update readme by adding vulnerabilities metrics section to link to sonarqube guide

newlight77 · newlight77 · commit 24519e2005bb · 2019-10-06T02:21:48.000+02:00
diff --git a/README.md b/README.md
@@ -65,6 +65,10 @@ And the link at next step will require the server hostname or IP address.
 
 2. And click on `Install` button, by leaving default values as-is.
 
+## Vulnerabilties Metrics
+
+OWASP comes with a Zed Attack Proxy (ZAP) tool to scan the vulnerabilities. We can use a ZAP Plugin for SonarQube 7.x to do just that. If you are interested in doing so, please refer to [this](./sonarqube/sonarqube.md) 
+
 ## Notes
 
 **The full course on Hacking and Securing Web Java Programs is available in** 
