Vulnerability scanning is the process of using automated tools to quickly detect common vulnerabilities and misconfigurations in your applications and infrastructure. It is a quick and cost-effective way to identify common vulnerabilities and misconfigurations.
This aids in the identification of vulnerabilities that may be exploitable by an attacker, and provides a baseline for future testing.
As vulnerability scanning is intended to identify known or easy to detect issue, some may be missed or misidentified and is not a replacement for manual testing which is required to sift through these 'false positives'. It is important to distinguish vulnerability scanning from penetration testing.
It is however, an important tool within security testing and risk management and is especially useful for rapidly testing quickly changing environments for preparing for compliance assessments such as PCI-DSS, ISO27001 and GDPR or Cyber Essentials.