en--><\/p>\n<h3 style=\"margin:48px 0 18px;padding-left:12px;font-size:1.05em;font-weight:800;color:#e6e3da;border-left:3px solid #69d8ed;line-height:1.2;\">Editor&#8217;s Picks<\/h3>\n<p><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/04\/26\/itdr-joins-siem-and-edr-detection-architecture-2026\/\" style=\"display:flex;align-items:center;gap:14px;padding:12px 14px;margin:0 0 10px;background:#23261f;border:1px solid rgba(105,216,237,0.18);border-radius:12px;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 6px 18px rgba(0,0,0,0.22);text-decoration:none;color:#e6e3da;box-sizing:border-box;width:100%;\"><span style=\"flex:0 0 116px;aspect-ratio:16\/9;overflow:hidden;border-radius:8px;background:#111210;border:1px solid rgba(230,227,218,0.08);display:block;\"><img decoding=\"async\" src=\"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/07\/itdr-siem-edr-detection-schicht-architektur-mittelstand-2026-cover-hero-250x143.jpg\" alt=\"\" loading=\"lazy\" width=\"116\" height=\"65\" style=\"width:100%;height:100%;object-fit:cover;display:block;\"><\/span><span style=\"display:block;min-width:0;\"><span style=\"display:block;font-size:0.68em;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;color:#69d8ed;margin-bottom:5px;\">Editor&#8217;s Pick<\/span><span style=\"display:block;font-size:1.0em;font-weight:650;line-height:1.35;color:#e6e3da;overflow-wrap:anywhere;\">ITDR Joins SIEM and EDR: Detection Architecture 2026<\/span><\/span><\/a><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/06\/22\/the-splunk-vulnerability-that-deletes-log-files-without-authentication\/\" style=\"display:flex;align-items:center;gap:14px;padding:12px 14px;margin:0 0 10px;background:#23261f;border:1px solid rgba(105,216,237,0.18);border-radius:12px;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 6px 18px rgba(0,0,0,0.22);text-decoration:none;color:#e6e3da;box-sizing:border-box;width:100%;\"><span style=\"flex:0 0 116px;aspect-ratio:16\/9;overflow:hidden;border-radius:8px;background:#111210;border:1px solid rgba(230,227,218,0.08);display:block;\"><img decoding=\"async\" src=\"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/06\/cover-hero-11-250x143.jpg\" alt=\"\" loading=\"lazy\" width=\"116\" height=\"65\" style=\"width:100%;height:100%;object-fit:cover;display:block;\"><\/span><span style=\"display:block;min-width:0;\"><span style=\"display:block;font-size:0.68em;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;color:#69d8ed;margin-bottom:5px;\">Editor&#8217;s Pick<\/span><span style=\"display:block;font-size:1.0em;font-weight:650;line-height:1.35;color:#e6e3da;overflow-wrap:anywhere;\">The Splunk Vulnerability That Deletes Log Files Without Authentication<\/span><\/span><\/a><a href=\"https:\/\/www.securitytoday.de\/en\/2026\/05\/23\/detection-without-signatures-four-engines-four-assumptions\/\" style=\"display:flex;align-items:center;gap:14px;padding:12px 14px;margin:0 0 10px;background:#23261f;border:1px solid rgba(105,216,237,0.18);border-radius:12px;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 6px 18px rgba(0,0,0,0.22);text-decoration:none;color:#e6e3da;box-sizing:border-box;width:100%;\"><span style=\"flex:0 0 116px;aspect-ratio:16\/9;overflow:hidden;border-radius:8px;background:#111210;border:1px solid rgba(230,227,218,0.08);display:block;\"><img decoding=\"async\" src=\"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/05\/detection-ohne-signaturen-vier-engines-vier-annahmen-cover-hero-2-250x167.jpg\" alt=\"\" loading=\"lazy\" width=\"116\" height=\"65\" style=\"width:100%;height:100%;object-fit:cover;display:block;\"><\/span><span style=\"display:block;min-width:0;\"><span style=\"display:block;font-size:0.68em;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;color:#69d8ed;margin-bottom:5px;\">Editor&#8217;s Pick<\/span><span style=\"display:block;font-size:1.0em;font-weight:650;line-height:1.35;color:#e6e3da;overflow-wrap:anywhere;\">Detection Without Signatures: Four Engines, Four Assumptions<\/span><\/span><\/a><\/p>\n<h3 style=\"margin:48px 0 18px;padding-left:12px;font-size:1.05em;font-weight:800;color:#e6e3da;border-left:3px solid #69d8ed;line-height:1.2;\">More from the MBF Media Network<\/h3>\n<p><a href=\"https:\/\/www.cloudmagazin.com\/en\/2026\/07\/06\/banning-shadow-ai-is-the-most-expensive-reflex-in-it-security\/\" style=\"display:flex;align-items:center;gap:14px;padding:12px 14px;margin:0 0 10px;background:#23261f;border:1px solid rgba(105,216,237,0.18);border-radius:12px;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 6px 18px rgba(0,0,0,0.22);text-decoration:none;color:#e6e3da;box-sizing:border-box;width:100%;\"><span style=\"flex:0 0 116px;aspect-ratio:16\/9;overflow:hidden;border-radius:8px;background:#111210;border:1px solid rgba(230,227,218,0.08);display:block;\"><img decoding=\"async\" src=\"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/07\/net-shadow-ai-verbieten-teuerster-reflex-gov-92616216.jpg\" alt=\"\" loading=\"lazy\" width=\"116\" height=\"65\" style=\"width:100%;height:100%;object-fit:cover;display:block;\"><\/span><span style=\"display:block;min-width:0;\"><span