{"id":92116,"date":"2023-02-03T20:28:40","date_gmt":"2023-02-03T18:28:40","guid":{"rendered":"https:\/\/factorialhr.com\/blog\/?p=92116"},"modified":"2023-02-03T20:28:40","modified_gmt":"2023-02-03T18:28:40","slug":"bug-bounty-program-at-factorial","status":"publish","type":"post","link":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/","title":{"rendered":"Bug Bounty Program at Factorial"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">One of our highest priorities here at Factorial is to guarantee the security of our infrastructure and our clients&#8217; data. We\u2019re picky about which tools we use, and we only work with the most effective ones to meet our high security standards.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Thanks to our diverse and highly qualified security team specialised in multiple branches, we are able to:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Cover the entire attack surface of our platform.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Monitor attacks 24\/7.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Perform security tests internally before new functionalities go into production.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Train developers on the OWASP Top 10 [1].<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Investigate new 0-days [2].\u00a0<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">In this article, we\u2019ll focus on two fundamental concepts: the <\/span><b>Vulnerability Disclosure Policy (VDP)<\/b><span style=\"font-weight: 400;\"> and the <\/span><b>Bug Bounty Program (BBP)<\/b><span style=\"font-weight: 400;\">. It\u2019s our view that every single company should adopt at least one of these two.<\/span><\/p>\n<p><b>What is a VDP?\u00a0\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">A Vulnerability Disclosure Program (VDP) is a program that provides <\/span><b>clear guidelines on how an organisation would like to be notified about potential security vulnerabilities<\/b><span style=\"font-weight: 400;\"> found by third parties or external hackers. Its goal is to give ethical hackers instructions about reporting a vulnerability so they can be guided to the right team to solve it.<\/span><\/p>\n<p><b>What is a BBP?\u00a0\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">On the other hand, a Bug Bounty Program (BBP) incentivises external third parties or hackers to find security vulnerabilities in an organisation and report them directly to be fixed safely and efficiently. Unlike VDPs, vulnerability finders are rewarded with monetary prizes.<\/span><\/p>\n<p><b>Why a VDP is Essential to Every Business\u00a0<\/b><\/p>\n<p><span style=\"font-weight: 400;\">It&#8217;s best practice to have a public-facing Vulnerability Disclosure Policy as it encourages others to report security vulnerabilities. When an ethical hacker finds a security flaw in third-party systems, the hacker has two options. They can either <\/span><b>report it to the security team and risk being investigated for this action<\/b><span style=\"font-weight: 400;\"> (even if well-intended), or they <\/span><b>keep it to themselves to avoid these potential repercussions.<\/b><\/p>\n<p><span style=\"font-weight: 400;\">If the ethical hacker decides on the latter, the organisation\u2019s security and users are endangered, highlighting the fragility of their security strategy. What\u2019s to stop a cybercriminal targeting the same vulnerability and exploiting it maliciously?\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s common for ethical hackers to decide against reporting their findings to avoid legal risks. This can have a direct and often tragic impact on an organisation, resulting in costly incidents such as ransomware.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A VDP can fortify the cyber-security of an organisation and negate these risks. VDP\u2019s should focus on 5 key points:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Purpose:<\/b><span style=\"font-weight: 400;\"> Start with why your company has a VDP and the importance of upholding it.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Scope:<\/b><span style=\"font-weight: 400;\"> List available properties and types of vulnerability you\u2019re interested in. This grants hackers visibility into the assets and shows the potential vulnerabilities they should be looking at.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Safe harbour:<\/b><span style=\"font-weight: 400;\"> Assure hackers that they won&#8217;t be legally sued or prosecuted for any vulnerabilities they find.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Reporting process:<\/b><span style=\"font-weight: 400;\"> Explain how hackers can submit security reports step by step and what kind of information is required in a submission.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Evaluation of reports:<\/b><span style=\"font-weight: 400;\"> Include the response times, depending on the severity and asset affected, whether hackers can publicly disclose vulnerabilities, or whether they need to wait for a confirmation email, etc.<\/span><\/li>\n<\/ol>\n<p><b>Do We Have a Bug Bounty Program in Factorial?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">We work with dozens of hackers at Factorial in our HackerOne\u2019s private bounty program, which includes some of the top hackers in the world.\u00a0 We currently limit our bounty program to a <\/span><b>selected group of hackers, who are known for their high reputation and results levels. <\/b><span style=\"font-weight: 400;\">In doing so, we only receive quality reports from the top professionals in the field.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">HackerOne is a company that allows organisations to have their VDP or BBP on their platform, by which hackers send reports that can be evaluated by the internal security teams of each organisation. Once this report has been validated within a BBP, the hacker will receive a monetary remuneration reflective of how critical the reported vulnerability is.