Vulnerability Research is the process by which security flaws in technology are identified. Vulnerability research can but does not always involve reverse engineering, code analysis, static analysis, etc. Whereas penetration tests and red team scenarios usually locate and exploit already known vulnerabilities in software, vulnerability research focuses on detecting and exploiting previously unknown vulnerabilities (0-days).