style=\"display:block;font-size:0.68em;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;color:#0bb7fd;margin-bottom:5px;\">cloudmagazin<\/span><span style=\"display:block;font-size:1.0em;font-weight:650;line-height:1.35;color:#e6e3da;overflow-wrap:anywhere;\">Banning shadow AI is the most expensive reflex in IT security<\/span><\/span><\/a><a href=\"https:\/\/mybusinessfuture.com\/en\/electricity-price-relief-2026-what-manufacturing-companies-need-to-examine\/\" style=\"display:flex;align-items:center;gap:14px;padding:12px 14px;margin:0 0 10px;background:#23261f;border:1px solid rgba(105,216,237,0.18);border-radius:12px;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 6px 18px rgba(0,0,0,0.22);text-decoration:none;color:#e6e3da;box-sizing:border-box;width:100%;\"><span style=\"flex:0 0 116px;aspect-ratio:16\/9;overflow:hidden;border-radius:8px;background:#111210;border:1px solid rgba(230,227,218,0.08);display:block;\"><img decoding=\"async\" src=\"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/07\/net-strompreisentlastung-2026-netzentgelte-s-83450652-250x143.jpg\" alt=\"\" loading=\"lazy\" width=\"116\" height=\"65\" style=\"width:100%;height:100%;object-fit:cover;display:block;\"><\/span><span style=\"display:block;min-width:0;\"><span style=\"display:block;font-size:0.68em;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;color:#aa8ac2;margin-bottom:5px;\">MyBusinessFuture<\/span><span style=\"display:block;font-size:1.0em;font-weight:650;line-height:1.35;color:#e6e3da;overflow-wrap:anywhere;\">Electricity Price Relief 2026: What Manufacturing Businesses Need to Check<\/span><\/span><\/a><a href=\"https:\/\/www.digital-chiefs.de\/en\/the-chief-ai-officer-is-here-the-problem-remains\/\" style=\"display:flex;align-items:center;gap:14px;padding:12px 14px;margin:0 0 10px;background:#23261f;border:1px solid rgba(105,216,237,0.18);border-radius:12px;box-shadow:inset 0 1px 0 rgba(230,227,218,0.06),0 6px 18px rgba(0,0,0,0.22);text-decoration:none;color:#e6e3da;box-sizing:border-box;width:100%;\"><span style=\"flex:0 0 116px;aspect-ratio:16\/9;overflow:hidden;border-radius:8px;background:#111210;border:1px solid rgba(230,227,218,0.08);display:block;\"><img decoding=\"async\" src=\"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/07\/net-der-chief-ai-officer-ist-da-das-problem-14328098-250x141.jpg\" alt=\"\" loading=\"lazy\" width=\"116\" height=\"65\" style=\"width:100%;height:100%;object-fit:cover;display:block;\"><\/span><span style=\"display:block;min-width:0;\"><span style=\"display:block;font-size:0.68em;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;color:#e8828d;margin-bottom:5px;\">Digital Chiefs<\/span><span style=\"display:block;font-size:1.0em;font-weight:650;line-height:1.35;color:#e6e3da;overflow-wrap:anywhere;\">The Chief AI Officer is here. The problem remains.<\/span><\/span><\/a><!--\/ST-LOWER-CARDS--><\/p>\n","protected":false},"excerpt":{"rendered":"SIEM explained: how centralized log correlation works, how it differs from SOC and XDR, and costly mistakes to avoid during implementation.","protected":false},"author":10,"featured_media":21811,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"SIEM","_yoast_wpseo_title":"What Is SIEM? Definition, Benefits, and Limitations","_yoast_wpseo_metadesc":"SIEM explained: how centralized log correlation works, its differences from SOC and XDR, and common implementation mistakes that waste money.","_yoast_wpseo_meta-robots-noindex":"","_yoast_wpseo_meta-robots-nofollow":"","_yoast_wpseo_meta-robots-adv":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-title":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/07\/was-ist-ein-siem-cover-hero.jpg","_yoast_wpseo_opengraph-image-id":0,"_yoast_wpseo_twitter-title":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"https:\/\/www.securitytoday.de\/wp-content\/uploads\/2026\/07\/was-ist-ein-siem-cover-hero.jpg","_yoast_wpseo_twitter-image-id":0,"evm_cvss":0,"evm_risk":0,"evm_casefile":"","evm_primary_cve":"","_evm_translation_lang":"en","featured_post":0,"featured_post_sortierung":0,"_wp_old_slug":[],"footnotes":""},"categories":[263],"tags":[],"class_list":["post-21948","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sicherheitslexikon-en"],"evm_reading_time_minutes":6,"wpml_language":"en","wpml_translation_of":21804,"_links":{"self":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/21948","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/comments?post=21948"}],"version-history":[{"count":1,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/21948\/revisions"}],"predecessor-version":[{"id":21958,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/posts\/21948\/revisions\/21958"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media\/21811"}],"wp:attachment":[{"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/media?parent=21948"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/categories?post=21948"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.securitytoday.de\/en\/wp-json\/wp\/v2\/tags?post=21948"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}