The Security Scan Report provides a central security dashboard for Bitbucket administrators as well as any user who's been granted explicit access. Additionally, Security for Bitbucket provides to project administrators a dashboard with similar functionality so that they may perform scans and obtain vulnerability reports for any repositories and branches in their own projects.
To find this dashboard, navigate to a project you have admin rights over, and then go to the new Security Tab.
Project administrators, as well as users granted explicit access who also have read rights over the project, can also see this tab. If you do not have sufficient rights, the tab will not appear.
Then, the Security Scan Report for the project should appear similarly to that depicted below.
You will then have the ability to perform scans on any repository or branch in the project, and you may export vulnerability reports for the whole project, or for any repository or branch contained in the project.