Active scanning directly probes hosts to identify services, versions, and vulnerabilities — using tools like Nessus or Qualys to authenticate and thoroughly test systems.
Credentialed (authenticated) scans find more vulnerabilities than non-credentialed. Scanning can cause system instability — schedule maintenance windows for production systems. Document scope and get authorization before scanning.