{"id":97908,"date":"2023-09-07T18:43:05","date_gmt":"2023-09-07T22:43:05","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=97908"},"modified":"2023-11-01T12:21:49","modified_gmt":"2023-11-01T16:21:49","slug":"security-update-june-20-incident-details-and-remediation","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation","title":{"rendered":"[Security Update] June 20 Incident Details and Remediation"},"content":{"rendered":"\n

On 2023-07-12, we alerted customers to a security incident that occurred starting on 2023-06-20. Now that our investigation has concluded, we want to share some additional information around what happened, what we\u2019ve learned, and what our plans are to continuously improve our security posture for the future.<\/p>\n\n\n\n

We would like to thank our customers for their patience and understanding for the mandatory key rotation on 2023-07-05. We want to also thank our customers and our community for your patience while we investigated and remediated this incident. We aim for full transparency and disclosure, while maintaining the integrity of the investigation.<\/p>\n\n\n\n

What happened?<\/h2>\n\n\n\n

2023-06-20 a sophisticated North Korean threat actor successfully spear-phished a 探花大神 software engineer, causing them to download malicious code to their 探花大神-issued device, which gave the threat actor developer-level access to 探花大神 environments.<\/p>\n\n\n\n

2023-06-22 the threat actor used developer-level access gained on the engineer\u2019s endpoint to pivot to other 探花大神 systems. From there, they were able to launch workloads to run at a later date in our container orchestration system.<\/p>\n\n\n\n

2023-06-23 02:21 探花大神 security tools alerted on anomalous activity taking place related to the compromised employee account. System access was revoked and known affected credentials were rotated. A number of mitigating actions that are detailed below were initiated at this time.<\/p>\n\n\n\n

2023-06-27 15:13 探花大神 Security noticed that developer access was used to run a workload that activated in our container orchestration system. We did not see evidence of customer impact at that time. <\/p>\n\n\n\n

Containment, eradication, and remediation efforts continued at this time. Credentials were rotated, infrastructure was rebuilt, code deployment was frozen, and a number of other actions were taken to further secure our network and perimeter. Additionally, our prepared Incident Response (IR) plan was activated. Our IR partner was engaged to analyze all systems and logs for potential activity. As part of our IR plan, we contacted and engaged law enforcement in our investigation. Forensics and investigation work continued to ensure the full scope and impact of the malicious activity was understood.<\/p>\n\n\n\n

2023-07-04 探花大神 identified and rebuilt the last impacted system. No further indicators of compromise have presented themselves on 探花大神 systems since this date.<\/p>\n\n\n\n

2023-07-05 探花大神 discovered an anomaly in our database records ultimately identifying the intent and impact of the attack. We discovered database injection that occurred on the 27th to instruct target devices to download malware. This occurred on fewer than 10 devices total across fewer than 5 organizations. We immediately contacted the organizations to notify them of the impact and ensure that there was no further exposure to them. We also took the proactive measure to force rotate all API keys once we had evidence of customer impact.<\/p>\n\n\n\n

Our audit of the entire database through objective analysis of this anomaly leads us to have extremely high confidence that we know the exact impact of the incident and have a comprehensive list of impacted devices.<\/p>\n\n\n\n

Further investigation, containment, and remediation actions continued to secure our environment. These actions are detailed below.<\/p>\n\n\n\n

2023-07-12 探花大神 published a public statement<\/a> advising the public of a security incident that took place and was the reason for the mandatory API key rotation. 探花大神 Security detected the compromise and responded accordingly to investigate, contain, and remediate the attack.<\/p>\n\n\n\n

How do we know this attack vector is closed?<\/h2>\n\n\n\n

Indicators of compromise were thoroughly investigated, and a variety of containment and remediation strategies have been employed to secure the 探花大神 environment.<\/p>\n\n\n\n

Access Revocation and Granular Restoration<\/h3>\n\n\n\n

Upon discovery of compromise and an active phishing campaign of engineering and development employees, access to the 探花大神 application infrastructure was revoked for a large portion of users and roles. This was implemented to prevent further exposure by other potentially compromised employee endpoints until full scoping of incident impact could be completed.<\/p>\n\n\n\n

All IAM permissions were reviewed, rearchitected, and restored based on necessity and job function relevant to various roles and users. The hardening of users and roles will limit the potential impact of compromised accounts and endpoints. Elevated access now requires manual authorization by multiple parties to prevent unwanted privilege escalation. Robust monitoring and alerting provides visibility to review and audit elevated access activity.<\/p>\n\n\n\n

API Key Rotation<\/h3>\n\n\n\n

Upon discovery of anomalous activity, action was taken to rotate all 探花大神 customer API keys. Although no exposure was found at that time, we acted to secure customer environments from the possibility of compromised API keys. A notification was sent to customers informing them of the forced rotation with instructions to resume normal operation in their environment. An article was also published on the 探花大神 support site with the same contents as the email sent to customers.<\/p>\n\n\n\n

