Generating Reports
Create comprehensive security and compliance reports for stakeholders and auditors.
Reporting Overview
CastellanAI provides flexible reporting capabilities to document security posture, incident response actions, and compliance metrics. Generate reports on-demand or schedule automatic delivery to stakeholders.
| Feature | Description |
|---|---|
| 5 Report Types | Security, Compliance, Executive, Incident, Agent Health |
| Scheduled Delivery | Daily, weekly, or monthly automated reports |
| Multiple Formats | PDF, CSV, JSON exports |
How to Generate a Report
Step 1: Navigate to Reports
Access the reporting interface from your portal dashboard:
- Log in to your CastellanAI portal
- Navigate to Dashboard → Reports
- Click "New Report" button in the top-right corner
Step 2: Select Report Type
Choose the type of report that matches your needs:
Security Summary Report
Comprehensive overview of threats detected, actions taken, and current security posture. Ideal for security teams.
Compliance Report
Demonstrates compliance with frameworks like SOC 2, ISO 27001, HIPAA, or PCI DSS. Includes evidence and controls mapping.
Executive Summary
High-level security metrics and trends for leadership. Focuses on business impact and risk reduction.
Incident Response Report
Detailed timeline of specific incidents, actions taken, and resolution. For post-incident reviews and documentation.
Agent Health Report
Status of deployed agents, coverage metrics, and performance statistics. Ensures comprehensive monitoring.
Step 3: Configure Time Range & Filters
Specify the time period and filters for the report:
| Filter | Options |
|---|---|
| Time Range | Last 24 hours, 7 days, 30 days, or custom date range |
| Severity Filter | Include all events or filter by severity (Critical, High, Medium, Low) |
| Agent Filter | All agents, specific agents, or agent groups |
| Event Type Filter | Authentication, malware, network, privilege escalation, etc. |
Step 4: Generate & Download
Generate the report and download in your preferred format:
- Review report configuration summary
- Click "Generate Report" to process (typically 10-30 seconds)
- Choose export format: PDF (presentation), CSV (data analysis), or JSON (API integration)
- Download report to your computer
Generated reports are saved in your report history for 90 days and can be re-downloaded at any time.
What's Included in Reports
Security Metrics
- Total events collected and analyzed
- Threats detected by severity level
- Security score trend over time
- Most targeted systems and users
- Top threat types and attack vectors
Incident Response
- Response actions executed
- Mean time to detect (MTTD)
- Mean time to respond (MTTR)
- Action success/failure rates
- Incident resolution timelines
Compliance Evidence
- Control implementation status
- Audit log retention confirmation
- Security monitoring coverage
- Access control review documentation
- Incident response procedure adherence
Agent Coverage
- Total agents deployed by platform
- Agent online/offline status history
- Event collection rate per agent
- Agent health metrics and warnings
- Coverage gaps and recommendations
Scheduled Reports
Automate report generation and delivery to stakeholders on a regular schedule:
Daily Security Summary
Delivered every morning at 8 AM with previous 24-hour activity.
Weekly Executive Report
Every Monday with high-level metrics and trends.
Monthly Compliance Report
First of each month with full compliance evidence.
Configure scheduled reports from Settings → Scheduled Reports. Specify recipients, format, and delivery time.
Reporting Best Practices
- Tailor Reports to Audience - Executive summaries for leadership, detailed technical reports for security teams, compliance reports for auditors.
- Establish Regular Reporting Cadence - Daily for operations, weekly for management, monthly for executives and compliance.
- Include Context and Recommendations - Use report narrative sections to explain findings and suggest improvements.
- Archive Reports for Compliance - Maintain historical reports as evidence for audits and regulatory requirements.
- Review and Act on Findings - Use reports to identify trends, gaps, and areas for security improvement.
What's Next?
- Compliance Frameworks - Learn about supported compliance frameworks and evidence mapping
- Exporting Data - Export raw security data for advanced analysis
- Dashboard Overview - Understand the security metrics displayed in your dashboard