From 93959d6fd2b1cedc14e7bb5e9c5ddeca763e0336 Mon Sep 17 00:00:00 2001
From: Uncle Joe <1244005+sydseter@users.noreply.github.com>
Date: Thu, 7 Aug 2025 14:13:39 +0200
Subject: [PATCH] Update the checklist to add information regarding owasp scp

---
 docs/en/04-design/02-web-app-checklist/index.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/en/04-design/02-web-app-checklist/index.md b/docs/en/04-design/02-web-app-checklist/index.md
index 30766d94..307e4af6 100644
--- a/docs/en/04-design/02-web-app-checklist/index.md
+++ b/docs/en/04-design/02-web-app-checklist/index.md
@@ -12,6 +12,10 @@ an individual project's requirements and environment; they are not meant to be f
 Probably the best starting point for a checklist is given by the [Application Security Verification Standard (ASVS)][asvs].
 The ASVS can be used to provide a framework for an initial checklist, according to the security verification level,
 and this initial ASVS checklist can then be expanded using the following checklist sections.
+An effort has also been made to migrate best practices from the [OWASP Secure Coding Practices-Quick Reference Guide][scp]
+to the OWASP DevGuide.
+This checklist should contain most of the items from the quick references, some, however, have been rewritten or left out to
+ensure this checklist is in line with modern practices.
 
 ----
 
@@ -22,3 +26,4 @@ then [submit an issue][issue0602] or [edit on GitHub][edit0602].
 [edit0602]: https://github.com/OWASP/DevGuide/blob/main/docs/en/04-design/02-web-app-checklist/index.md
 [issue0602]: https://github.com/OWASP/DevGuide/issues/new?labels=content&template=request.md&title=Update:%2004-design/02-web-app-checklist/index
 [proactive10]: https://owasp.org/www-project-proactive-controls/
+[scp]: https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/