Because vulnerability scanning is a vitamin, not a painkiller. This type of thing addresses a specific pain--IT having to generate, keep track of, and manage access to[1] device passwords--and just happens to increase security as a side-effect.
[1] This part is important. In most companies, whenever you have a tech leave who knew a password? You've got to reset that password. You might not even know which passwords they knew, so you have to reset everything to be safe. And then the passwords other techs have memorized are invalidated. Incredibly painful.
[1] This part is important. In most companies, whenever you have a tech leave who knew a password? You've got to reset that password. You might not even know which passwords they knew, so you have to reset everything to be safe. And then the passwords other techs have memorized are invalidated. Incredibly painful.