Skip to main content
VulnTrack’s reporting system allows you to generate professional security assessment reports in multiple formats. This guide covers report types, customization options, and best practices.

Report Formats

VulnTrack supports three export formats:
  • PDF: Professional reports with tables, charts, and branding
  • CSV: Raw data export for spreadsheet analysis
  • HTML: Interactive web-based reports for online sharing

Creating Your First Report

1

Navigate to Reports

Go to Reports from the dashboard sidebar.
2

Configure Report Options

In the Generate New Report section, customize:
  • Report Name: Auto-generated based on type and date, or enter a custom name
  • Report Type: Select from Executive, Technical, Compliance, or Custom
  • Format: Choose PDF, CSV, or HTML
3

Apply Filters

Narrow down the vulnerabilities to include:
  • Severity: CRITICAL, HIGH, MEDIUM, LOW, or all
  • Date Range: From and To dates for vulnerability creation
  • Status: OPEN, IN_PROGRESS, RESOLVED, or all
4

Select Report Sections

Choose which sections to include:
  • Executive Summary
  • Risk Assessment
  • Charts & Graphs
  • Vulnerability Details Table
  • Remediation Plans
  • Compliance Mapping
5

Preview and Generate

Click Generate Report to create and download your report. The report is saved to your history for future access.

Report Types

Executive Summary Report

Ideal for leadership and stakeholders:
  • Focus: High-level overview of security posture
  • Includes:
    • Total vulnerability count
    • Severity breakdown (Critical, High, Medium, Low)
    • Open vs. Resolved metrics
    • Average DREAD risk score
    • Key recommendations
Default Name: Q{quarter} {year} Security Assessment 
// From reports/page.tsx:163-164
case "executive":
  return `Q${quarter} ${year} Security Assessment`

Technical Analysis Report

Detailed report for security teams:
  • Focus: In-depth technical details
  • Includes:
    • Full vulnerability descriptions
    • CVE IDs and CVSS scores
    • Affected systems and CPE data
    • Proof of concept examples
    • Mitigation steps with priorities
Default Name: {Month} {Year} Technical Analysis

Compliance Audit Report

For regulatory and compliance requirements:
  • Focus: Compliance framework alignment
  • Includes:
    • Vulnerability mapping to standards (NIST, ISO 27001, etc.)
    • Evidence of remediation
    • Audit trail references
    • Policy violation tracking
Default Name: {Year} Compliance Audit Report

Custom Report

Fully customizable for specific needs:
  • Focus: User-defined scope
  • Includes: Any combination of available sections
Default Name: Custom Security Report - {Date}

PDF Report Generation

PDF reports are generated using jsPDF and include:

Header Section

// From reports/page.tsx:214-228
const doc = new jsPDF()

doc.setFontSize(22)
doc.setTextColor(30, 41, 59)
doc.text("VulnTrack Security Report", 14, 22)

doc.setFontSize(16)
doc.setTextColor(100, 116, 139)
doc.text(name, 14, 32)

doc.setFontSize(10)
doc.text(`Generated: ${new Date().toLocaleString()}`, 14, 40)
doc.text(`Total Vulnerabilities: ${vulns.length}`, 14, 46)

Executive Summary

Automatic severity and status breakdown: 
// From reports/page.tsx:239-251
const critical = vulns.filter(v => v.severity === "CRITICAL").length
const high = vulns.filter(v => v.severity === "HIGH").length
const medium = vulns.filter(v => v.severity === "MEDIUM").length
const low = vulns.filter(v => v.severity === "LOW").length
const open = vulns.filter(v => v.status === "OPEN").length

doc.text(`This report covers ${vulns.length} vulnerabilities identified in your infrastructure.`, 14, yPos)
doc.text(`Critical: ${critical} | High: ${high} | Medium: ${medium} | Low: ${low}`, 14, yPos + 6)
doc.text(`Open Issues: ${open} | Resolved: ${vulns.length - open}`, 14, yPos + 12)

Risk Assessment

Calculates average DREAD scores: 
// From reports/page.tsx:262-267
const avgDread = vulns.reduce((sum, v) => sum + (v.dread?.total || 0), 0) / vulns.length || 0

doc.text(`Average DREAD Score: ${avgDread.toFixed(2)}`, 14, yPos)
doc.text(`Risk Level: ${avgDread > 7 ? "Critical" : avgDread > 5 ? "High" : avgDread > 3 ? "Medium" : "Low"}`, 14, yPos + 6)

Vulnerability Details Table

Uses jsPDF AutoTable for formatted data: 
// From reports/page.tsx:278-292
const tableData = vulns.map(v => [
  v.title.substring(0, 40) + (v.title.length > 40 ? "..." : ""),
  v.severity,
  v.status,
  v.dread?.total?.toFixed(1) || "N/A",
  new Date(v.createdAt).toLocaleDateString()
])

autoTable(doc, {
  head: [['Vulnerability', 'Severity', 'Status', 'DREAD', 'Date']],
  body: tableData,
  startY: yPos,
  styles: { fontSize: 9 },
  headStyles: { fillColor: [30, 41, 59] }
})

CSV Report Generation

CSV exports provide raw data for analysis in Excel, Google Sheets, or data tools:

