Richard Brain designs software to break into company systems. But he only uses it when authorised, which is just as well if his claims for his company's ProCheckUp software are to be believed.

He shocked one national bank by gaining access at a level where he could have transferred funds between accounts, and got into the customer database of a major national company.

Brain is a technical director of ProCheckUp, a spin-off from the City IT services company Syntax Integration where he worked previously as a consultant in the design of large networks.

To discover the vulnerabilities of networks, he had in effect to become a hacker himself. ProCheckUp is based on artificial intelligence techniques he used for circuit design software he wrote several years back as a university project.

It identifies the operating system, hardware and applications used on the target system and, by using bots (software agents), it identifies directories and other details that might be exploited.

These details are checked against a knowledge base that lists known vulnerabilities, which are then exploited to seek sensitive information that may be used for deeper attacks - a process that can be repeated to find more vulnerabilities.

Brain claims it is the only commercially available system that can gain full access to directory permissions, and that it typically finds between five and 10 times more vulnerabilities than rival packages. Currently the software is available only as a service. Details are at www.procheckup.com.