ounce:report
Description
The ounce:report
goal
generates a report from an assessment. If you do not specify an existing
assessment, ounce:report
runs ounce:scan
before
generating the report. Run ounce:report
from the
command line.
Specify the report parameters described in reportType Values and reportOutputType Values. If you
specify the reportType
, you must also specify reportOutputType
and reportOutputPath
.
reportType
Values
- A Findings report:
Findings by Bundle
Findings by API
Findings by Classification
Findings
DTS Activity
Findings by Type
Findings by CWE
Findings by File
- An AppScan®
Source report:
CWE SANS Top 25 2011
DISA Application Security and Development STIG V3R10
DISA Application Security and Development STIG V4R10
DISA Application Security and Development STIG V4R4
OWASP Mobile Top 10
OWASP Top 10 2013
OWASP Top 10 2017
PCI Data Security Standard V3.2
Software Security Profile
- A custom report, if available.
reportOutputType
Values
- Specify one of the following formats for this report:
html
: Generates the report as HTML and displays it online.zip
: Creates a ZIP file that contains all HTML report components.
- For reports in PDF format, you can specify the level of detail:
pdf-summary
: Contains counts for each custom report grouppdf-detailed
: Contains counts for each API for each vulnerability propertypdf-comprehensive
: Contains tables consisting of every finding for every APIpdf-annotated
: Contains all findings, any notes included with the findings, and designated code snippetspdf-annotated
: Generates an annotated report as a PDF file.