Agnech
Report Type

Executive Summary

Board-ready security reports with risk scores, trend analysis, and actionable recommendations. Designed for stakeholders who need the big picture.

Overview

The Executive Summary report distills complex security findings into clear, actionable insights for non-technical stakeholders. It focuses on business impact, risk trends, and strategic recommendations.

Bash
1# Generate executive summary report
2bloodhound report executive --output summary.pdf
3

4# Specify time period
5bloodhound report executive --period 30d --output monthly-summary.pdf
6

7# Compare to previous period
8bloodhound report executive --period 30d --compare-previous --output trend-report.pdf
9

10# Multi-project summary
11bloodhound report executive --projects api,web,mobile --output portfolio-summary.pdf

Report Structure

The executive summary is organized into six key sections, each designed to answer specific stakeholder questions.

Security Score

Overall security posture score (0-100)

Risk Trend

Historical comparison showing improvement or regression

Finding Summary

Breakdown by severity with counts and percentages

Top Risks

The 5 most critical issues requiring immediate attention

Team Performance

Mean time to remediate by team/project

Recommendations

Prioritized action items for the next period

Key Metrics

Text
1# Sample Executive Summary Output
2═══════════════════════════════════════════════════════════════════
3                    BLOODHOUND SECURITY REPORT
4                    Executive Summary
5                    Period: December 1-31, 2024
6═══════════════════════════════════════════════════════════════════
7

8SECURITY SCORE: 72/100 (Medium-High Risk)
9                ▲ +8 points from last month
10

11┌─────────────────────────────────────────────────────────────────┐
12│ FINDING SUMMARY                                                 │
13├─────────────────────────────────────────────────────────────────┤
14│ Critical    ████░░░░░░░░░░░░░░░░     3  (↓ 67% from last month) │
15│ High        ████████░░░░░░░░░░░░    12  (↓ 25% from last month) │
16│ Medium      ████████████████░░░░    34  (↑ 10% from last month) │
17│ Low         ██████████░░░░░░░░░░    21  (→ No change)           │
18│ Info        ████████████████████    56  (↑ 15% from last month) │
19├─────────────────────────────────────────────────────────────────┤
20│ Total: 126 findings across 2,847 files                          │
21│ Resolved this period: 47                                        │
22│ New this period: 23                                             │
23└─────────────────────────────────────────────────────────────────┘
24

25TOP 5 RISKS REQUIRING ATTENTION
261. [CRITICAL] SQL Injection in payment-api (Est. impact: $2.1M)
272. [CRITICAL] Hardcoded AWS credentials in deploy scripts
283. [CRITICAL] Authentication bypass in admin panel
294. [HIGH] Outdated OpenSSL version (CVE-2024-1234)
305. [HIGH] Missing rate limiting on login endpoint
31

32MEAN TIME TO REMEDIATE
33├── Critical: 2.3 days (Target: 1 day) ⚠️
34├── High: 5.7 days (Target: 7 days) ✓
35├── Medium: 14.2 days (Target: 30 days) ✓
36└── Low: 45.1 days (Target: 90 days) ✓
37

38RECOMMENDATIONS
391. Immediate: Address 3 critical findings within 48 hours
402. This Week: Upgrade OpenSSL across all services
413. This Month: Implement WAF for payment-api
424. This Quarter: Complete security training for new hires

Visualizations

Executive reports include professional charts and graphs suitable for board presentations.

Risk Trend Chart

12-month trend line showing security score progression with key events annotated (releases, incidents, audits).

Severity Distribution

Pie chart showing current finding distribution by severity with comparison to industry benchmarks.

Category Breakdown

Bar chart showing findings by vulnerability category (injection, auth, crypto, etc.).

Remediation Velocity

Line chart showing issues opened vs. resolved over time with velocity metrics.

Bash
1# Include specific charts
2bloodhound report executive --charts risk-trend,severity-pie,category-bar
3

4# High-resolution charts for presentations
5bloodhound report executive --chart-dpi 300 --output presentation.pdf
6

7# Export charts separately
8bloodhound report executive --export-charts ./charts/ --format png

Customization

Customize reports with your branding and specific metric requirements.

YAML
1# bloodhound.config.yaml - Report customization
2

3reports:
4  executive:
5    branding:
6      logo: "./assets/company-logo.png"
7      primary_color: "#0066CC"
8      company_name: "Acme Corporation"
9

10    sections:
11      - security_score
12      - finding_summary
13      - top_risks
14      - trend_analysis
15      - recommendations
16      # Exclude team_performance for external reports
17      # - team_performance
18

19    metrics:
20      # Custom severity thresholds
21      risk_levels:
22        critical: 90
23        high: 70
24        medium: 50
25        low: 30
26

27      # Target SLAs
28      remediation_targets:
29        critical: "24h"
30        high: "7d"
31        medium: "30d"
32        low: "90d"
33

34    comparisons:
35      # Compare against industry benchmarks
36      benchmarks: true
37      benchmark_source: "owasp"
38

39      # Compare against previous periods
40      periods: ["7d", "30d", "90d"]
41

42    formatting:
43      page_size: "letter"  # or "a4"
44      font: "Inter"
45      include_appendix: true

Automated Scheduling

Schedule recurring executive reports to be generated and distributed automatically.

Bash
1# Schedule weekly executive reports
2bloodhound schedule report executive \
3  --frequency weekly \
4  --day monday \
5  --time 08:00 \
6  --recipients ciso@company.com,board@company.com \
7  --subject "Weekly Security Report"
8

9# Schedule monthly board report
10bloodhound schedule report executive \
11  --frequency monthly \
12  --day 1 \
13  --format pdf \
14  --upload s3://reports/security/ \
15  --notify slack:#security-leadership
16

17# List scheduled reports
18bloodhound schedule list
19

20# Output:
21# ID        Type       Frequency  Next Run           Recipients
22# rep_001   executive  weekly     2024-01-08 08:00   ciso@company.com, ...
23# rep_002   executive  monthly    2024-02-01 09:00   board@company.com

Enterprise Feature

Automated report scheduling and distribution is available on Pro and Enterprise plans. Contact sales@agnech.com for access.