You can run a scheduled command once or on a recurring schedule, setting the start time, end time, and frequency. Some common use cases for scheduling a command:
Mirroring a ticket from an external ticketing system.
Sending an email to a user, waiting a determined amount of time, and then sending the email again if a response has not been received.
Note
Scheduled commands run using the tenant's timezone.
Open an incident, locate the command entry in the War Room, and click the clock icon.
By default, scheduling options are displayed in a human-readable view. For recurring commands, you can use either a human-readable view or switch to the Cron view.
To schedule a command using the human-readable view:
For a non-recurring command, set the date and time for the command to run.
For a recurring command, select Recurring and then set the frequency.
To schedule a recurring command using the Cron view:
Select Recurring, and then click Switch to Cron view.
The Unified Policy framework facilitates a structured delegation model between Governance and Operations:
AppSec managers (Governance): Define prevention policies that specify which findings trigger enforcement actions across code, build, and deploy stages.
Set a start date and time.
(Optional) Set an end date and time.
AppSec practitioners (Operations): Respond to policy-driven issues, remediate blocked PRs and CI pipelines, and manage the remediation lifecycle within SLA targets.
To remove a scheduled command, click the clock icon and then click Remove schedule.
You can also schedule commands to run in the War Room by using a script. For more information, see the ScheduleCommand script.