topic Re: Automatic report on base image vulnerabilities in Prisma Cloud Discussions

Automatic report on base image vulnerabilities

P.Tomala — Mon, 16 Mar 2026 10:39:33 GMT

In Prisma Cloud (SaaS version), under Runtime Security > Defend > Vulnerabilities > Base Images, I have defined base images, and I can also search for them under Monitor > Vulnerabilities > Registries

I need a weekly report on the vulnerabilities detected in these base images. How can I automate this so that a CSV file is automatically sent, for example, to a specified email address?

Re: Automatic report on base image vulnerabilities

amy312james — Wed, 08 Apr 2026 11:13:47 GMT

Hello,
Prisma Cloud doesn’t provide a built‑in scheduler for sending vulnerability reports by email, but you can automate it using the API. The typical approach is to script a weekly job (for example, with cron or a CI/CD pipeline) that calls the Prisma Cloud API to fetch vulnerability data for your defined base images, exports the results to CSV, and then uses an email service (like SMTP or a cloud function) to send the file to your chosen recipients. This way, you’ll have a consistent, automated report delivered without manual intervention

Re: Automatic report on base image vulnerabilities

kiwi — Wed, 08 Apr 2026 13:37:13 GMT

Hi @P.Tomala ,

The catch is that Prisma Cloud doesn't have a direct "Email CSV" scheduler built into that specific dashboard view.

If you go to the main Reports tab in the side navigation (outside of the Compute/Runtime tab), you can schedule reports to be emailed directly to you. However, these are generally high-level compliance and inventory reports:

https://docs.prismacloud.io/en/enterprise-edition/content-collections/reports/create-and-manage-reports

Since you mentioned Runtime Security > Defend, you are likely looking for the granular vulnerability data found in the 'Compute' section. You can generate the CSV but this specific 'Compute' engine lacks the built-in Email.

Check the main Reports tab first.... you might be able to find a Vulnerability Report there that supports the email scheduler you're looking for.

If that report doesn't give you the 'Base Image' granularity you need, you'll likely have to stick with downloading it manually, or use an API for the email push as suggested by @amy312james

Best,