Security Report Example (HTML)
This is a rendered example of what an automated security report email can look like. It includes realistic sample values (no templating placeholders), uses tokenized preview links, and avoids any project-specific identifiers.
Rendered Example
🔒 Security Report
PRODUCTION • 2025-12-16 08:30:12 UTC
Automated scan results and recommended actions
Tables Scanned
14
Records Scanned
128,442
XSS Detected
2
Auto-Sanitized
1
Anomalies
3
Scan Duration
42s
Recommended Actions
- Review the 2 detected XSS findings and confirm the affected records were sanitized correctly.
- Investigate anomalous growth in free-text fields (possible abuse or ingestion bug).
- Ensure preview links remain read-only and expire within a short TTL (e.g., 15 minutes).
XSS Detections
| Table | Record | Field | Pattern | Original | Sanitized | Preview |
|---|---|---|---|---|---|---|
| users | usr_7f3c2a19 | display_name | <script> | <script>alert('xss')</script> Alex | Alex | View |
| tickets | tkt_91b0e3d2 | message | onerror= | <img src=x onerror=alert(1)> Need help | <img src="x"> Need help | View |
Anomalies
⚠️ Anomaly summary: 3 records exceeded size thresholds for free-text fields (possible abuse, ingestion loop, or logging leak).
| Table | Record | Field | Observed | Expected |
|---|---|---|---|---|
| tickets | tkt_6a12f9b0 | message | 32,140 chars | < 5,000 chars |
| notes | nte_c02d10aa | content | 18,004 chars | < 2,000 chars |
| users | usr_13aa90fe | bio | 9,210 chars | < 500 chars |
HTML (copy/paste)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Security Report</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Arial, sans-serif;
background: #f5f5f5;
margin: 0;
padding: 24px;
color: #333;
}
.container {
max-width: 900px;
margin: 0 auto;
background: #fff;
border-radius: 8px;
box-shadow: 0 2px 8px rgba(0, 0, 0, 0.08);
overflow: hidden;
}
.header {
background: linear-gradient(135deg, #4f46e5, #7c3aed);
color: #fff;
padding: 28px;
text-align: center;
}
.header h1 {
margin: 0;
font-size: 26px;
}
.badge {
display: inline-block;
padding: 4px 10px;
border-radius: 999px;
background: #111827;
font-size: 12px;
letter-spacing: 0.5px;
}
.content {
padding: 28px;
}
.grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(140px, 1fr));
gap: 12px;
margin: 18px 0;
}
.card {
background: #f8f9fb;
padding: 14px;
border-radius: 6px;
border-left: 4px solid #4f46e5;
}
.card.critical {
border-left-color: #dc2626;
background: #fef2f2;
}
.card.warning {
border-left-color: #f59e0b;
background: #fffbeb;
}
.pill {
display: inline-block;
padding: 4px 8px;
border-radius: 999px;
font-size: 12px;
background: #e5e7eb;
}
table {
width: 100%;
border-collapse: collapse;
margin-top: 10px;
font-size: 14px;
}
th,
td {
padding: 10px;
border-bottom: 1px solid #e5e7eb;
text-align: left;
vertical-align: top;
}
th {
background: #f9fafb;
font-weight: 600;
}
.code {
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, "Liberation Mono", monospace;
background: #f3f4f6;
padding: 4px 6px;
border-radius: 4px;
display: inline-block;
}
.alert {
padding: 12px 14px;
border-radius: 6px;
margin-top: 10px;
}
.alert.warning {
background: #fffbeb;
color: #92400e;
}
.footer {
margin: 0;
padding: 18px;
font-size: 12px;
color: #6b7280;
text-align: center;
border-top: 1px solid #e5e7eb;
background: #f9fafb;
}
a {
color: #4f46e5;
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>🔒 Security Report</h1>
<p><span class="badge">PRODUCTION</span> • 2025-12-16 08:30:12 UTC</p>
<p style="opacity: 0.85; margin-top: 8px;">Automated scan results and recommended actions</p>
</div>
<div class="content">
<div class="grid">
<div class="card">
<div class="pill">Tables Scanned</div>
<h3>14</h3>
</div>
<div class="card">
<div class="pill">Records Scanned</div>
<h3>128,442</h3>
</div>
<div class="card critical">
<div class="pill">XSS Detected</div>
<h3>2</h3>
</div>
<div class="card warning">
<div class="pill">Auto-Sanitized</div>
<h3>1</h3>
</div>
<div class="card warning">
<div class="pill">Anomalies</div>
<h3>3</h3>
</div>
<div class="card">
<div class="pill">Scan Duration</div>
<h3>42s</h3>
</div>
</div>
<h2>Recommended Actions</h2>
<ul>
<li>Review the 2 detected XSS findings and confirm the affected records were sanitized correctly.</li>
<li>Investigate anomalous growth in free-text fields (possible abuse or ingestion bug).</li>
<li>Ensure preview links remain read-only and expire within a short TTL (e.g., 15 minutes).</li>
</ul>
<h2>XSS Detections</h2>
<table>
<thead>
<tr>
<th>Table</th>
<th>Record</th>
<th>Field</th>
<th>Pattern</th>
<th>Original</th>
<th>Sanitized</th>
<th>Preview</th>
</tr>
</thead>
<tbody>
<tr>
<td><strong>users</strong></td>
<td><span class="code">usr_7f3c2a19</span></td>
<td>display_name</td>
<td><span class="pill" style="background: #fee2e2; color: #991b1b;"><script></span></td>
<td class="code"><script>alert('xss')</script> Alex</td>
<td class="code">Alex</td>
<td>
<a
href="https://api.example.com/admin/security/preview/users/usr_7f3c2a19?token=prv_2c8e...&field=display_name"
>View</a
>
</td>
</tr>
<tr>
<td><strong>tickets</strong></td>
<td><span class="code">tkt_91b0e3d2</span></td>
<td>message</td>
<td><span class="pill" style="background: #fee2e2; color: #991b1b;">onerror=</span></td>
<td class="code"><img src=x onerror=alert(1)> Need help</td>
<td class="code"><img src="x"> Need help</td>
<td>
<a
href="https://api.example.com/admin/security/preview/tickets/tkt_91b0e3d2?token=prv_2c8e...&field=message"
>View</a
>
</td>
</tr>
</tbody>
</table>
<h2>Anomalies</h2>
<div class="alert warning">
<strong>⚠️ Anomaly summary:</strong> 3 records exceeded size thresholds for free-text fields (possible abuse,
ingestion loop, or logging leak).
</div>
<table>
<thead>
<tr>
<th>Table</th>
<th>Record</th>
<th>Field</th>
<th>Observed</th>
<th>Expected</th>
</tr>
</thead>
<tbody>
<tr>
<td>tickets</td>
<td><span class="code">tkt_6a12f9b0</span></td>
<td>message</td>
<td>32,140 chars</td>
<td>< 5,000 chars</td>
</tr>
<tr>
<td>notes</td>
<td><span class="code">nte_c02d10aa</span></td>
<td>content</td>
<td>18,004 chars</td>
<td>< 2,000 chars</td>
</tr>
<tr>
<td>users</td>
<td><span class="code">usr_13aa90fe</span></td>
<td>bio</td>
<td>9,210 chars</td>
<td>< 500 chars</td>
</tr>
</tbody>
</table>
</div>
<div class="footer">
<p><strong>Automated Security Monitoring</strong></p>
<p>Generated automatically on a scheduled cadence (e.g., morning/evening). Adjust timing to match your scan schedule.</p>
</div>
</div>
</body>
</html>