Security for Confluence allows users to export CSV files containing findings in the spaces for which they have administration privileges. This can be done when viewing a space’s Security Analysis by clicking the Export Space dropdown at the top:
There are two options, both of which are in CSV format:
A Findings export contains the scan results for the space
A Reviewed False Positives export contains reviewed false positives, including who reviewed them and when they were reviewed. Reviewed false positives are scoped per-space and apply to all future and past findings in the space that match exactly.
You can also export findings for a particular space or for all spaces for which you have administration privileges, using the REST API.
Redacting findings in exported reports
If you want to keep the full text of findings from appearing in exported reports, you can disable the Include full finding text in exported reports setting in the plugin settings page:
Disabling this option will remove the Finding text and Full text columns from CSV exports, and will add a URL column, Report link – a link to the Security Analysis containing the finding.