Skip to main content
Skip table of contents

Exporting a Security Scan Report for External Use

For offline viewing and processing of security scan reports with Security for Bitbucket, you can export those reports to CSV file, which will have the following format:

Exported CSV-file content example

You can export vulnerabilities using one of ways, described below.

Exporting from the repository Scan page

To do so, first go to the repository and report in question.

Then click the Export button in the top right corner of the report:

You will then download a file with the naming scheme: <projectKey>_<repositoryKey>_<branchName>.CSV

Exporting from Security Scan Report

You can export detected vulnerabilities from the global Security Scan Report page which you can access by clicking the lock icon in the top Bitbucket bar.

Click the action drop-down menu and select Export item as shown below:

Exporting vulnerabilities from Security Scan Report page

You can do this on any view level - branch, repository or project. When exporting a project, the generated report will contained vulnerabilities found in all branches of all repositories which belong the selected project.

Exported file will have the following name:

  • for project: <projectKey>.CSV

  • for repository: <projectKey>_<repositoryKey>.CSV

  • for branch: <projectKey>_<repositoryKey>_<branchName>.CSV

Note, that this menu item is displayed only when some vulnerabilities are present, if branch (repository, project) was not scanned or no vulnerabilities were detected during the scan, the Export menu item will not be shown.

Exporting vulnerabilities via a REST-call

If you need to export overall vulnerabilities list for all projects, repositories and branches into a single file, you can use a REST-call.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.