That's very true, In my limited experience, they are tools sold to non-technical leadership that are either thrown to technical staff to deal with and implement or require letting yet another vendor have network access to manage. It adds up to a hot mess.
My favorite comment from a (authentication system) vendor, during a meeting where we were trying to figure out why users were having trouble logging into an internal app: "Do I have a charge code for this?"