diff --git a/ngsast.yaml b/ngsast.yaml
new file mode 100644
index 0000000..68a9588
--- /dev/null
+++ b/ngsast.yaml
@@ -0,0 +1,14 @@
+ngsast:
+- app:
+    name: shiftleft-java-demo
+    additional-findings:
+    - hsl-secrets
+    policy: io.shiftleft/helloshiftleft
+    language: JAVA
+additional-findings:
+  hsl-secrets:
+    entropy: 1.0
+    name: secrets
+    include:
+      - "**/*.properties"
+      - src/**
diff --git a/shiftleft.yml b/shiftleft.yml
index 94fb82c..ffd5585 100644
--- a/shiftleft.yml
+++ b/shiftleft.yml
@@ -8,7 +8,7 @@ build_rules:
     cvss_31_severity_ratings:
       - critical
       - high
-    threshold: 0
+    threshold: 10
     options:
       num_findings: 10 # Return 10 sast findings
   - id: "No reachable SCA findings"
@@ -17,7 +17,7 @@ build_rules:
     cvss_31_severity_ratings:
       - critical
       - high
-    threshold: 0
+    threshold: 10
     options:
       reachable: true
       num_findings: 10 # Return 10 reachable sca findings
@@ -27,6 +27,6 @@ build_rules:
     cvss_31_severity_ratings:
       - critical
       - high
-    threshold: 0
+    threshold: 10
     options:
       num_findings: 10 # Return 10 container findings