CORE CONCEPTS
Scheduling
Run security tasks on a schedule with full agent capabilities, memory, and credential access
Neo can run security tasks on a schedule without any manual intervention. You define what the agent should do, set when and how often it should run, and Neo handles the rest. Each scheduled execution gets the same full capabilities as a manual task: the complete agent swarm, sandbox toolchain, memory, and access to your stored credentials.
Schedules support two modes. One-time schedules run a task once at a specific point in the future. You can specify this as a relative delay (“run in 30 minutes”, “run in 2 hours”) or an absolute time (“run at 14:30 UTC”). This is useful for kicking off a test during a maintenance window, queuing up work for after a deployment, or deferring a long-running assessment to off-hours.
Recurring schedules run a task repeatedly on a cadence you define. The options are daily, weekly, monthly, or custom weekdays. For each, you set the time of day the task should execute. Custom weekdays let you pick specific days, so you could run a scan every Monday, Wednesday, and Friday at 9 AM. Each recurring execution creates a fresh task thread, so you get a clean conversation with full results every time while still being able to recall previous runs through memory.
The task you schedule is defined as a natural language message, exactly like what you would type into Neo manually. “Run a full Nuclei scan against staging.example.com and report critical and high findings.” “Test all API endpoints in the payments service for authentication bypasses.” “Enumerate subdomains for example.com and check for dangling DNS records.” Whatever you would ask Neo to do interactively, you can schedule it to happen automatically.
Secrets carry forward into scheduled executions. If your task requires API keys, authentication tokens, or credentials to reach internal targets, the schedule inherits the secrets from the session where it was created. You do not need to re-specify them. The agent resolves them securely at execution time, and they never appear in the task output or logs.
You can also attach workspace files to a schedule, so each execution has access to the same reference material: target lists, configuration files, custom wordlists, or any other files from your sandbox workspace.
Schedules can be scoped to a project, which means the results land within the context of a specific engagement rather than floating as standalone tasks. This keeps scheduled scan results organized alongside the rest of your project’s findings.
For teams running continuous assessments, the changes-only reporting mode is particularly useful. When enabled, each execution automatically compares its results against the previous run and generates a diff report. Instead of reading through a full scan report every day, you see only what changed: new findings that appeared, previously reported issues that were resolved, and any values that shifted between runs. This makes daily or weekly scheduled scans practical at scale because the output is focused on deltas rather than repeating the full picture every time.
The scheduler itself runs on a job queue with built-in retry logic, exponential backoff on failures, and concurrency controls. If an execution fails due to a transient issue, it retries automatically. Long-running tasks can execute for up to 24 hours, so even deep assessments complete without being cut short.
The practical use cases for security teams are straightforward. Schedule a daily perimeter scan to catch new exposed services. Run weekly API security checks against staging before each release cycle. Set up monthly compliance checks that produce a fresh report for your records. Queue a one-time deep assessment to run overnight against a new acquisition target. In each case, you define the task once and Neo runs it autonomously, with results waiting for you when you need them.