Set up scheduled scans
Configure recurring scan cadences on a project. AISafe runs assessments at regular intervals without manual intervention.
Prerequisites
- An AISafe account with manager or higher role
- A Project created for the repository or target you want to scan
Why schedule scans?
Codebases change: new dependencies, new endpoints, new code paths. A one-off scan captures a point-in-time snapshot. Scheduled scans validate your security posture over time. Regular scans catch drift before it becomes an incident.
Step 1: Open the project
- Navigate to Projects in the AISafe dashboard.
- Open the project you want to schedule scans for.
Step 2: Configure a schedule
- Go to the Scheduled Scans tab or settings section.
- Click Add schedule.
- Configure the schedule entry:
- Cadence: how often the scan runs (daily, weekly, monthly, or a custom interval)
- Assessment type: code audit or pentest
- Source ref: which branch or ref to scan (for code audits, defaults to
production)
- Save the schedule.
Step 3: How scheduled scans run
AISafe's scheduler checks for due occurrences and creates assessments:
- At the configured cadence, AISafe creates a scheduled assessment.
- AISafe creates a normal assessment with
origin="scheduled". - The assessment runs like any other: it hydrates from the project's living knowledge base, produces findings, and fires webhook events on completion.
- You receive notifications via configured webhooks or Slack integration.
Step 4: Monitor scheduled scans
Scheduled assessments appear in the normal assessments list, tagged with their origin. You can filter by origin=scheduled to see only scheduled runs. Each scheduled assessment produces findings, reports, and webhook events like a scan you trigger by hand.
Combining with monitoring
Scheduled scans and monitoring complement each other:
- Scheduled scans run full assessments on a cadence to find new vulnerabilities
- Monitoring re-validates existing finding PoCs to catch regressions
Enable both for comprehensive continuous coverage.
Next steps
- Monitor for regressions: catch reverted fixes
- Features: Scheduled Scans: understand the capability in depth
- Concepts: Project: the continuous security entity