diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 00000000..398dd467
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,37 @@
+name: "wiz-cli"
+on:
+  push:
+    branches:
+    - master
+  pull_request:
+    branches:
+    - master
+
+jobs:
+  wiz-cli-iac-scan:
+    name: "Wiz-cli IaC Scan"
+    runs-on: ubuntu-latest
+    env:
+      SCAN_PATH: "." # Set the relative path in the repo to scan
+      
+    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
+    defaults:
+      run:
+        shell: bash
+
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Check out repository
+        uses: actions/checkout@v2
+
+      - name: Download Wiz CLI
+        run: curl -o wizcli https://downloads.wiz.io/wizcli/latest/wizcli-linux-amd64 && chmod +x wizcli
+
+      - name: Authenticate to Wiz
+        run: ./wizcli auth --id "$WIZ_CLIENT_ID" --secret "$WIZ_CLIENT_SECRET"
+        env:
+          WIZ_CLIENT_ID: ${{ secrets.WIZ_CLIENT_ID }}
+          WIZ_CLIENT_SECRET: ${{ secrets.WIZ_CLIENT_SECRET }}
+
+      - name: Run wiz CLI IaC scan
+        run: ./wizcli iac scan --path $SCAN_PATH --policy "$POLICY"
diff --git a/src/SQLInjection.java b/src/SQLInjection.java
new file mode 100644
index 00000000..b784de26
--- /dev/null
+++ b/src/SQLInjection.java
@@ -0,0 +1,9 @@
+import java.sql.*;
+import javax.servlet.http.HttpServletRequest;
+
+public class SQLInjection {
+  public static ResultSet doQuery(HttpServletRequest request, Connection connection) throws SQLException {
+    String customerName = request.getParameter("customerName");
+    String query = "SELECT account_balance FROM user_data WHERE user_name = " + customerName;
+    Statement statement = connection.createStatement();
+    ResultSet results = statement.executeQuery(query);