Data Extraction Guides
Step-by-step instructions for extracting the files needed to run a V/ergent assessment. Share the relevant guide with your client's IT or Basis team before the engagement.
All extractions are read-only. No changes are made to any system during data collection. A Basis Administrator (SAP), IT Security Manager (Oracle), Global Administrator (D365), Administrator (NetSuite / Sage Intacct / Sage X3), ReadOnly IAM User (AWS), or Reader + Security Reader (Azure) role is sufficient for all exports.
New to V/ergent?
Read the onboarding guide first
First 30 days: get your team in, run your first audit, understand findings, and know how to ask for support.
Open
SAP S/4 HANA
Data Extraction Guide
Transaction codes, SE16 table exports, HANA SQL queries, BTP Cockpit paths, and the four CCM transactional extracts across all 29 export files spanning 13 security & CCM domains.
29
Export files
13
Domains
85+
Checks run
Open SAP Guide
Oracle Fusion ERP
Data Extraction Guide
Security Console, IDCS Admin, OIC, OTBI, and AME navigation paths for all 21 export files across Oracle Fusion's security and CCM domains (incl. duplicate-payment, payroll, royalty, and BOM-variation extracts via OTBI / HCM Extract).
21
Export files
21
Domains
65+
Checks run
Open Oracle Guide
Microsoft Dynamics 365
Data Extraction Guide
PowerShell script + manual paths for Entra ID, Dataverse, Power Platform Admin, and DMF — all 28 export files across 12 security and CCM domains (incl. VendorPaymentJournal, Workers, BillsOfMaterials).
28
Export files
12
Domains
54+
Checks run
Open D365 Guide
Oracle NetSuite
Data Extraction Guide
SuiteQL REST API (TBA) + manual export paths for all 24 files across 11 security and CCM domains including SoD, financial controls, TBA token security, vendor-payment + BOM CCM extracts.
24
Export files
11
Domains
55+
Checks run
Open NetSuite Guide
Sage Intacct
Data Extraction Guide
XML Web Services API extraction + manual paths for all 22 files across 10 security and CCM domains including multi-entity security, AP controls, and APPYMT-based duplicate-payment detection.
22
Export files
10
Domains
51+
Checks run
Open Intacct Guide
Sage X3
Data Extraction Guide
Syracuse REST API extraction + manual paths for all 22 files covering AUTILIS, ADXTRACE, GACCENTRY, PAYMENTH, BOM, X3 workflow security, and the four CCM transactional extracts.
22
Export files
10
Domains
50+
Checks run
Open Sage X3 Guide
SAP Business One
Data Extraction Guide
Service Layer REST API + Direct SQL extraction for all 22 files — tailored for East African SME deployments on SQL Server or SAP HANA, including master data quality, business continuity, and CCM extracts (OVPM, OITT/ITT1, @VS_HR_*).
22
Export files
17
Domains
85+
Checks run
Open SAP B1 Guide
Amazon Web Services
Data Extraction Guide
AWS CLI PowerShell script for all 17 files — IAM credential report, S3, EC2, CloudTrail, KMS, RDS, account security, plus four CCM placeholder slots (transactional data lives in the ERP on top of AWS — supply from your ERP's extractor).
13
Export files
7
Domains
41+
Checks run
Open AWS Guide
Microsoft Azure
Data Extraction Guide
Az PowerShell + Microsoft Graph script for all 15 files — Azure AD users, admins, CA policies, NSGs, Key Vaults, SQL, Defender for Cloud, plus four CCM placeholder slots (transactional data sits in the ERP — supply from your ERP's extractor).
11
Export files
7
Domains
39+
Checks run
Open Azure Guide
Sage 300 People
Data Extraction Guide
REST API + SQL extraction for all 22 files — HR, payroll, people management security, employee access, compensation controls, plus duplicate-payroll-account CCM extract (EmployeeMaster + EmployeeBankAccount).
18
Export files
6
Domains
32+
Checks run
Open Sage 300 People Guide
CyberCore
User Guide
Not an extraction guide — a how-to-use walkthrough. Creating assessments, scoring controls, auto-scoring with rules, cross-framework mapping, and exporting audit-ready reports.
12
Frameworks
11
Sections
PDF
Downloadable
Open CyberCore Guide
V/ergent AppSec
User Guide
The application-security add-on. SARIF ingest from any scanner, live EPSS + KEV enrichment, automated triage, Observation / Rationale / Action / Remediation per finding, and merge-gate policies for CI.
6+
Scanners
11
Sections
PDF
Downloadable
Open AppSec Guide
What each guide covers
| Area | S/4 HANA | Oracle | D365 | NetSuite | Intacct | X3 | SAP B1 | AWS | Azure | Sage 300 |
|---|---|---|---|---|---|---|---|---|---|---|
| User Accounts | USR02, SE16 | Security Console | Graph API | employee exports | users / roles | AUTILIS | OUSR | iam_report | aad_users | user_security |
| Identity & MFA | — | IDCS settings | Entra CA policies | password_policy | password_policy | password_settings | password_policy | iam_mfa | aad_mfa | mfa_settings |
| Privileged Access | SUIM export | AACG export | Role x-check | role_assignments | module_perms | function_auth | SuperUser flag | AdministratorAccess | Global Admin | admin_roles |
| Password Policy | RZ11 params | IDCS Admin | CA policies | password_policy | password_policy | password_settings | OADM | account_settings | conditional_access | pwd_rules |
| Audit Logging | SM19 Log | Audit Policies | D365 settings | system_notes | audit_trail | ADXTRACE | ADTF | CloudTrail | Activity Logs | audit_log |
| Financial Controls | F110, REGUH | AME Rules | JE, Vendor | JE / payments | journals | GACCENTRY | JE / payments | — | — | payroll_approval |
| Integration | SM59 RFC | OIC Connx | API/Flow | tokens / restlets | api_creds | webservices | service_layer | iam_roles | service_principals | hr_api |
| Data Security | S_TABU | DPVS | Field security | saved_searches | reports | data_rules | database_users | s3_buckets | storage | comp_data |
| Network | — | — | DLP | — | — | — | — | SG / VPC | NSG | — |
| Encryption | — | — | — | — | — | — | EncryptionEnabled | KMS / RDS | KeyVault | — |
| Compliance | SCC4 | — | Environment | account_prefs | entities | site_settings | B1Version | config_rules | subscriptions | privacy_policy |
| Workflows | — | AME | Power Automate | approval_history | approval_wf | workflows | OATM | — | — | hr_workflows |
| Vendor | REGUH / LFB1 | — | vendor master | vendors | vendors | supplier | OCRD | — | — | — |
| CCM · AP Duplicates | REGUH / LFA1 | AP_CHECKS_ALL | VendorPaymentJournal | tran vendorpayment | APPYMT | PAYMENTH | OVPM / OCRD | — | — | — |
| CCM · Payroll Dupes | PA0002 / PA0009 | HCM Extract | Workers | employee + bank | ext. payroll feed | EMPLOYE_BNK | @VS_HR_* | — | — | EmployeeMaster |
| CCM · Royalty Anom. | Z-table | CN_PAYMENT_TRANS | custom journal | saved search | GLENTRY tagged | GROUPRES / Z | user-defined table | — | — | — |
| CCM · BOM Variations | MAST / STKO / STPO | BOM_STRUCTURES_B | BillsOfMaterials | bom / bomcomponent | ASSEMBLY (if MFG) | BOM / BOMD | OITT / ITT1 | — | — | — |
Need help extracting data? Contact support@vergent.co.ke