Reports — Overview¶
Reports are summaries of findings in a format suitable for:
- CISO and leadership — security posture.
- Compliance audits — evidence for auditors.
- Customer-facing communication (for MSSPs) — reports to clients.
- Regulators — for GDPR / SOC2 / ISO27001.
Report types¶
| Type | Contents | Audience |
|---|---|---|
| Executive summary | Metrics, trends, top risks — no technical detail | Board, CEO, CISO |
| Technical report | All findings with details, recommendations, evidence | Security team, IR |
| Compliance report | Evidence-based report for a specific standard (GDPR, SOC2) | Auditor, compliance |
| Customer report (MSSP) | White-label report to a client with your branding | MSSP customers |
Report lifecycle¶
- Created — generated but not yet "frozen" (data may update).
- Published — fixed: report contents no longer change, even if new findings arrive.
- Exported — exported to a file (PDF/DOCX/CSV).
- Archived — old reports move to archive after 1 year.
Scope¶
Every report has a scope defining what to include:
- Date — e.g., "last 30 days", "Q2 2026", "specific date range".
- Severity — e.g., only
Critical + High. - Detection sources — report on HIBP only, or all.
- DataSources — by a specific domain or all.
- Statuses — only
new, or includeresolved.
One report = one fixed scope. If you need a different scope — create a new report.
How to create¶
Manually (ad-hoc)¶
- Reports → New Report.
- Pick a template (Executive / Technical / Compliance / Custom).
- Set the scope.
- Click Generate.
- The report is ready within seconds — view online or export.
On schedule¶
See Scheduled Reports.
What's next¶
- Scheduled reports — automation.
- Export — PDF, DOCX, CSV.