OWASP · sydseter · Aug 7, 2025 · Aug 7, 2025
diff --git a/docs/en/04-design/02-web-app-checklist/index.md b/docs/en/04-design/02-web-app-checklist/index.md
@@ -12,6 +12,10 @@ an individual project's requirements and environment; they are not meant to be f
 Probably the best starting point for a checklist is given by the [Application Security Verification Standard (ASVS)][asvs].
 The ASVS can be used to provide a framework for an initial checklist, according to the security verification level,
 and this initial ASVS checklist can then be expanded using the following checklist sections.
+An effort has also been made to migrate best practices from the [OWASP Secure Coding Practices-Quick Reference Guide][scp]
+to the OWASP DevGuide.
+This checklist should contain most of the items from the quick references, some, however, have been rewritten or left out to
+ensure this checklist is in line with modern practices.
 
 ----
 
@@ -22,3 +26,4 @@ then [submit an issue][issue0602] or [edit on GitHub][edit0602].
 [edit0602]: https://github.com/OWASP/DevGuide/blob/main/docs/en/04-design/02-web-app-checklist/index.md
 [issue0602]: https://github.com/OWASP/DevGuide/issues/new?labels=content&template=request.md&title=Update:%2004-design/02-web-app-checklist/index
 [proactive10]: https://owasp.org/www-project-proactive-controls/
+[scp]: https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/