Data Extraction Guides
Step-by-step instructions for extracting the files needed to run a V/ergent assessment. Share the relevant guide with your client's IT or Basis team before the engagement.
All extractions are read-only. No changes are made to any system during data collection. A Basis Administrator (SAP), IT Security Manager (Oracle), Global Administrator (D365), Administrator (NetSuite / Sage Intacct / Sage X3), ReadOnly IAM User (AWS), or Reader + Security Reader (Azure) role is sufficient for all exports.
New to V/ergent?
Read the onboarding guide first
First 30 days: get your team in, run your first audit, understand findings, and know how to ask for support.
Open
SAP S/4 HANA
Data Extraction Guide
Transaction codes, SE16 table exports, HANA SQL queries, and BTP Cockpit paths for all 25 export files across 9 security domains.
25
Export files
9
Domains
75+
Checks run
Open SAP Guide
Oracle Fusion ERP
Data Extraction Guide
Security Console, IDCS Admin, OIC, OTBI, and AME navigation paths for all 17 export files across Oracle Fusion's security domains.
17
Export files
17
Domains
55+
Checks run
Open Oracle Guide
Microsoft Dynamics 365
Data Extraction Guide
PowerShell script + manual paths for Entra ID, Dataverse, Power Platform Admin — all 24 export files across 8 security domains.
24
Export files
8
Domains
44+
Checks run
Open D365 Guide
Oracle NetSuite
Data Extraction Guide
SuiteQL REST API (TBA) + manual export paths for all 20 files across 7 security domains including SoD, financial controls, and TBA token security.
20
Export files
7
Domains
45+
Checks run
Open NetSuite Guide
Sage Intacct
Data Extraction Guide
XML Web Services API extraction + manual paths for all 18 files across 6 security domains including multi-entity security and AP controls.
18
Export files
6
Domains
41+
Checks run
Open Intacct Guide
Sage X3
Data Extraction Guide
Syracuse REST API extraction + manual paths for all 18 files covering AUTILIS, ADXTRACE, GACCENTRY, PAYMENTH and X3 workflow security.
18
Export files
6
Domains
40+
Checks run
Open Sage X3 Guide
SAP Business One
Data Extraction Guide
Service Layer REST API + Direct SQL extraction for all 18 files — tailored for East African SME deployments on SQL Server or SAP HANA, including master data quality and business continuity checks.
18
Export files
13
Domains
75+
Checks run
Open SAP B1 Guide
Amazon Web Services
Data Extraction Guide
AWS CLI PowerShell script for all 13 files — IAM credential report, S3, EC2, CloudTrail, KMS, RDS and account security settings.
13
Export files
7
Domains
41+
Checks run
Open AWS Guide
Microsoft Azure
Data Extraction Guide
Az PowerShell + Microsoft Graph script for all 11 files — Azure AD users, admins, CA policies, NSGs, Key Vaults, SQL, and Defender for Cloud.
11
Export files
7
Domains
39+
Checks run
Open Azure Guide
Sage 300 People
Data Extraction Guide
REST API + SQL extraction for all 18 files — HR, payroll, and people management security covering employee access and compensation controls.
18
Export files
6
Domains
32+
Checks run
Open Sage 300 People Guide
CyberCore
User Guide
Not an extraction guide — a how-to-use walkthrough. Creating assessments, scoring controls, auto-scoring with rules, cross-framework mapping, and exporting audit-ready reports.
12
Frameworks
11
Sections
PDF
Downloadable
Open CyberCore Guide
V/ergent AppSec
User Guide
The application-security add-on. SARIF ingest from any scanner, live EPSS + KEV enrichment, automated triage, Observation / Rationale / Action / Remediation per finding, and merge-gate policies for CI.
6+
Scanners
11
Sections
PDF
Downloadable
Open AppSec Guide
What each guide covers
| Area | S/4 HANA | Oracle | D365 | NetSuite | Intacct | X3 | SAP B1 | AWS | Azure | Sage 300 |
|---|---|---|---|---|---|---|---|---|---|---|
| User Accounts | USR02, SE16 | Security Console | Graph API | employee exports | users / roles | AUTILIS | OUSR | iam_report | aad_users | user_security |
| Identity & MFA | — | IDCS settings | Entra CA policies | password_policy | password_policy | password_settings | password_policy | iam_mfa | aad_mfa | mfa_settings |
| Privileged Access | SUIM export | AACG export | Role x-check | role_assignments | module_perms | function_auth | SuperUser flag | AdministratorAccess | Global Admin | admin_roles |
| Password Policy | RZ11 params | IDCS Admin | CA policies | password_policy | password_policy | password_settings | OADM | account_settings | conditional_access | pwd_rules |
| Audit Logging | SM19 Log | Audit Policies | D365 settings | system_notes | audit_trail | ADXTRACE | ADTF | CloudTrail | Activity Logs | audit_log |
| Financial Controls | F110, REGUH | AME Rules | JE, Vendor | JE / payments | journals | GACCENTRY | JE / payments | — | — | payroll_approval |
| Integration | SM59 RFC | OIC Connx | API/Flow | tokens / restlets | api_creds | webservices | service_layer | iam_roles | service_principals | hr_api |
| Data Security | S_TABU | DPVS | Field security | saved_searches | reports | data_rules | database_users | s3_buckets | storage | comp_data |
| Network | — | — | DLP | — | — | — | — | SG / VPC | NSG | — |
| Encryption | — | — | — | — | — | — | EncryptionEnabled | KMS / RDS | KeyVault | — |
| Compliance | SCC4 | — | Environment | account_prefs | entities | site_settings | B1Version | config_rules | subscriptions | privacy_policy |
| Workflows | — | AME | Power Automate | approval_history | approval_wf | workflows | OATM | — | — | hr_workflows |
| Vendor | REGUH / LFB1 | — | vendor master | vendors | vendors | supplier | OCRD | — | — | — |
Need help extracting data? Contact support@vergent.co.ke