> For the complete documentation index, see [llms.txt](https://docs.softwaresecured.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.softwaresecured.com/reports-and-certificates/viewing-and-downloading-reports-and-executive-summaries.md).

# Viewing and downloading reports and executive summaries

### **Reports** &#x20;

The final report is typically delivered two business days after the end date of active testing. Once testing is completed—and before we send the report—we fully scrutinize and evaluate the findings, collect any final necessary evidence, calibrate the risk, and perform internal QA on the report document. The document is one inclusive report for all components within scope unless other requirements were outlined before active testing began.

**The report includes the following information:**

* Table of contents
* Testing overview
* Testing dates
* Specific assets and components in scope
* Calibrated scoring overview
* Uniquely numbered sections for each vulnerability, including:
  * Vulnerability name and class
  * Vulnerability severity for both impact (CVSS) and risk (DREAD)
  * Vulnerability location and affected entities
  * Description of the vulnerability
  * Specific impact of the vulnerability (also reflected in scoring)
  * Mitigation (remediation) solutions and security recommendations
  * Steps to replicate (reproduce) each issue
  * Evidence or Proof of Concept (POC) for each vulnerability (or both, if necessary)
  * Additional external links and references

The pentest report is delivered directly through Portal. This allows you to easily control who has access to the report by managing your portal users and their permissions.

{% hint style="success" %}
We strive to make the report as detailed and actionable as possible; let us know if you require additional information. We can schedule a read-out call to go over the report in detail, or we can answer questions over email or Slack.&#x20;
{% endhint %}

#### **Downloading your PDF pentest report**

1. In the project selection bar, choose which project you would like to download a report for.&#x20;
2. Open the <mark style="color:orange;">**Reports & Executive Summaries**</mark> tab.&#x20;
3. **Optional:** Click <mark style="color:orange;">**Customize Report**</mark> to change what appears in the downloaded report or executive summary.&#x20;
4. Click the download button for the desired pentest, and select the report option.

<figure><img src="/files/qOPWNpYHKqhXSVxQmN0h" alt=""><figcaption><p><mark style="color:orange;"><strong>Reports &#x26; Certificates</strong></mark> tab</p></figcaption></figure>

***

### **Executive Summaries**

The pentest Executive Summary is an externally facing document that is a condensed version of the report. This document is best suited to be distributed to clients, auditors, and other external stakeholders.&#x20;

#### **Download the pentest executive summary**

1. In the project selection bar, choose which project you would like to download a certificate for.&#x20;
2. Open the <mark style="color:orange;">**Reports & Executive Summaries**</mark> tab.&#x20;
3. Use the test range selector to view the pentests that you want to view—either by date range or by test.&#x20;
4. **Optional:** Click <mark style="color:orange;">**Customize Executive Summary**</mark> to change what appears in the downloaded executive summary.&#x20;
5. Click the download button for the desired pentest, and select the executive summary option or the abbreviated executive summary option.

***

### **Exporting vulnerabilities as CSV**

Exporting your vulnerability information in a `.csv` file is an easy way to help move the information into other bug-tracking platforms that you may use. Copying vulnerability information to your clipboard is another easy way to help move the information into your bug-tracking platform.

1. In the project selection bar, choose which project you would like to export vulnerability information for.&#x20;
2. Open the <mark style="color:orange;">**Vulnerabilities**</mark> tab.&#x20;
3. Using the table multiselect, select the vulnerabilities that you want to include in the CSV file.
4. Click <mark style="color:orange;">**Export CSV**</mark> from the bulk actions dropdown.

<figure><img src="/files/aXXC2cpF8j37RW1sNjoy" alt=""><figcaption><p>Export vulnerabilities in CSV format on the <mark style="color:orange;"><strong>Vulnerabilities</strong></mark> tab</p></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.softwaresecured.com/reports-and-certificates/viewing-and-downloading-reports-and-executive-summaries.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.