Skip to main content

Reports & Report Import

Generate comprehensive security reports, export findings in multiple formats, and import findings from external security assessments.

Generating reports

PDF reports

Generate a comprehensive PDF report of your findings with charts, metrics, and remediations.

  1. Go to Findings
  2. (Optional) Apply filters to narrow the report scope (by severity, tool, repository, etc.)
  3. Click Export or ActionsGenerate Report
  4. Select PDF Report
  5. Choose:
    • Report Type: Summary (high-level overview) or Detailed (every finding)
    • Filters: Apply or remove filters
  6. Click Generate

The report is generated asynchronously. You'll receive an email when it's ready with a download link. Reports are available for 7 days.

Rate limit: 5 PDF reports per hour per organization.

CSV & JSON exports

Export findings for use in spreadsheets, dashboards, or external systems.

  1. Go to Findings
  2. (Optional) Apply filters
  3. Click ExportCSV or JSON
  4. The file downloads immediately

CSV columns include: Finding ID, Title, Severity, Status, Scanner, Repository, File, Line, CWE, CVSS, and custom columns.

JSON format includes full finding metadata, remediation suggestions, and asset information.

Report import (AI-powered)

Import findings from external security assessments (pentests, third-party reports) and let AI extract findings automatically.

Supported formats

  • Markdown (.md)
  • Plain text (.txt)
  • CSV (.csv)
  • Excel (.xlsx)
  • Word documents (.docx)

Import a report

  1. Go to IntegrationsConnectorsConnectors
  2. Find AI Report Import
  3. Click Configure or Import
  4. Select a repository (the findings will be associated with this asset)
  5. Upload the report file
  6. Click Import Report

The report is sent to Plexicus's AI processor, which extracts findings and maps them to your codebase. This process consumes 15 AI credits per report.

Processing

Once submitted:

  • The report is analyzed by LLM
  • Findings are extracted and deduplicated
  • High-confidence findings are created in Plexicus
  • Lower-confidence entries are flagged for review

Check the Findings page after a few moments; imported findings will appear with a Imported label and the source report name.

Managing exported/imported data

View export history

  1. Go to SettingsAccount
  2. Scroll to Export History
  3. View recent exports and downloads

Re-download a PDF report

  1. Go to your email or notification center
  2. Click the report link (valid for 7 days)

After 7 days, regenerate the report using the steps above.

Review imported findings

Imported findings appear in your Findings list and can be:

  • Triaged (marked false-positive, mitigated, etc.)
  • Assigned to developers
  • Linked to tickets
  • Exported again in reports

API

Export findings via API

GET /findings/csv-downloads
GET /findings/json-downloads
POST /findings/pdf-reports
GET /reports/{id}/download

See the API Guide for authentication and request conventions.

Import via API

POST /report-imports

Upload a report file. The response returns a workflow_id; the import runs asynchronously and the findings appear in the repository view when it completes.

Troubleshooting

"Report generation failed"

  • Ensure you have findings to include in the report
  • Try generating with fewer filters first

"PDF report is taking too long"

  • Reports with >1000 findings may take several minutes
  • You'll receive an email notification when ready

"AI Report Import failed"

  • Verify the file format is supported (.md, .txt, .csv, .xlsx, .docx)
  • Ensure the file is not corrupted
  • Check that you have AI credits remaining

"AI credits insufficient"

  • Each report import costs 15 AI credits
  • Upgrade your plan or purchase a credit pack in SettingsBilling

Best practices

  1. Use filters for focused reports: Export findings by severity or tool to create targeted reports for stakeholders
  2. Schedule regular exports: Export weekly or monthly snapshots for compliance tracking
  3. Import third-party reports early: Import pentests or vendor assessments immediately to avoid duplicate work
  4. Tag imported findings: Use labels to distinguish imported findings from automated scanner results

Next Steps