Passive Aggressive
Vulnerability scanners come as either passive or active devices, each of which have their advantages and disadvantages. Passive scanners are monitoring devices that work by sniffing the traffic that goes over the network between systems, looking for anything out of the ordinary. Their advantage is that they have no impact on the operation of the network and so can work 24 x 7 if necessary, but they can miss vulnerabilities particularly on more quiet parts of a network.
Active scanners probe systems in much the way hackers would, looking for weaknesses through the responses devices make to the traffic the scanners send to them. They are more aggressive and in some ways more thorough than passive scanners, but they can cause service disruptions and crash servers.
Many people see the two as complementary and recommend using passive and active scanners alongside each other. The passive scanners can provide the more continuous monitoring, while active scanners can be used periodically to flush out the cannier vulnerabilities.