Vulnerability scanning checks systems for weaknesses in an application, computer or network. This is of benefit to organizations because it enables them to identify risks before they can be exploited by viruses, trojans and other attacks or exploits.
A network scanner will first look for active IP addresses, open ports, operating systems and any applications running throughout the network. Once the network is mapped and assets are identified, the scanner will try to determine the patch level of the OS or applications and also checks for any known vulnerabilities.