updated the README

added things we scan for at bottom of README

Author: 6mile

README.md

@@ -3,9 +3,7 @@
 A GitHub Action that analyses your web application for security and availability issues.
 When you add this to GitHub Actions we will analyze your web app everytime you deploy to a 
 public endpoint and let you know if what you've just deployed is secure and meets your 
-requirements.
-
-See the section below 
+requirements.  See below for what types of issues this action scans for.
 
 ```
 name: Example Workflow Using SecureStack Web Vulnerability Exposure Action
@@ -42,5 +40,12 @@ NOTE - to understand possible values for the action input `flags`, run the Secur
 3. Copy the value of the application id on the View Application screen.
 4. Paste into the value of the `securestack_app_id` action input for the step using the SecureStack action in your workflow.
 
+## What vulnerabilities do we find?
+1. Scans web application for out of date and vulnerable applicaiton components
+2. Identifies whether basic security controls like WAF, firewalls, and security headers are being used
+3. Finds all public facing assets & helps you understand your application attack surface
+4. Identifies misconfigurations in existing WAF or CDN
+5. Identifies if app is using CSP or security headers and whether they're working
+6. Finds WAF bypass attacks for Akamai, Cloudflare & Imperva
 
 Made with 💜  by [SecureStack](https://securestack.com)