Enterprise Reporting
The PrimusSaaS.Security.Reporting package generates professional security reports from ScanResult.
As of v2.4.9 the HTML report matches and exceeds the SonarQube bitegarden Full Issues Breakdown Report in every dimension — free, no server required.
What's Included in v2.4.9
- HTML report — 11-section branded report: cover (LOC, size rating, branch, tech debt), executive dashboard, top-issues-by-frequency, hotspots section, detailed findings (flat + grouped-by-rule with inline descriptions), risk heat map by file, compliance scores, remediation & triage, quality gate, recommendations, scan config
- JSON formatter — full
SecurityReportmodel as structured JSON - CSV formatter — flat findings spreadsheet
- SARIF 2.1.0 — GitHub Advanced Security + Azure DevOps compatible, includes A–E ratings and duplication metrics
- Compliance scoring — OWASP Top 10, PCI-DSS, HIPAA, SOC2, GDPR (free; requires SonarQube Enterprise)
- PDF export — via
Primus.PdfGeneratorwhen configured; HTML bytes returned as fallback
See Security Reporting → for the full section inventory and field reference.
Example
using PrimusSaaS.Security.Reporting.Services;
using PrimusSaaS.Security.Reporting.Models;
using PrimusSaaS.Security.Reporting.Formatters;
var reporting = new ReportingService();
var report = await reporting.GenerateReportAsync(
"MyProject",
new List<VulnerabilityFinding>()
);
var html = HtmlFormatter.Export(report);
var json = JsonFormatter.Export(report);
var sarif = SarifFormatter.Export(report);
Notes on Compliance
Compliance scores are heuristic mappings of findings to frameworks. They do not certify PCI-DSS, HIPAA, SOC 2, GDPR, or ISO 27001 compliance.