This guy Just has it wrong when he calls port scanning an adversarial technique. It's Just a way to discover Services. You can then use the result to do malicious things but it's not like the only or even main purpose. I humbly refer to this: https://koeln.ccc.de/ablage/portscan-policy.xml (Google translate can help with the german)