Exporting Findings

Security for Jira allows users to export CSV files containing findings in the projects for which they have administration privileges. This can be done when viewing a project’s Security Analysis by clicking the Export Project button at the top:

Redacting findings in exported reports

If you want to prevent the full text of findings from appearing in exported reports, you can disable the Include full finding text in exported reports setting in the plugin settings page:

Disabling this option will remove the Finding text and Full text columns from CSV exports, and add a column with a link to the issue where the finding was found. The Historical column is also omitted with this option disabled.

Deduplicate findings in exports

If you want to show every finding occurrence in your export reports, you can disable the Deduplicate findings in exports setting. Otherwise, findings will be presented once for every issue, comment, or attachment they’re discovered in, even if they are discovered more than once in the history of that page, blog post, or attachment. This behavior presents an export similar to the layout of the Security Analysis page.