Technology quickly changes and evolves with time passing. So does the security posture of a system. Keeping a system secure is a hard task to tackle and there are numerous approaches applied. Just like ongoing unit tests in Continuous Integration of software engineering (in order to ensure that changes in software doesn’t break anything), security monitoring should be, too, an ongoing process making sure that any changes in configuration or software don’t open vulnerabilities for hackers to abuse.
Services change with production deployments, application of patches and configurational tweaks. These modifications directly or indirectly affect the stability and security, therefore vulnerabilities might be introduced. Periodic and continuous security scan should prevent such vulnerabilities lingering around for a long time for an attacker to take advantage of.