Skip to main content
NETSUITE HEALTH CHECK · READ-ONLY · 5-MIN SETUP

Your NetSuite account is hiding problems.
This report finds them.

SuiteRX connects read-only, audits every script, role, integration, and token, and hands you a report that names each problem and tells you how to fix it. No consultant camping in your account for two weeks.

no gate. no sales call. the real report, on synthetic data.

Sound familiar

You have at least one of these right now.

Not “risks and inefficiencies.” The actual things we find.

>

A token-based auth credential expires Friday. The integration it powers goes down Monday. Nobody knew it existed.

>

Scripts written by a consultant who left in 2021. Still running on every save. Nobody knows why.

>

One administrator login. Full permissions. Shared by four people. No way to tell who did what.

>

Saved searches firing every 15 minutes that no one owns and no one reads.

>

An integration authenticated against an employee's personal login. That employee left in March.

>

A sandbox refresh quietly broke something in production. You find out during close.

Each one is invisible until it breaks, or until an auditor asks. The report surfaces them in a day, before either happens.

The actual output

It does not just find problems. It hands you the fix list.

Every scan produces an executive summary a controller can act on and a prioritized roadmap an admin can execute. Every finding names the object, the risk, and the fix.

The prescriptionReviewed by NetSuite consultants

Northwind Distribution Co.'s NetSuite environment scored 59 out of 100 (Developing), indicating material risks across security, data integrity, and operational governance that require immediate executive attention. Three critical findings (an integration user with full administrator access, an exposed payment file endpoint, and inconsistent inventory costing methods across subsidiaries) present direct exposure to financial fraud, regulatory non-compliance, and unreliable cost-of-goods reporting. Beyond the critical tier, 39 high-severity findings spanning unsecured RESTlets, unprotected vendor and employee data, and missing audit trail retention compound the organization's risk profile.

1
Revoke administrator access from the integration user and lock down the payment RESTletLow

The highest-probability path to financial fraud or a data breach. Both are fixable through role reconfiguration with no code changes.

2
Restrict exposed RESTlets and saved searches leaking vendor and employee dataMedium

Endpoints reachable by all roles create broad attack surface and likely breach data-protection obligations.

3
Standardize inventory costing methods across all subsidiariesHigh

Inconsistent costing distorts COGS and margin, making consolidated statements unreliable for audits and lender reporting.

4
Configure audit-trail retention and add the missing inventory reserve accountLow

Compliance gaps that draw immediate auditor scrutiny under ASC 330 inventory standards.

5
Clear governance & performance debt: script owners, duplicate deployments, workflow conditionsHigh

210 ownerless scripts and unconditional workflows silently degrade performance and raise the cost of every future change.

findings.sampleNorthwind Distribution Co.
critical

Integration user has full administrator access

Security · CELIGO_INTEGRATION

critical

Payment file RESTlet exposed to all roles

Security · customscript_pay_file

critical

Inventory costing method inconsistent across subsidiaries

Data Integrity · 3 subsidiaries

high

RESTlet endpoints accessible to all roles

Security · 6 endpoints

high

Chart of accounts missing required inventory reserve account

Compliance · COA

medium

Saved search returns >100k rows without filters

Performance · Open Orders / All

medium

Deployed script has no owner assigned

Governance · customscript_ord_sync

1,942 findings across 12 categories on this scan.

Coverage

What we actually check

Every script deployment reviewed. Every role and permission enumerated. Every integration token listed by name.

Access and identity controls

Segregation-of-duties conflicts, like one role that can create a vendor and pay it. Access tokens scoped to Administrator that bypass 2FA. Missing SSO, weak password length, long idle sessions. Mapped to SOX ITGC and SOC 2.

Security gaps that would fail an audit

RESTlets and Suitelets with open access. Over-provisioned roles with mass update and delete. Public saved searches exposing financial data. Integration users with admin rights.

Script health and integration hygiene

User Events firing too broadly. Governance violations in scheduled and Map/Reduce scripts. Orphaned scripts still executing. Deprecated APIs. Hardcoded internal IDs. Plus on-demand AI review of the actual source, for your own scripts, never bundle-managed ones.

Change management and configuration debt

Configuration edited directly in production instead of promoted from sandbox. Duplicate deployments. Inactive workflows still live. Workflows with no entry conditions. Undocumented custom fields.

Data quality and financial governance

Chart-of-accounts controls. Intercompany and consolidation setup. Audit-trail retention. Inventory costing consistency across subsidiaries. The controls that underpin financial integrity.

Dozens of automated checks. Every one mapped to a named control (SOX ITGC, SOC 2) and cited to an authoritative source.

always improving segregation of duties, token and auth posture, change management, per-script AI review all shipped recently. see what's new

Mechanics

How it works

A read-only connection, an automated audit, a report. No two-week engagement.

01

Connect, read-only

You grant scoped OAuth 2.0 access, or install a one-script Suitelet. SuiteRX reads configuration, scripts, roles, and tokens. It does not read your transactions, and it cannot write anything back.

02

Automated audit

The engine runs dozens of checks against the account: security, access, script health, integration hygiene, change management, data quality. Minutes, not weeks. Nobody sits in your account.

