🚧 DevGuard & this page is under active development. Visit the DevGuard Repo →

Generate CSAF Reports

Generate CSAF (Common Security Advisory Framework) reports to document and distribute vulnerability information in a standardized format.

Prerequisites

Before you begin, ensure you have:

Access to a DevGuard repository with detected vulnerabilities
Project admin or owner permissions
At least one vulnerability to report on
Knowledge about CSAF format

Access CSAF Reports

CSAF reports are automatically generated on-demand by DevGuard:

Enable Public Access

Navigate to Organization → Project → Repository → Settings

Enable the toggle for public access to vulnerability data: Enable Public Access to Vulnerability Data

This will allow external parties to access vulnerability data for this repository and how vulnerabilities are assessed, improving transparency in your supply chain.

Next Steps

Generate VEX Documents - Export vulnerability exceptions
Export SBOM - Download component inventory
View Compliance Dashboards - Monitor all vulnerabilities

Export SBOM Documents Generate VEX Documents