Our client is interested in Security reports. While looking at the Sonarqube EE, I couldn’t find a way to export detailed SonarQube Hotspots.
What I’m able to get a high level PDF report showing OWASAP top10 and total number of vulnerabilities.
Is there a way I could export details of security hotspots ? I searched in community/forum, nothing much there.
Hi,
Welcome to the community!
Take a look at the project-level “regulatory report” (you’ll find it tucked under Project Information). It has a detailed lists of all Issues and Security Hotspots.
HTH,
Ann
Hi Ann,
Is this feature supported on specific version of SonarQube Enterprise.
Regards
Hi Amol,
Under “Project Information” on the top right of your project, you have a menu, and the last step is Regulatory Report.
Carine
Hi,
Thanks for this! The report you’re looking for was added after 8.9, so you have one more reason to upgrade.
Make sure you upgrade to SonarQube v9.9 LTS soon, not only to benefit from our Best LTS Ever™, but because soon we will systematically ask users to upgrade when they ask questions about earlier versions of SonarQube, which are now considered unsupported. 
HTH,
Ann
