Documentation

Reports And Exports

Use report outputs to prioritize remediation, communicate findings, and maintain repeatable review quality.

Who This Topic Is For

Users who need to interpret, share, and operationalize vulnerability findings.

Before You Start

Use this checklist to make sure the workflow guidance applies cleanly to your current task.

  • At least one scan, API spec result, or tool result is available to review.
  • You know who needs the output (engineering, leadership, partner, or client context).
  • You understand your remediation ownership path.

Step-By-Step Guidance

Follow these steps in order for a reliable and repeatable outcome.

  1. Review findings by severity and impact.

    Start with critical and high-signal issues before lower-priority hardening opportunities.

  2. Use evidence and remediation guidance together.

    Pair what was observed with the recommended corrective action so fix plans stay concrete and auditable.

  3. Export and share based on workflow need.

    Use the output that matches the workflow: in-app views for private review, HTML/PDF/JSON artifacts when they are generated, copied URLs when a route or artifact needs to be referenced, and supported public-safe pages only when that workflow is intentionally used. API spec scans now follow the same stored-report pattern, so imported-spec findings can be reviewed later from scan history rather than being treated as throwaway output.

  4. Track changes over reruns.

    Revalidate after fixes and compare outcomes so score movement and finding closure can be verified.

Validation Checklist

Use this checklist to confirm the workflow was completed correctly.

  • Critical/high findings have named owners and target resolution windows.
  • Remediation steps are documented before moving to lower-severity items.
  • Shared output format matches the receiving stakeholder context.
  • Everyone involved understands whether the shared link is a private app view, temporary artifact, or public-safe page.
  • Post-fix rerun confirms closure of the original issue.

Common Problems And Fixes

If something does not match expectation, check these common failure modes first.

Common failure mode

Exporting without triage context

Before sharing externally, summarize highest-priority findings and remediation status so reports remain actionable.

Common failure mode

Treating every copied URL as the same kind of share path

A copied URL can point to an app view, a temporary report artifact, or a public-safe route depending on the workflow. Confirm what the recipient is meant to open before distributing it.

Common failure mode

No rerun after fix deployment

Always rerun after remediation to verify closure and avoid reporting assumptions.

Common failure mode

Assuming API spec imports do not create saved reports

API spec scans are saved in account history and can generate stored report artifacts. Review the result from scan history when you need to share or compare the imported-spec workflow later.

Related Pages

Use these links to continue your workflow without losing context.

Scans And Depths

Open Scans And Depths to continue this workflow.

Help: Reports And Sharing

Open Help: Reports And Sharing to continue this workflow.

Tools And Guides

Open Tools And Guides to continue this workflow.

How to Fix Missing Security Headers

Open How to Fix Missing Security Headers to continue this workflow.

Reports And Exports FAQs

No. Reports can be used by technical and decision stakeholders when paired with clear remediation context and risk prioritization.

Next Recommended Action

Continue to the best next page based on where you are in your workflow.