Home > Storage > ObjectScale and ECS > Product Documentation > ECS PCI DSS Compliance > Requirement 11: Regularly test security systems and processes
As with any IT environment, tools, and practices, ensuring security systems and processes are effective is an ongoing process. Schedule security tests frequently, ensuring that all systems are ready. Additionally, consider that new software and devices introduce new threats to any IT environment. The threats are not only dependent on new software but could appear through a new version of the software if vulnerabilities were not discovered during the initial release.
ECS provides patches for any open security vulnerabilities. For more information on the ECS software release frequency, refer to the ECS Release Notes white paper.
The other requirements in this section are enforced through policies, procedures, and processes external to the ECS cluster.