The access review that made me realize VLOOKUPs weren't going to cut it

At one job, we did a quarterly access review the usual way. Exported from Okta, exported from Slack, opened both in Excel, and ran VLOOKUPs to match rows.

We found an account that had been deprovisioned in Okta four months earlier. Still had an active Slack member account, a Zoom account nobody touched, and a live OAuth token in a third-party app that was provisioned directly - never went through Okta to begin with.

Nobody did anything wrong. The Okta admin deprovisioned correctly. The OAuth app just wasn't in scope because nobody knew it existed outside the IdP.

That's the gap Thalian was built for. Tools that can't see each other.

Curious whether anyone here has a process that actually works for catching this kind of thing across platforms. What does your cross-platform access review look like right now?