One of the most common pieces of software to use in conjunction with a port scanner is a vulnerability scanner. This scanner takes the role of port scanning one level higher; rather than identifying open ports and services, it cross-references these versions with a (usually proprietary) database of vulnerabilities in order to show whether a given service is vulnerable to attack.
These scanners are the key elements in vulnerability assessments, as they reduce the burden of the security engineer; instead of having to manually identify weaknesses, a scanner (that is frequently updated) can do much of that work.
Although Nessus was originally started (in 1998) as a free security scanner, it has since then been closed off to the public due to Tenable (the company Nessus' creator founded) selling the licenses instead. While many security companies pay for these licenses, you can try out a fork of the Nessus project (OpenVAS) for free.
Using Nessus is fairly...