Skip to main content

Set up scheduled scans

Configure recurring scan cadences on a project. AISafe runs assessments at regular intervals without manual intervention.

Prerequisites

  • An AISafe account with manager or higher role
  • A Project created for the repository or target you want to scan

Why schedule scans?

Codebases change: new dependencies, new endpoints, new code paths. A one-off scan captures a point-in-time snapshot. Scheduled scans validate your security posture over time. Regular scans catch drift before it becomes an incident.

Step 1: Open the project

  1. Navigate to Projects in the AISafe dashboard.
  2. Open the project you want to schedule scans for.

Step 2: Configure a schedule

  1. Go to the Scheduled Scans tab or settings section.
  2. Click Add schedule.
  3. Configure the schedule entry:
    • Cadence: how often the scan runs (daily, weekly, monthly, or a custom interval)
    • Assessment type: code audit or pentest
    • Source ref: which branch or ref to scan (for code audits, defaults to production)
  4. Save the schedule.

Step 3: How scheduled scans run

AISafe's scheduler checks for due occurrences and creates assessments:

  1. At the configured cadence, AISafe creates a scheduled assessment.
  2. AISafe creates a normal assessment with origin="scheduled".
  3. The assessment runs like any other: it hydrates from the project's living knowledge base, produces findings, and fires webhook events on completion.
  4. You receive notifications via configured webhooks or Slack integration.

Step 4: Monitor scheduled scans

Scheduled assessments appear in the normal assessments list, tagged with their origin. You can filter by origin=scheduled to see only scheduled runs. Each scheduled assessment produces findings, reports, and webhook events like a scan you trigger by hand.

Combining with monitoring

Scheduled scans and monitoring complement each other:

  • Scheduled scans run full assessments on a cadence to find new vulnerabilities
  • Monitoring re-validates existing finding PoCs to catch regressions

Enable both for comprehensive continuous coverage.

Next steps