Your company likely uses hundreds of SaaS apps, but your security team is probably blind to who actually has access to them.