"These are botnets that the IT group installed for you," Ptacek said.

In fact, enterprise management applications are potentially more dangerous than bots, because many are cross-platform programs that can run on Windows, Linux, and mainframe systems, and because they frequently use proprietary protocols to communicate that are difficult to monitor, Ptacek said.

The software often escapes scrutiny because it is deployed internally on enterprise networks, behind perimeter defenses that keep out Internet-based attacks. Like other internal applications, however, the systems can be vulnerable to compromise from insiders or hackers who slip in behind the firewall, Goldsmith said.

As enterprise IT managers deploy more and more of the applications, the complexity of monitoring them for malicious behavior becomes more complex.

"Multiply the security problem by how many agent applications people have running. You might have 40 or 50 different protocols running on a network, so you can't say "firewall it off here, but not there," Goldsmith said.