Skip to content

Reports & Audits

The Reports module is the historical record of your compliance efforts. A report is a point-in-time snapshot of policy results — immutable evidence that can be used for internal audits, SOC2 verification, or regulatory compliance.

Why Reports Matter

Unlike the live policy view which shows the current state, a saved report captures the exact status of every test at the moment it was generated. This allows you to:

  • Maintain Evidence — prove your infrastructure met security standards on a specific date
  • Track Progress — compare snapshots over time to measure security posture improvement
  • Audit Readiness — provide auditors with formal documentation without giving them access to your production environment

How Reports Are Created

Reports are created manually from the live policy report view.

graph TD
    A[Run Policy] -->|Agent returns results| B[Live Policy Report]
    B -->|Admin clicks Save to History| C{Reports Archive}
    C --> D[View in Browser]
    C --> E[Download PDF]
    C --> F[Delete Record]
  1. Run a policy — manually or via the scheduler
  2. View the live report from the policy card
  3. Save to History — click the Save button to archive the current results
  4. The snapshot is stored with a timestamp and the name of the user who saved it

Reports are not automatic

The scheduler automates policy scans but does not automatically save reports. An administrator must review the live results and explicitly save them to the archive. This ensures reports represent a deliberate, reviewed compliance record.

Report Contents

Each saved report captures:

Field Description
Policy Name & Version The exact policy that was evaluated
Date & Time When the report was saved
Saved By The administrator who saved the report
Per-System Results PASS / FAIL for every test on every system
Compliance Verdict COMPLIANT or NON-COMPLIANT per system
Test Metadata Name and description of every test included

Viewing a Report

Navigate to Reports to see the full archive of saved reports.

From the reports list you can:

  • View — open the full report in the browser with per-system, per-test breakdown
  • Click any test name — view description, check procedure, and remediation steps
  • Download PDF — export a formatted, printable audit report
  • Delete — permanently remove the report record

Deletion is permanent

Deleted reports cannot be recovered. Before deleting, ensure you have exported a PDF copy if the record may be needed for future audits.

Bulk Delete

Select multiple reports using the checkboxes on the left of each row, then click Delete in the bulk toolbar to remove them all at once. Useful for cleaning up old automated scan snapshots.

Administrator role required

Bulk delete requires the Administrator role.

PDF Export

The PDF report includes:

  • Report header with policy name, version, date, and author
  • Per-system compliance verdict (COMPLIANT / NON-COMPLIANT)
  • Full breakdown of every test result per system
  • Test descriptions for audit context
  • Compliance summary with pass/fail counts

PDF reports are suitable for submission to external auditors and can be stored in your document management system as formal compliance evidence.

Best Practices

Save reports at regular intervals

Even if you use the scheduler for automated scans, establish a routine of saving reports — monthly at minimum, or after any significant infrastructure change.

Save before and after remediation

When you identify and fix a compliance failure, save a report before the fix (to document the gap) and after the fix (to prove remediation). This creates a clean audit trail.

Use policy versioning

When you update a policy, increment the version number before the next scan. This ensures saved reports clearly identify which set of controls was in effect at the time of each snapshot.