Читать книгу CompTIA PenTest+ Certification For Dummies - Glen E. Clarke - Страница 19

There is no concrete answer to how frequently you should perform a penetration test; however, it’s best to perform a pentest annually and after any major change to the infrastructure.

Standards such as the PCI DSS state that in order to be compliant, organizations should perform external testing once a year, plus after making any major changes to the network infrastructure or application environments. The PCI DSS also states that you should perform internal testing once a year and after any major changes.