How I Built a Deliberately Vulnerable Banking App to Demonstrate Automated Security Scanning with Semgrep and Jenkins

Most developers I've worked with believe their code is secure because their tests pass. I used to think the same. This post is about proving that belief wrong — with a working demo anyone can run them