<\/span><\/p>\n<p><b>Do We Have a Vulnerability Disclosure Program in Factorial?<\/b><\/p>\n<p><span style=\"font-weight: 400;\">Yes. For us, it&#8217;s essential to have a secure way to receive vulnerability reports from third parties. We&#8217;re also very excited to receive new security reports improving the security of our systems.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Any external hacker who finds a security issue can report it to us, even if they don&#8217;t participate in our private bug bounty program. Our VDP policy is available to anyone at<\/span><a href=\"https:\/\/hackerone.com\/factorial\"> <span style=\"font-weight: 400;\">https:\/\/hackerone.com\/factorial<\/span><\/a><span style=\"font-weight: 400;\">. You can report potential security vulnerabilities to us at <\/span><a href=\"mailto:security@factorial.co\"><span style=\"font-weight: 400;\">security@factorial.co<\/span><\/a><span style=\"font-weight: 400;\"> and we\u2019ll gladly review the reports.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><em>References <\/em><\/p>\n<p><span style=\"font-weight: 400;\">[1]<\/span><a href=\"https:\/\/owasp.org\/www-project-top-ten\/\"> <span style=\"font-weight: 400;\">https:\/\/owasp.org\/www-project-top-ten\/<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">[2]<\/span><a href=\"https:\/\/en.wikipedia.org\/wiki\/Zero-day_(computing)\"> <span style=\"font-weight: 400;\">https:\/\/en.wikipedia.org\/wiki\/Zero-day_(computing)<\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of our highest priorities here at Factorial is to guarantee the security of our infrastructure and our clients&#8217; data. We\u2019re picky about which tools we use, and we only work with the most effective ones to meet our high security standards.\u00a0 Thanks to our diverse and highly qualified security team specialised in multiple branches,<a href=\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\" class=\"read-more\"> [&#8230;]<\/a><\/p>\n","protected":false},"author":121,"featured_media":92089,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[342],"tags":[],"class_list":["post-92116","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-culture-engagement"],"acf":{"topics":false},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.9.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Bug Bounty Program at Factorial | Factorial<\/title>\n<meta name=\"description\" content=\"Understand the importance of implementing a Vulnerability Disclosure Policy (VDP) and Bug Bounty Program (BBP), and how we use both at Factorial.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bug Bounty Program at Factorial\" \/>\n<meta property=\"og:description\" content=\"Understand the importance of implementing a Vulnerability Disclosure Policy (VDP) and Bug Bounty Program (BBP), and how we use both at Factorial.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\" \/>\n<meta property=\"og:site_name\" content=\"Factorial\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Factorial\/100064908455810\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-03T18:28:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/factorialhr.co.uk\/wp-content\/uploads\/2023\/02\/03174548\/bug-bounty-program_11zon.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"820\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tarek Bouali\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/iambouali\" \/>\n<meta name=\"twitter:site\" content=\"@factorialapp\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tarek Bouali\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\"},\"author\":{\"name\":\"Tarek Bouali\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/person\/ce88488f2984253fd36aef00d7847704\"},\"headline\":\"Bug Bounty Program at Factorial\",\"datePublished\":\"2023-02-03T18:28:40+00:00\",\"dateModified\":\"2023-02-03T18:28:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\"},\"wordCount\":756,\"publisher\":{\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#organization\"},\"articleSection\":[\"Culture &amp; Engagement\"],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\",\"url\":\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\",\"name\":\"Bug Bounty Program at Factorial | Factorial\",\"isPartOf\":{\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#website\"},\"datePublished\":\"2023-02-03T18:28:40+00:00\",\"dateModified\":\"2023-02-03T18:28:40+00:00\",\"description\":\"Understand the importance of implementing a Vulnerability Disclosure Policy (VDP) and Bug Bounty Program (BBP), and how we use both at Factorial.\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#website\",\"url\":\"https:\/\/factorialhr.co.uk\/blog\/\",\"name\":\"Factorial\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/factorialhr.co.uk\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#organization\",\"name\":\"All-in-one business management software - Factorial\",\"url\":\"https:\/\/factorialhr.co.uk\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/factorialhr.co.uk\/wp-content\/uploads\/2023\/07\/18155144\/factorial-logo.png\",\"contentUrl\":\"https:\/\/factorialhr.co.uk\/wp-content\/uploads\/2023\/07\/18155144\/factorial-logo.png\",\"width\":946,\"height\":880,\"caption\":\"All-in-one business management software - Factorial\"},\"image\":{\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/people\/Factorial\/100064908455810\/\",\"https:\/\/twitter.com\/factorialapp\",\"https:\/\/www.linkedin.com\/company\/factorialhr\",\"https:\/\/www.youtube.com\/@factorialmedia\",\"https:\/\/www.instagram.com\/factorial\/#\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/person\/ce88488f2984253fd36aef00d7847704\",\"name\":\"Tarek Bouali\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d793d845c10737918f7cbc51ca900dff?