Data Structure

// From reports/page.tsx:301-322
const headers = ["ID", "Title", "Severity", "Status", "DREAD Score", "Created At", "Description"]
const rows = vulns.map(v => [
  v.id,
  `"${v.title.replace(/"/g, '""')}"`, // Escape quotes
  v.severity,
  v.status,
  v.dread?.total || 0,
  v.createdAt,
  `"${(v.description || "").replace(/"/g, '""')}"`
])

const csvContent = [
  headers.join(","),
  ...rows.map(row => row.join(","))
].join("\n")

// Download as file
const blob = new Blob([csvContent], { type: "text/csv;charset=utf-8;" })
const link = document.createElement("a")
link.href = URL.createObjectURL(blob)
link.download = `${name.replace(/[^a-z0-9]/gi, '_')}.csv`
link.click()

Use Cases for CSV

Data Analysis: Import into Excel or Google Sheets for:
  • Custom pivot tables
  • Trend analysis over time
  • Integration with business intelligence tools
  • Bulk data manipulation

HTML Report Generation

HTML reports create interactive, web-based documents:

Features

  • Responsive design for desktop and mobile
  • Embedded CSS styling
  • Severity badges with color coding
  • Statistics cards with metrics
  • Sortable vulnerability table

Preview Mode

// From reports/page.tsx:295-297
if (preview) {
  return doc.output('bloburl') // Opens in new tab
}

Sharing HTML Reports

Options for distribution:
  1. Download: Save as .html file and email
  2. View in Browser: Open directly from VulnTrack
  3. Host Internally: Upload to internal web server
  4. PDF Print: Use browser print-to-PDF for static version
Security Consideration: HTML reports contain sensitive vulnerability data. Only share via secure channels and with authorized personnel.

Report History

VulnTrack maintains a history of all generated reports:

Storage

Reports are stored in browser localStorage: 
// From reports/page.tsx:201-203
const updatedReports = [newReport, ...generatedReports]
setGeneratedReports(updatedReports)
localStorage.setItem('vulntrack_reports', JSON.stringify(updatedReports))

Report Metadata

interface GeneratedReport {
  id: string
  name: string
  type: string // executive, technical, compliance, custom
  format: string // PDF, CSV, HTML
  dateGenerated: Date
  status: 'completed' | 'processing' | 'failed'
  vulnerabilityCount: number
}

Managing History

From the Report History table:
  • View: Preview report in browser (HTML/PDF)
  • Download: Re-generate and download report
  • Share: Copy shareable text summary
  • Delete: Remove from history
Re-generation: Clicking “Download” re-generates the report with current vulnerability data, which may differ from the original if vulnerabilities have been updated or deleted.

Filtering Reports

Date Range Filter

Limit vulnerabilities by creation date: 
// From reports/page.tsx:138-153
function getFilteredVulnerabilities() {
  return vulnerabilities.filter(v => {
    if (severityFilter !== "all" && v.severity !== severityFilter) return false
    
    if (dateRange.from) {
      const vulnDate = new Date(v.createdAt)
      const fromDate = new Date(dateRange.from)
      if (vulnDate < fromDate) return false
    }
    
    if (dateRange.to) {
      const vulnDate = new Date(v.createdAt)
      const toDate = new Date(dateRange.to)
      if (vulnDate > toDate) return false
    }
    
    return true
  })
}

Severity Filter

Focus on specific severity levels:
  • All: Include all vulnerabilities
  • CRITICAL: Only critical severity
  • HIGH: High severity issues
  • MEDIUM: Medium severity
  • LOW: Low severity findings

Best Practices

Regular Cadence: Generate reports on a consistent schedule:
  • Executive Reports: Monthly or quarterly
  • Technical Reports: Weekly or bi-weekly
  • Compliance Reports: Annually or per audit cycle
Descriptive Names: Use clear, consistent naming:
  • ✅ “Q1 2026 Executive Security Review”
  • ✅ “March 2026 Critical Vulnerabilities Report”
  • ❌ “Report 1”
  • ❌ “Test Report”
Filter Before Generating: Apply filters to create focused reports:
  • Critical vulnerabilities only for urgent reviews
  • Resolved items for retrospectives
  • Specific date ranges for milestone reports
Save Multiple Formats: Generate both PDF (for sharing) and CSV (for analysis) of the same dataset for flexibility.

Troubleshooting

PDF Not Downloading

Problem: Report generation completes but file doesn’t download. Solutions:
  • Check browser pop-up blocker settings
  • Verify sufficient disk space
  • Try a different browser
  • Check browser console for JavaScript errors

Empty Report Generated

Problem: Report file is empty or shows zero vulnerabilities. Solutions:
  • Verify filters aren’t too restrictive
  • Check that vulnerabilities exist in the selected date range
  • Ensure you have visibility to team vulnerabilities
  • Remove all filters and try again

Report History Not Persisting

Problem: Generated reports disappear after page refresh. Solutions:
  • Verify browser localStorage is enabled
  • Check that cookies/storage aren’t being cleared
  • Use incognito/private mode to test for extension conflicts
  • Try a different device or browser

Next Steps

Build docs developers (and LLMs) love

Get started for freeTalk to us