Infrastructure Destruction and Rebuilding<\/h3>\n\n\n\n

During the investigation, all infrastructure affected by the threat actor was identified and completely rebuilt from scratch to further ensure that all persistence mechanisms of the threat actor were removed. Every credential and key in the 探花大神 environment was rotated to ensure no lingering access existed for the threat actor to take advantage of.<\/p>\n\n\n\n

Source Code and Binary Validation<\/h3>\n\n\n\n

To prevent any potentially compromised source code from being deployed into the production environment, a deployment freeze was implemented early in the incident. We verified that no source code or binary releases were compromised in this incident.<\/p>\n\n\n\n

User Credential Rotation and Endpoint Verification<\/h3>\n\n\n\n

All 探花大神 internal users and administrators were forced to rotate their credentials. All user endpoints were audited to verify that security tools are present and functioning correctly. No evidence of further employee compromise was found.<\/p>\n\n\n\n

Enhanced Monitoring<\/h3>\n\n\n\n

A number of measures were taken to expand monitoring capabilities. Indicators of compromise were added to security tools as they became available. Routine monitoring and system checks were expanded to include new indicators in order to provide visibility into new attempts by the threat actor. Monitoring of 探花大神 employee user access and API key activity improved visibility to ensure all activity is expected and appropriate for business processes.<\/p>\n\n\n\n

Third-party Incident Response Services and Law Enforcement<\/h3>\n\n\n\n

探花大神 engaged third-party incident response services to assist in the investigation, containment, and remediation of the incident. Forensics was conducted in all affected environments, and detailed reports were provided to contain and remediate the impacted systems. Contact with the appropriate law enforcement agencies has been established. <\/p>\n\n\n\n

Communication and support for customers<\/h2>\n\n\n\n

The investigation revealed that the threat actor injected agent commands to run on fewer than 10 devices across fewer than 5 total organizations. At that point 探花大神 promptly contacted the affected customers to inform them of the attack and offer assistance.<\/p>\n\n\n\n

At appropriate milestones, 探花大神 provided communications to customers and the general public. This was accomplished through customer email notifications, 探花大神 support site articles, as well as interactions between customers and 探花大神 support staff. Internal communication channels were created to bridge the gap between customer inquiries and various members of security and engineering teams.<\/p>\n\n\n\n

How do I know if I was impacted?<\/h2>\n\n\n\n

Fewer than 5 organizations and fewer than 10 total devices were successfully targeted by the threat actor. 探花大神 made contact with all affected customers prior to public announcement. If your organization was not contacted and informed of impact, it was not impacted by this incident.<\/p>\n\n\n\n

What can I do?<\/h2>\n\n\n\n

A list of indicators of compromise<\/a> was published on the 探花大神 support site to enable customers to conduct forensics and inspect logs between June 20 and July 5 for any suspicious activity.<\/p>\n\n\n\n

With any security incident involving a cloud provider, the best practice is to rotate all static credentials you have provided them. If you have not already done so when earlier security blog postings were published, we still recommend as a good practice that you rotate all static credentials you have with 探花大神 including SAML certificates, user passwords, and all secrets used for integrations.<\/p>\n\n\n\n

We also recommend that all customers review the Admin Guide to Supporting Work From Home<\/a> article found on the 探花大神 Knowledge Base to harden their own environments.<\/p>\n\n\n\n

What we learned from this incident and the path ahead<\/h2>\n\n\n\n

IAM Roles and Permissions<\/h3>\n\n\n\n

Given the attack vector, we are rearchitecting IAM for granular permissions to secure the environment by making it more difficult to gain inappropriate elevated access. While we have RBAC policies in place, we are continuing to expand on those policies to reduce access by default.<\/p>\n\n\n\n

Developers will need to elevate their permissions to perform some tasks. A number of safeguards outlined above (including multi-party authorization) were added to more safely allow these tasks to be performed.<\/p>\n\n\n\n

All access to data that could affect customer devices or security directly or indirectly is now multi-party authorized. Continued development effort is in place to ensure such access is tied to a request initiated by the customer.<\/p>\n\n\n\n

Phishing Awareness<\/h3>\n\n\n\n

Phishing attacks are a threat to any organization, and attacks continue to get more sophisticated with time. As a response to this incident, we are taking increased measures to enhance our communications and training to improve phishing awareness. We are continually improving our monitoring and controls to detect and prevent phishing attacks.<\/p>\n\n\n\n

Infrastructure Isolation and Segregation<\/h3>\n\n\n\n

We identified improvements to our application environment that will further isolate production systems from others. This will allow for more granular access permissions, as well as reduced chances of unwanted access and connectivity between functionally separate areas.<\/p>\n\n\n\n

Keys and Secrets<\/h3>\n\n\n\n

Developer access to static credentials needed to perform job functions was a factor in this incident. Ongoing efforts to replace these with ephemeral credentials is in place.<\/p>\n\n\n\n

