---
title: "What is the difference between the release vulnerability report and the \"on-demand\" vulnerability report data grid option on the Vulnerabilities page?"
description: "The vulnerability report can be downloaded in three different ways. The first way is through the release documents page. The second is through by generating an \"on-demand\" vulnerabilities report for a selected version on the page SBOM Vulnerabilities."
category: "Frequently Asked Questions"
section: "Supply Chain Management Software Dependencies"
keywords: ["vulnerability report", "image", "vulnerabilities", "demand", "download", "csv", "difference", "xlsx"]
source_url: "https://support.ketryx.com/hc/en-us/articles/30905424844685-What-is-the-difference-between-the-release-vulnerability-report-and-the-on-demand-vulnerability-report-data-grid-option-on-the-Vulnerabilities-page"
last_reviewed: 2026-06-11
---

# What is the difference between the release vulnerability report and the "on-demand" vulnerability report data grid option on the Vulnerabilities page?

> **In short:** The vulnerability report can be downloaded in three different ways. The first way is through the release documents page. The second is through by generating an "on-demand" vulnerabilities report for a selected version on the page SBOM Vulnerabilities.

The vulnerability report can be downloaded in three different ways. The first way is through the release documents page. The second is through by generating an "on-demand" vulnerabilities report for a selected version on the page _SBOM > Vulnerabilities._ The last way is by generating an "on-demand" vulnerabilities report that shows the current data grid that is displayed as either a CSV or XLSX file.

**Image 1: Documents for this version**

**Image 2: Download vulnerability report**

**Image 3: Download data grid view**

The data grid allows you to download the currently displayed data as CSV and XLSX. However there are some caveats to this. To name a few:

- The grid-view vulnerability report should not be used as validated evidence documentation. Only the Ketryx release reports should be used as the source of truth. For example, **Image 1** and **Image 2** are is the evidence documents. **Image 3,** “Download as CSV” should only be used "for information only".
- The vulnerability report downloaded from the grid view only displays what’s contained in a row, not what’s available in the detail pane, once expanded, such as links to mitigations and risks.
- This is raw data, so sometimes you may see unexpected data in the columns. For example on the All items page, if you download the CSV you will see numbers such as “100", “50”, “0" in the Approval state column. These values indicate to the system "behind the scenes" to then map to what you see in the table in your browser.

## Related articles

- [Can I use an external vulnerability scanner and report those results to Ketryx?](can-i-use-an-external-vulnerability-scanner-and-report-those-results-to-ketryx.md)
- [What are the Ketryx default release documents and what are the documents omitted by default? How do I re-include them in my release?](what-are-the-ketryx-default-release-documents-and-what-are-the-documents.md)
- [Why is the number of Test Cases in the Testing report different from the number of included Test Cases?](why-is-the-number-of-test-cases-in-the-testing-report-different-from-the-number.md)
- [Do Ketryx support Typescript/front end vulnerability checks?](do-ketryx-support-typescript-front-end-vulnerability-checks.md)
- [How do I view the approvals and approval history?](how-do-i-view-the-approvals-and-approval-history.md)
