> ## Documentation Index
> Fetch the complete documentation index at: https://docs.withgiga.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Scheduling

> Run security audits on a recurring cron schedule for continuous coverage

# Scheduling

Scheduled audits run on a cron schedule, provisioning a fresh sandbox and executing the configured audit each interval. Use them for continuous coverage between manual engagements.

## Why schedule audits

* **Continuous coverage** — catch regressions within hours, not at the next quarterly pentest
* **Compliance** — produce continuous evidence for SOC 2 / ISO 27001 / PCI controls
* **Release gating** — schedule a shallow audit shortly after each release window
* **Drift detection** — see when a new subdomain appears or a new vulnerability surfaces

## Creating a scheduled audit

1. Open a workspace and click **Scheduling** in the workspace sidebar
2. Click **New Schedule**
3. Configure:
   * **Name** — e.g., "Daily shallow scan"
   * **Audit type** — shallow / deep / autonomous
   * **Cron expression** — when to run
   * **Targets** — defaults to workspace domain
   * **Scope** — required only for autonomous type
4. Click **Save**

The next run time appears immediately. Schedules are active by default.

## Cron syntax

WithGiga uses standard 5-field cron:

```
* * * * *
│ │ │ │ └─ day of week (0–7, 0 and 7 = Sunday)
│ │ │ └─── month (1–12)
│ │ └───── day of month (1–31)
│ └─────── hour (0–23)
└───────── minute (0–59)
```

**Common patterns**

| Expression     | Runs                 | Suggested mode |
| -------------- | -------------------- | -------------- |
| `0 9 * * 1`    | Weekly, Monday 9 AM  | Deep           |
| `0 0 * * *`    | Daily, midnight      | Shallow        |
| `0 */6 * * *`  | Every 6 hours        | Shallow        |
| `0 9 * * 1-5`  | Weekdays 9 AM        | Shallow        |
| `0 9 1 * *`    | Monthly, 1st at 9 AM | Deep           |
| `*/30 * * * *` | Every 30 minutes     | Shallow only   |

## Choosing a cadence

| Cadence             | Use shallow | Use deep  | Use autonomous |
| ------------------- | ----------- | --------- | -------------- |
| Hourly / frequent   | ✓           | —         | —              |
| Daily               | ✓           | If needed | —              |
| Weekly              | ✓           | ✓         | ✓              |
| Monthly / quarterly | —           | ✓         | ✓              |

<Note>
  Shallow audits are designed for frequent runs. Deep and autonomous audits consume significant compute — schedule them weekly or less often unless you specifically need higher frequency.
</Note>

## Managing schedules

From the **Scheduling** page you can:

* **Pause** a schedule without deleting it
* **Edit** the cron expression, audit type, or scope
* **Run now** to trigger an ad-hoc audit outside the schedule
* **View runs** to see past audits triggered by this schedule
* **Delete** the schedule (does not affect past audit history)

## Notifications

When a scheduled audit completes, WithGiga can notify via:

* **Email** — sent to your account email by default
* **Slack** — if [Slack is connected](/slack-integration)
* **Webhook** — if `callbackUrl` is configured on the schedule

Notifications include the audit score, finding counts, and a direct link to the report.

## Concurrency

Scheduled audits respect your plan's concurrent audit limit. If a schedule fires while you're at capacity:

* The scheduled run queues until capacity frees
* If the queue exceeds the configured timeout, it fails with `CONCURRENCY_LIMIT_EXCEEDED`

For continuous shallow scans across many workspaces, the Max plan removes the concurrency cap.

## Next steps

<Columns cols={2}>
  <Card title="Slack Integration" icon="slack" href="/slack-integration">
    Route schedule notifications to a channel.
  </Card>

  <Card title="Scheduled Audits API" icon="code" href="/api-reference/scheduled-audits">
    Manage schedules programmatically.
  </Card>
</Columns>
