Internal vulnerability scanning is the use of a vulnerability scanner to scan the internal networks for vulnerabilities. The vulnerability scanner uses a set of rules to look for vulnerabilities caused by software weaknesses or misconfigured services.
The regular use of vulnerability scanners can help to detect vulnerabilities before they are exploited by malicious users or external parties. Vulnerability scanning is part of a comprehensive security policy.
They expect regular, automated scans by an updated vulnerability scanner. This should be part of the security policies and procedures. The procedures should include updating the scanner and ruleset on a frequent basis to ensure that the latest vulnerabilities are detected.