03

Report delivered

You get a health score, category breakdown, and every finding named, located, and severity-ranked, with a plain-language fix. Optional walkthrough with a consultant who has fixed these for over a decade.

Pricing

Prices on the page. No sales call to see a number.

Three plans, all including the full diagnostic. Cancel anytime.

SuiteRX is in beta. Founding customers lock in beta pricing.

Essentials

$299/month

Continuous visibility into your NetSuite environment.

  • Full scan on demand
  • Monthly automated re-scans
  • Executive summary and prescription
  • Severity-ranked remediation steps
  • Drift detection since last scan
  • 10 AI code reviews / month
  • Email support
Not for you if you run several subsidiaries or need weekly re-scans. Size up to Professional.
Start with Essentials
Most Popular

Professional

$699/month

The depth and frequency an active environment needs.

  • Everything in Essentials
  • Weekly automated re-scans
  • Real-time alerts on new criticals
  • Quarterly trend reports
  • Multi-subsidiary support
  • 50 AI code reviews / month
  • API access
Not for you if you want a consultant reviewing every scan and remediation hours included. That is Enterprise.
Start with Professional

Enterprise

$1,899/month

A senior consultant in your corner.

  • Everything in Professional
  • Consultant review of every scan
  • Monthly findings walkthrough
  • White Glove setup included
  • Unlimited AI code reviews
  • 4 hrs/mo remediation included
  • Direct line to the ADSG team
Overkill if you are one entity with a light customization footprint. Essentials or Professional will do.
Talk to our team

White Glove Setup. Done-for-you NetSuite connection by an ADSG consultant. $500 one-time, or free with Enterprise.

All plans include unlimited users, read-only access, and SOC 2-aligned data handling.

Run against real accounts

What it finds in the wild

Anonymized findings from real NetSuite environments we have scanned.

90%+

of scripts in one account were vendor-managed bundle code. We scan the ones that are actually yours.

1 role

that could create a customer and issue their own refund. A textbook segregation-of-duties conflict, sitting live.

100s

of configuration changes in a month, nearly all from a single integration login with standing access.

An integration token scoped to full Administrator.

A token-based credential tied to an Administrator role, bypassing two-factor, never expiring. If it leaked, it was full account access with no second factor. SuiteRX enumerates every active token, names its role, and flags the ones with standing admin rights.

Every account has a role problem.

Roles with mass update and delete granted years ago and never revoked. Password minimums well under current guidance. Sessions that stay logged in for hours. SuiteRX audits every role, permission, and auth setting, and tells you which ones an auditor will ask about.

Hundreds of changes, one login, no review.

In one account, nearly every configuration change in a month traced to a single login editing production directly. No sandbox, no promotion, no second set of eyes. SuiteRX separates human edits from integration traffic and flags direct production change.

[ composite findings from real NetSuite accounts. yours will differ. ]

Who is behind it

I have spent over a decade in NetSuite. SuiteScript, integrations, the last 10 percent of implementations that nobody else finishes.

I have inherited accounts held together with duct tape and prayer. Tokens about to expire, scripts nobody could explain, admin logins shared by half the office. Every time, I did the same thing first: I went through the account and wrote down everything that was wrong.

SuiteRX is that, automated. It is everything I check when I take over an account, turned into a report you can run yourself.

Mike Pagani

Founder, Adaptive Solutions Group

adaptivesuitesolutions.com
Questions

NetSuite health check, answered

What is a NetSuite health check?+

A NetSuite health check is an audit of your account's customizations and configuration: scripts, workflows, roles, permissions, integrations, tokens, and settings. SuiteRX runs it automatically, read-only, and returns a scored report that names each problem and how to fix it, usually in minutes rather than the weeks a manual review takes.

Is SuiteRX read-only? Can it change or see my data?+

SuiteRX connects read-only and cannot write anything back to your account. It reads configuration, scripts, roles, and tokens. It does not read your transactions and does not extract PII.

How does SuiteRX connect to NetSuite?+

Three ways, all read-only: an Easy path (install one Suitelet and paste a token), an Advanced path (OAuth 2.0 machine-to-machine with a PS256 certificate), or White Glove, where an ADSG consultant installs the connection for you. No consultant sits in your account for two weeks.

What does SuiteRX check?+

Access and identity controls (segregation of duties, admin-scoped tokens, SSO, password and session policy), security gaps, script health and integration hygiene, change management, and data quality. Every finding maps to a named control such as SOX ITGC or SOC 2 and cites an authoritative source.

How much does a NetSuite health check cost?+

SuiteRX is subscription pricing with the full diagnostic on every plan: Essentials $299/month, Professional $699/month, and Enterprise $1,899/month. You can see a live sample report first with no email required.

How long does it take?+

The scan runs in minutes. You connect read-only, the engine audits the account, and the report is delivered the same day, not after a multi-week engagement.

See what your account is hiding.

Scripts degrade, permissions drift, tokens expire, configuration debt compounds. See the report on a real account, then run one on yours.

built by consultants who have spent over a decade fixing what nobody else could find.