Push Updates vs Schedule

Wondering how most folks do this.  I've always allowed push and a 2Hr scheduled update.  After the recent bad AV update, I'm beginning to reconsider that option.  Perhaps disabling push and configuring a bigger scheduled window to 8Hrs.  Can anyone at Fortinet confirm what triggers a push?  Is it ANY update or is there specific criteria.  Also if I do reconfigure as I've explained, would I still get all available updates when my schedule runs or would I start missing something, with the understanding that I of course would not immediately receive new defs until my schedule ran.  I think the benefit is that it would decrease the likelihood that I would receive a bad AV update as I have several times over the last ten years of running Fortigates.

Thanks for any feedback from Fortinet or other users.