Findings & Reports

Scan Reports

How reports are generated, what they contain, and how to download them as Markdown or PDF.

Automatic Report Generation

At the end of every scan, the reporter agent produces a comprehensive report. This happens automatically — no manual action is required. The report is available on the scan detail page under the Report tab.

What Is Included

A standard APVISO scan report contains:

Executive Summary

A high-level overview of the assessment including the target, scan date, duration, model preset used, and an overall risk rating. This section is designed for non-technical stakeholders.

Scope and Methodology

Details of what was tested: the target URL, whether authenticated scanning was used, which agent configuration was active, and the testing methodology employed.

Findings Summary

A table listing all findings with severity, title, and status. Findings are sorted by severity (Critical first) to highlight the most important issues.

Detailed Findings

Each finding gets a dedicated section with:

  • Full description and impact analysis.
  • Evidence (HTTP requests and responses, proof-of-concept payloads).
  • Step-by-step reproduction instructions.
  • Remediation recommendations with code examples where applicable.
  • CWE and CVE references.
  • Compliance framework mappings.

Remediation Priorities

A prioritized list of recommendations, grouped by effort and impact, to help your team plan remediation work.

Downloading Reports

Markdown

Click Download Markdown to get the raw Markdown file. This is useful for importing into wikis, documentation systems, or version control.

PDF

Click Download PDF to generate a professionally formatted PDF document. The PDF includes the APVISO branding, a table of contents, and formatted evidence sections. PDF generation takes a few seconds.

Sharing Reports

Reports can be shared via:

  • Direct download and email attachment.
  • Integration delivery — reports can be automatically sent to configured integrations (e.g., Slack channel, webhook endpoint) when a scan completes.
  • The APVISO API — fetch report content programmatically using GET /api/scans/{scanId}/report.

Report Retention

Reports are retained for the duration of your subscription. Historical reports remain accessible even after the target is re-scanned. Enterprise customers can configure custom retention policies.

Back to Knowledge Base