provide brief introduction to the checklist chapter

_data/draft.yaml

@@ -112,39 +112,36 @@ docs:
 - title: '10.3 Dynamic Application Security Testing (DAST)'
   url: 10-security-testing-validation/03-dast
 
-- title: '20. OWASP Top Ten Proactive Controls checklist'
-  url: 20-proactive-control-checklist/toc
+- title: '11. Checklist'
+  url: 11-checklist/toc
 
-- title: '20.1 Introduction'
-  url: 20-proactive-control-checklist/01-proactive-control-introduction
-
-- title: '20.2 Checklist: Define Security Requirements'
-  url: 20-proactive-control-checklist/02-define-security-requirements
+- title: '11.1 Checklist: Define Security Requirements'
+  url: 11-checklist/01-define-security-requirements
 
-- title: '20.3 Checklist: Leverage Security Frameworks and Libraries'
-  url: 20-proactive-control-checklist/03-frameworks-libraries
+- title: '11.2 Checklist: Leverage Security Frameworks and Libraries'
+  url: 11-checklist/02-frameworks-libraries
 
-- title: '20.4 Checklist: Secure Database Access'
-  url: 20-proactive-control-checklist/04-secure-database-access
+- title: '11.3 Checklist: Secure Database Access'
+  url: 11-checklist/03-secure-database-access
 
-- title: '20.5 Checklist: Encode and Escape Data'
-  url: 20-proactive-control-checklist/05-encode-escape-data
+- title: '11.4 Checklist: Encode and Escape Data'
+  url: 11-checklist/04-encode-escape-data
 
-- title: '20.6 Checklist: Validate All Inputs'
-  url: 20-proactive-control-checklist/06-validate-inputs
+- title: '11.5 Checklist: Validate All Inputs'
+  url: 11-checklist/05-validate-inputs
 
-- title: '20.7 Checklist: Implement Digital Identity'
-  url: 20-proactive-control-checklist/07-digital-identity
+- title: '11.6 Checklist: Implement Digital Identity'
+  url: 11-checklist/06-digital-identity
 
-- title: '20.8 Checklist: Enforce Access Controls'
-  url: 20-proactive-control-checklist/08-access-controls
+- title: '11.7 Checklist: Enforce Access Controls'
+  url: 11-checklist/07-access-controls
 
-- title: '20.9 Checklist: Protect Data Everywhere'
-  url: 20-proactive-control-checklist/09-protect-data
+- title: '11.8 Checklist: Protect Data Everywhere'
+  url: 11-checklist/08-protect-data
 
-- title: '20.10 Checklist: Implement Security Logging and Monitoring'
-  url: 20-proactive-control-checklist/10-security-logging-monitoring
+- title: '11.9 Checklist: Implement Security Logging and Monitoring'
+  url: 11-checklist/09-security-logging-monitoring
 
-- title: '20.11 Checklist: Handle all Errors and Exceptions'
-  url: 20-proactive-control-checklist/11-handle-errors-exceptions
+- title: '11.10 Checklist: Handle all Errors and Exceptions'
+  url: 11-checklist/10-handle-errors-exceptions
 

draft/00-toc.md

@@ -67,17 +67,16 @@ and so the content is expected to frequently change._
 10.2 [Static Application Security Testing (SAST)](#static-application-security-testing)  
 10.3 [Dynamic Application Security Testing (DAST)](#dynamic-application-security-testing)  
 
-20 **[OWASP Top Ten Proactive Controls checklist](#owasp-top-ten-proactive-controls-checklist)**  
-20.1 [Introduction](#owasp-top-ten-proactive-controls-introduction)  
-20.2 [Checklist: Define Security Requirements](#checklist-define-security-requirements)  
-20.3 [Checklist: Leverage Security Frameworks and Libraries](#checklist-leverage-security-frameworks-and-libraries)  
-20.4 [Checklist: Secure Database Access](#checklist-secure-database-access)  
-20.5 [Checklist: Encode and Escape Data](#checklist-encode-and-escape-data)  
-20.6 [Checklist: Validate All Inputs](#checklist-validate-all-inputs)  
-20.7 [Checklist: Implement Digital Identity](#checklist-implement-digital-identity)  
-20.8 [Checklist: Enforce Access Controls](#checklist-enforce-access-controls)  
-20.9 [Checklist: Protect Data Everywhere](#checklist-protect-data-everywhere)  
-20.10 [Checklist: Implement Security Logging and Monitoring](#checklist-implement-security-logging-and-monitoring)  
-20.11 [Checklist: Handle all Errors and Exceptions](#checklist-handle-all-errors-and-exceptions)  
+10 **[Checklist](#checklist)**  
+11.1 [Checklist: Define Security Requirements](#checklist-define-security-requirements)  
+11.2 [Checklist: Leverage Security Frameworks and Libraries](#checklist-leverage-security-frameworks-and-libraries)  
+11.3 [Checklist: Secure Database Access](#checklist-secure-database-access)  
+11.4 [Checklist: Encode and Escape Data](#checklist-encode-and-escape-data)  
+11.5 [Checklist: Validate All Inputs](#checklist-validate-all-inputs)  
+11.6 [Checklist: Implement Digital Identity](#checklist-implement-digital-identity)  
+11.7 [Checklist: Enforce Access Controls](#checklist-enforce-access-controls)  
+11.8 [Checklist: Protect Data Everywhere](#checklist-protect-data-everywhere)  
+11.9 [Checklist: Implement Security Logging and Monitoring](#checklist-implement-security-logging-and-monitoring)  
+11.10 [Checklist: Handle all Errors and Exceptions](#checklist-handle-all-errors-and-exceptions)  
 
