This is a readme file for the webgoat security devops setup.

• The purpose of this project is to understand workflows in development and security.
• A scan is not necessary on every commit but there are key points of a branch's lifetime that are good to capture with a security scan.