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d793d845c10737918f7cbc51ca900dff?s=96&d=identicon&r=g\",\"caption\":\"Tarek Bouali\"},\"description\":\"I\u2019m Tarek, ethical hacker on the Factorial security team, and a part-time bug bounty hunter. I was recognized by large companies such as Google, PayPal and Twitter, for actively contributing to their security.\",\"sameAs\":[\"https:\/\/tarekbouali.com\",\"https:\/\/es.linkedin.com\/in\/iambouali\",\"https:\/\/twitter.com\/https:\/\/twitter.com\/iambouali\"],\"url\":\"https:\/\/factorialhr.co.uk\/blog\/author\/tarek\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Bug Bounty Program at Factorial | Factorial","description":"Understand the importance of implementing a Vulnerability Disclosure Policy (VDP) and Bug Bounty Program (BBP), and how we use both at Factorial.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/","og_locale":"en_GB","og_type":"article","og_title":"Bug Bounty Program at Factorial","og_description":"Understand the importance of implementing a Vulnerability Disclosure Policy (VDP) and Bug Bounty Program (BBP), and how we use both at Factorial.","og_url":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/","og_site_name":"Factorial","article_publisher":"https:\/\/www.facebook.com\/people\/Factorial\/100064908455810\/","article_published_time":"2023-02-03T18:28:40+00:00","og_image":[{"width":820,"height":400,"url":"https:\/\/factorialhr.co.uk\/wp-content\/uploads\/2023\/02\/03174548\/bug-bounty-program_11zon.jpg","type":"image\/jpeg"}],"author":"Tarek Bouali","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/iambouali","twitter_site":"@factorialapp","twitter_misc":{"Written by":"Tarek Bouali","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/#article","isPartOf":{"@id":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/"},"author":{"name":"Tarek Bouali","@id":"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/person\/ce88488f2984253fd36aef00d7847704"},"headline":"Bug Bounty Program at Factorial","datePublished":"2023-02-03T18:28:40+00:00","dateModified":"2023-02-03T18:28:40+00:00","mainEntityOfPage":{"@id":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/"},"wordCount":756,"publisher":{"@id":"https:\/\/factorialhr.co.uk\/blog\/#organization"},"articleSection":["Culture &amp; Engagement"],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/","url":"https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/","name":"Bug Bounty Program at Factorial | Factorial","isPartOf":{"@id":"https:\/\/factorialhr.co.uk\/blog\/#website"},"datePublished":"2023-02-03T18:28:40+00:00","dateModified":"2023-02-03T18:28:40+00:00","description":"Understand the importance of implementing a Vulnerability Disclosure Policy (VDP) and Bug Bounty Program (BBP), and how we use both at Factorial.","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/factorialhr.co.uk\/blog\/bug-bounty-program-at-factorial\/"]}]},{"@type":"WebSite","@id":"https:\/\/factorialhr.co.uk\/blog\/#website","url":"https:\/\/factorialhr.co.uk\/blog\/","name":"Factorial","description":"","publisher":{"@id":"https:\/\/factorialhr.co.uk\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/factorialhr.co.uk\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/factorialhr.co.uk\/blog\/#organization","name":"All-in-one business management software - Factorial","url":"https:\/\/factorialhr.co.uk\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/factorialhr.co.uk\/wp-content\/uploads\/2023\/07\/18155144\/factorial-logo.png","contentUrl":"https:\/\/factorialhr.co.uk\/wp-content\/uploads\/2023\/07\/18155144\/factorial-logo.png","width":946,"height":880,"caption":"All-in-one business management software - Factorial"},"image":{"@id":"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Factorial\/100064908455810\/","https:\/\/twitter.com\/factorialapp","https:\/\/www.linkedin.com\/company\/factorialhr","https:\/\/www.youtube.com\/@factorialmedia","https:\/\/www.instagram.com\/factorial\/#"]},{"@type":"Person","@id":"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/person\/ce88488f2984253fd36aef00d7847704","name":"Tarek Bouali","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/factorialhr.co.uk\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d793d845c10737918f7cbc51ca900dff?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d793d845c10737918f7cbc51ca900dff?s=96&d=identicon&r=g","caption":"Tarek Bouali"},"description":"I\u2019m Tarek, ethical hacker on the Factorial security team, and a part-time bug bounty hunter. I was recognized by large companies such as Google, PayPal and Twitter, for actively contributing to their security.","sameAs":["https:\/\/tarekbouali.com","https:\/\/es.linkedin.com\/in\/iambouali","https:\/\/twitter.com\/https:\/\/twitter.com\/iambouali"],"url":"https:\/\/factorialhr.co.uk\/blog\/author\/tarek\/"}]}},"_links":{"self":[{"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/posts\/92116"}],"collection":[{"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/users\/121"}],"replies":[{"embeddable":true,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/comments?post=92116"}],"version-history":[{"count":1,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/posts\/92116\/revisions"}],"predecessor-version":[{"id":92118,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/posts\/92116\/revisions\/92118"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/media\/92089"}],"wp:attachment":[{"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/media?parent=92116"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/categories?post=92116"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/factorialhr.co.uk\/blog\/wp-json\/wp\/v2\/tags?post=92116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}