Is “continuous” compliance of network controls even possible? Standards, including PCI DSS 3.0, direct organizations to ensure that network defenses are validated continuously. Yet, it’s recognized that even periodic reviews prove troublesome and inconclusive. At the same time, emerging cloud, SDN and DevOps platforms lend new security methodologies and challenges. How will network audits evolve?