Notifications
Clear all
Topic starter
09/06/2026 11:45 pm
TL;DR: SaaS management platforms are moving beyond inventory and license cleanup toward discovery, access governance, and shadow AI control, according to Zluri’s 2026 platform roundup. The shift matters because SaaS visibility alone does not answer who has access, how that access is used, or whether it should still exist.
NHIMG editorial — based on content published by Zluri: SaaS Management Top 20 SaaS Management Platforms [2026]
By the numbers:
- Only 5.7% of organisations have full visibility into their service accounts.
Questions worth separating out
Q: How should security teams govern shadow AI inside SaaS environments?
A: Security teams should treat shadow AI as an identity and data governance issue, not just an application approval problem.
Q: Why do SaaS platforms need to connect discovery with access review?
A: Discovery without access review leaves organisations with a list of apps but no decision path for removing unnecessary access.
Q: When should organisations prioritise licence reclaim over new app buying?
A: Organisations should prioritise licence reclaim when usage data shows repeated inactivity, duplicate tools, or role mismatch across existing subscriptions.
Practitioner guidance
- Tie SaaS discovery to access review workflows Require every newly discovered application to create an access review task, with ownership, usage level, and approval status captured before the app is treated as sanctioned.
- Link licence reclaim rules to real usage thresholds Set reclaim and downgrade conditions based on observed inactivity, not renewal calendars, so dormant entitlement becomes actionable rather than merely visible.
- Extend governance controls to shadow AI apps Classify unsanctioned AI tools under the same approval and data-handling policy set used for SaaS applications, including user attribution and policy enforcement.
What's in the full article
Zluri's full article covers the operational detail this post intentionally leaves for the source:
- The platform-by-platform feature comparison that helps buyers distinguish inventory-focused tools from governance-oriented ones
- Per-product customer rating context and market positioning details that are useful during shortlist evaluation
- Vendor-specific explanations of discovery methods, licence workflows, and AI app governance capabilities
- The practical buying criteria used to separate SaaS management, spend optimisation, and identity governance use cases
👉 Read Zluri's 2026 roundup of top SaaS management platforms →
SaaS management platforms and shadow AI: what IAM teams need to know?
Explore further
10/06/2026 2:14 am
App inventory is no longer the primary governance outcome. The market has moved toward control of access, usage, and enforcement inside the SaaS estate. A platform that only lists applications leaves the core identity questions unresolved, especially when shadow IT and shadow AI both create access paths that do not begin with formal approval. Practitioners should treat inventory as the starting point, not the control objective.
A few things that frame the scale:
- Only 5.7% of organisations have full visibility into their service accounts, according to the Ultimate Guide to NHIs.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
A question worth separating out:
Q: What is the difference between SaaS management and identity governance?
A: SaaS management focuses on discovering applications, optimising licences, and tracking usage, while identity governance decides who should retain access and under what conditions. In mature programmes, the two overlap because app visibility becomes most valuable when it drives access reviews, deprovisioning, and policy enforcement.
👉 Read our full editorial: SaaS management platforms now govern access, usage, and shadow AI