Visibility<\/h3>\n\n\n\n

Enhanced logging and monitoring have been put into place and more will be added in the future.<\/p>\n\n\n\n

Final Thoughts<\/h2>\n\n\n\n

In closing, we want to express our sincere commitment to maintaining the utmost security and privacy for our valued customers. We understand the concerns that arise from incidents like these and want to assure you that we have taken swift and decisive actions to keep our customers safe. Our dedicated teams are working diligently to strengthen our systems, enhance our safeguards, and prevent any recurrence. We greatly appreciate the trust you’ve placed in us and remain steadfast in our dedication to providing a secure environment for all.<\/p>\n","protected":false},"excerpt":{"rendered":"

With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.<\/p>\n","protected":false},"author":219,"featured_media":93686,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[23],"tags":[],"collection":[2775],"platform":[],"funnel_stage":[3016],"coauthors":[3102],"acf":[],"yoast_head":"\n[Security Update] June 20 Incident Details and Remediation - 探花大神<\/title>\n<meta name=\"description\" content=\"With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"[Security Update] June 20 Incident Details and Remediation\" \/>\n<meta property=\"og:description\" content=\"With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\" \/>\n<meta property=\"og:site_name\" content=\"探花大神\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-07T22:43:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-11-01T16:21:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2934\" \/>\n\t<meta property=\"og:image:height\" content=\"1751\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Bob Phan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bob Phan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\"},\"author\":{\"name\":\"Bob Phan\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/7701b0aa689093234a73224102515098\"},\"headline\":\"[Security Update] June 20 Incident Details and Remediation\",\"datePublished\":\"2023-09-07T22:43:05+00:00\",\"dateModified\":\"2023-11-01T16:21:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\"},\"wordCount\":1682,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png\",\"articleSection\":[\"Best Practices\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\",\"url\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\",\"name\":\"[Security Update] June 20 Incident Details and Remediation - 探花大神\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png\",\"datePublished\":\"2023-09-07T22:43:05+00:00\",\"dateModified\":\"2023-11-01T16:21:49+00:00\",\"description\":\"With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png\",\"width\":2934,\"height\":1751},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"[Security Update] June 20 Incident Details and Remediation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"探花大神\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"探花大神\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"探花大神\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/7701b0aa689093234a73224102515098\",\"name\":\"Bob Phan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/f65ef3433d68b37d55a6ef83eaabdb5e\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/43dad36fdffbba7df5cf7bbfb35eb723?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/43dad36fdffbba7df5cf7bbfb35eb723?s=96&d=mm&r=g\",\"caption\":\"Bob Phan\"},\"description\":\"Bob Phan is the Chief Information Security Officer (CISO) at 探花大神.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"[Security Update] June 20 Incident Details and Remediation - 探花大神","description":"With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation","og_locale":"en_US","og_type":"article","og_title":"[Security Update] June 20 Incident Details and Remediation","og_description":"With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.","og_url":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation","og_site_name":"探花大神","article_published_time":"2023-09-07T22:43:05+00:00","article_modified_time":"2023-11-01T16:21:49+00:00","og_image":[{"width":2934,"height":1751,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png","type":"image\/png"}],"author":"Bob Phan","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Bob Phan","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation"},"author":{"name":"Bob Phan","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/7701b0aa689093234a73224102515098"},"headline":"[Security Update] June 20 Incident Details and Remediation","datePublished":"2023-09-07T22:43:05+00:00","dateModified":"2023-11-01T16:21:49+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation"},"wordCount":1682,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png","articleSection":["Best Practices"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation","url":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation","name":"[Security Update] June 20 Incident Details and Remediation - 探花大神","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png","datePublished":"2023-09-07T22:43:05+00:00","dateModified":"2023-11-01T16:21:49+00:00","description":"With our investigation concluded, we want to share more around what happened, what we learned, and our plans to continuously improve our security posture for the future.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/07\/Ocean-blue-JC-logo-blog-image.png","width":2934,"height":1751},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/security-update-june-20-incident-details-and-remediation#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"[Security Update] June 20 Incident Details and Remediation"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"探花大神","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"探花大神","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"探花大神"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/7701b0aa689093234a73224102515098","name":"Bob Phan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/f65ef3433d68b37d55a6ef83eaabdb5e","url":"https:\/\/secure.gravatar.com\/avatar\/43dad36fdffbba7df5cf7bbfb35eb723?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/43dad36fdffbba7df5cf7bbfb35eb723?s=96&d=mm&r=g","caption":"Bob Phan"},"description":"Bob Phan is the Chief Information Security Officer (CISO) at 探花大神."}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/97908"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/219"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=97908"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/97908\/revisions"}],"predecessor-version":[{"id":100628,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/97908\/revisions\/100628"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/93686"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=97908"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=97908"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=97908"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=97908"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=97908"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=97908"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=97908"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}