Reports & Report Import
Generate comprehensive security reports, export findings in multiple formats, and import findings from external security assessments.
Generating reports
PDF reports
Generate a comprehensive PDF report of your findings with charts, metrics, and remediations.
- Go to Findings
- (Optional) Apply filters to narrow the report scope (by severity, tool, repository, etc.)
- Click Export or Actions → Generate Report
- Select PDF Report
- Choose:
- Report Type: Summary (high-level overview) or Detailed (every finding)
- Filters: Apply or remove filters
- Click Generate
The report is generated asynchronously. You'll receive an email when it's ready with a download link. Reports are available for 7 days.
Rate limit: 5 PDF reports per hour per organization.
CSV & JSON exports
Export findings for use in spreadsheets, dashboards, or external systems.
- Go to Findings
- (Optional) Apply filters
- Click Export → CSV or JSON
- The file downloads immediately
CSV columns include: Finding ID, Title, Severity, Status, Scanner, Repository, File, Line, CWE, CVSS, and custom columns.
JSON format includes full finding metadata, remediation suggestions, and asset information.
Report import (AI-powered)
Import findings from external security assessments (pentests, third-party reports) and let AI extract findings automatically.
Supported formats
- Markdown (.md)
- Plain text (.txt)
- CSV (.csv)
- Excel (.xlsx)
- Word documents (.docx)
Import a report
- Go to Integrations → Connectors → Connectors
- Find AI Report Import
- Click Configure or Import
- Select a repository (the findings will be associated with this asset)
- Upload the report file
- Click Import Report
The report is sent to Plexicus's AI processor, which extracts findings and maps them to your codebase. This process consumes 15 AI credits per report.
Processing
Once submitted:
- The report is analyzed by LLM
- Findings are extracted and deduplicated
- High-confidence findings are created in Plexicus
- Lower-confidence entries are flagged for review
Check the Findings page after a few moments; imported findings will appear with a Imported label and the source report name.
Managing exported/imported data
View export history
- Go to Settings → Account
- Scroll to Export History
- View recent exports and downloads
Re-download a PDF report
- Go to your email or notification center
- Click the report link (valid for 7 days)
After 7 days, regenerate the report using the steps above.
Review imported findings
Imported findings appear in your Findings list and can be:
- Triaged (marked false-positive, mitigated, etc.)
- Assigned to developers
- Linked to tickets
- Exported again in reports
API
Export findings via API
GET /findings/csv-downloads
GET /findings/json-downloads
POST /findings/pdf-reports
GET /reports/{id}/download
See the API Guide for authentication and request conventions.
Import via API
POST /report-imports
Upload a report file. The response returns a workflow_id; the import runs asynchronously and the findings appear in the repository view when it completes.
Troubleshooting
"Report generation failed"
- Ensure you have findings to include in the report
- Try generating with fewer filters first
"PDF report is taking too long"
- Reports with >1000 findings may take several minutes
- You'll receive an email notification when ready
"AI Report Import failed"
- Verify the file format is supported (.md, .txt, .csv, .xlsx, .docx)
- Ensure the file is not corrupted
- Check that you have AI credits remaining
"AI credits insufficient"
- Each report import costs 15 AI credits
- Upgrade your plan or purchase a credit pack in Settings → Billing
Best practices
- Use filters for focused reports: Export findings by severity or tool to create targeted reports for stakeholders
- Schedule regular exports: Export weekly or monthly snapshots for compliance tracking
- Import third-party reports early: Import pentests or vendor assessments immediately to avoid duplicate work
- Tag imported findings: Use labels to distinguish imported findings from automated scanner results
Next Steps
- Triage findings after import or export
- Create tickets from findings for tracking
- Generate remediations for code-based findings