IDG Answers is a community of experts who are passionate about technology. Ask a question or answer one below.
Depends. Some certifications lay out specific requirements for pentesting. In general, I would mirror many certifications and say annually. If you make major changes to your network, I would think it would be wise to conduct penetration tests. One thing to keep in mind if you use AWS or other cloud service, you probably need to get approval first and make sure that you don't violate your TOS by conducting penetration testing out of the blue.