Scheduling
Set up automated recurring scans so your domains are continuously monitored.
Why schedule scans?
Security configurations can change unexpectedly — SSL certificates expire, deployments may remove security headers, DNS records get modified, or new vulnerabilities emerge. Scheduled scans ensure you're alerted to changes as soon as they happen rather than discovering them after an incident.
Schedule options
Each check can have its own independent schedule:
| Frequency | Best for | Time selection |
|---|---|---|
| Hourly | Mission-critical production apps that need near-realtime monitoring | Runs every hour, no time selection needed |
| Daily | Most production domains. Recommended default for active projects. | Choose time of day (UTC) |
| Weekly | Staging environments, lower-priority domains | Choose day and time (UTC) |
| Monthly | Internal tools, low-traffic sites, compliance audits | Choose day and time (UTC) |
Setting up a schedule
- Go to Security Checks and click on the check you want to schedule
- In the check settings, find the Schedule section
- Select the frequency (hourly, daily, weekly, or monthly)
- For daily/weekly/monthly, choose the time and/or day
- Save the check — the schedule is now active
Tip: choose off-peak times
Schedule scans during off-peak hours for your application. While StackShield scans are lightweight and non-destructive, running them during quiet periods ensures your scan results aren't influenced by high traffic. Early morning UTC (e.g., 04:00) is often a good choice.
Managing schedules
Pausing a schedule
You can deactivate a check's schedule without deleting it. Toggle the check to inactive to pause scheduled scans. The schedule configuration is preserved, so you can reactivate it later without reconfiguring.
Changing frequency
Edit the check and select a different frequency. The next scheduled scan will use the new frequency. There's no downtime during the switch.
Viewing schedule status
On the checks list, each check shows:
- Whether it has an active schedule
- The schedule frequency
- When the last scheduled scan ran
- When the next scan is due
Schedules and manual scans
Manual scans and scheduled scans are independent. Running a manual scan doesn't affect the schedule — the next scheduled scan will still run at its configured time. You can run manual scans at any time regardless of whether a schedule is active.
Plan requirements
Scheduled scans are available on Pro and Business plans. Free trial users can run manual scans but cannot set up recurring schedules. See Billing & Plans for details.
Combining with CI/CD
Scheduled scans and CI/CD scans complement each other:
- Scheduled scans catch time-based changes — certificate expirations, DNS modifications, external service changes
- CI/CD scans catch deployment-related regressions — removed security headers, changed configurations, new endpoints
We recommend using both for comprehensive coverage. A daily schedule combined with CI/CD triggers on deployment gives you the best protection.