For offline viewing and printing of security scan reports with Security for Bitbucket, you can export those reports to CSV file, which will have the following format:

Exported CSV-file content example

You can export vulnerabilities using one of ways, described below.

Exporting from repository Scan page

To do so, first go to the repository and report in question.

Then click the Export button in the top right corner of the report:

You will then download a file with the naming scheme: <projectKey>_<repositoryKey>_<branchName>.CSV

Exporting from Security Scan Report

You can export detected vulnerabilities from global Security Scan Report in Administration area. Click action drop-down menu and select Export item as shown below:

Exporting vulnerabilities from Security Scan Report page

You can do this on any view level - branch, repository or project. In a latter case will be exported vulnerabilities, found in all branches of all repositories which belong the selected project.

Exported file will have the following name:

  • for project: <projectKey>.CSV

  • for repository: <projectKey>_<repositoryKey>.CSV

  • for branch: <projectKey>_<repositoryKey>_<branchName>.CSV

Note, that this menu item is displayed only when some vulnerabilities are present, if branch (repository, project) was not scanned or no vulnerabilities were detected during scan, Export menu item will not be shown.

Exporting vulnerabilities via REST-call

If you need to export overall vulnerabilities list for all projects, repositories and branches into a single file, you can use a REST-call.