Exporting a Security Scan Report for External Use

For offline viewing and processing of security findings generated by Security for Bitbucket, you can export them to a csv file. This file will have the following format:

You can export scan results using one of a few ways, each of which is described below.

Exporting a single branch via the Branch Scan Report

To export the vulnerabilities from a single branch, first navigate to the Branch Scan Report for the branch in question. Then click the Export button in the top right corner of the report:

Exporting from a Dashboard

From the Global, Project-level, and Repository-level Dashboards, there are two primary approaches to exporting scan results.

Using the Dashboard’s Export Dropdown

An Export dropdown is visible in the upper-right of each dashboard. Depending on which dashboard and view level, the relevant option will appear as one of the following:

• Repository Scan Results

• Project Scan Results

• All Scan Results (only available from the Global Dashboard)

One example is shown below:

When exporting a repository, the generated report will contain the results found in all branches of that repository.

When exporting a project, the generated report will contain the results found in all branches of all repositories of that project.

When exporting all projects, the generated report will contain all results found in all projects in the Bitbucket instance. The resulting zip file will contain one csv file per project.

Export All Scan Results can put a strain on Bitbucket resources if there are a lot of results. Consequently, a dialog box will pop up to confirm that you wish to perform this action.

Using the Actions menu

From any dashboard, navigate to the desired level view, click the Actions dropdown menu, and select the Export item as shown below:

Exporting vulnerabilities via a REST call

You may also use various REST calls to export vulnerabilities of any given branch, repository, project, or the whole Bitbucket instance.