 \newpage

draft/11-checklist/00-toc.md

@@ -0,0 +1,37 @@
+---
+
+title: Proactive Controls Checklist overview
+layout: col-document
+tags: OWASP Developer Guide
+contributors:
+document: OWASP Developer Guide
+order:
+
+---
+
+{% include breadcrumb.html %}
+
+## 11. Checklist
+
+Checklists are a valuable resource for development teams.
+They provide structure for establishing good practices and processes
+and are also useful during code reviews and design activities.
+
+The checklists below are based on the '[OWASP Top 10 Proactive Controls][proactive10]' project.
+
+Sections:
+
+11.1 [Checklist: Define Security Requirements](#checklist-define-security-requirements)  
+11.2 [Checklist: Leverage Security Frameworks and Libraries](#checklist-leverage-security-frameworks-and-libraries)  
+11.3 [Checklist: Secure Database Access](#checklist-secure-database-access)  
+11.4 [Checklist: Encode and Escape Data](#checklist-encode-and-escape-data)  
+11.5 [Checklist: Validate All Inputs](#checklist-validate-all-inputs)  
+11.6 [Checklist: Implement Digital Identity](#checklist-implement-digital-identity)  
+11.7 [Checklist: Enforce Access Controls](#checklist-enforce-access-controls)  
+11.8 [Checklist: Protect Data Everywhere](#checklist-protect-data-everywhere)  
+11.9 [Checklist: Implement Security Logging and Monitoring](#checklist-implement-security-logging-and-monitoring)  
+11.10 [Checklist: Handle all Errors and Exceptions](#checklist-handle-all-errors-and-exceptions)  
+
+[proactive10]: https://owasp.org/www-project-proactive-controls/
+
+\newpage

draft/20-proactive-control-checklist/09-protect-data.md → draft/11-checklist/08-protect-data.md

@@ -74,7 +74,7 @@ then [submit an issue][issue2009] or a [pull request][pr].
 
 [control8]: https://owasp.org/www-project-proactive-controls/v3/en/c8-protect-data-everywhere
 [cscs]: https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html
-[cssm]: https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_CheatSheet.html
+[cssm]: https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
 [issue2009]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=enhancement&template=request.md&title=Update:%2020-proactive-control-checklist/09-protect-data
 [pr]: https://github.com/OWASP/www-project-developer-guide/pulls
 [proactive10]: https://owasp.org/www-project-proactive-controls/

draft/11-checklist/toc.md

@@ -0,0 +1,35 @@
+---
+
+title: Table of Contents and Overview
+layout: col-document
+tags: OWASP Developer Guide
+contributors:
+document: OWASP Developer Guide
+order: 2000
+
+---
+
+{% include breadcrumb.html %}
+
+## 11. Checklist
+
+Checklists are a valuable resource for development teams.
+They provide structure for establishing good practices and processes
+and are also useful during code reviews and design activities.
+
+The checklists below are based on the '[OWASP Top 10 Proactive Controls][proactive10]' project.
+
+Sections:
+
+11.1 [Checklist: Define Security Requirements](01-define-security-requirements.md)  
+11.2 [Checklist: Leverage Security Frameworks and Libraries](02-frameworks-libraries.md)  
+11.3 [Checklist: Secure Database Access](03-secure-database-access.md)  
+11.4 [Checklist: Encode and Escape Data](04-encode-escape-data.md)  
+11.5 [Checklist: Validate All Inputs](05-validate-inputs.md)  
+11.6 [Checklist: Implement Digital Identity](06-digital-identity.md)  
+11.7 [Checklist: Enforce Access Controls](07-access-controls.md)  
+11.8 [Checklist: Protect Data Everywhere](08-protect-data.md)  
+11.9 [Checklist: Implement Security Logging and Monitoring](09-logging-monitoring.md)  
+11.10 [Checklist: Handle all Errors and Exceptions](10-handle-errors-exceptions.md)  
+
+[proactive10]: https://owasp.org/www-project-proactive-controls/

draft/toc.md

@@ -67,15 +67,14 @@ and so the content is expected to frequently change._
 10.2 [Static Application Security Testing (SAST)](10-security-testing-validation/02-sast.md)  
 10.3 [Dynamic Application Security Testing (DAST)](10-security-testing-validation/03-dast.md)  
 
-20 **[OWASP Top Ten Proactive Controls checklist](20-proactive-control-checklist/toc.md)**  
-20.1 [Introduction](20-proactive-control-checklist/01-proactive-control-introduction.md)  
-20.2 [Checklist: Define Security Requirements](20-proactive-control-checklist/02-define-security-requirements.md)  
-20.3 [Checklist: Leverage Security Frameworks and Libraries](20-proactive-control-checklist/03-frameworks-libraries.md)  
-20.4 [Checklist: Secure Database Access](20-proactive-control-checklist/04-secure-database-access.md)  
-20.5 [Checklist: Encode and Escape Data](20-proactive-control-checklist/05-encode-escape-data.md)  
-20.6 [Checklist: Validate All Inputs](20-proactive-control-checklist/06-validate-inputs.md)  
-20.7 [Checklist: Implement Digital Identity](20-proactive-control-checklist/07-digital-identity.md)  
-20.8 [Checklist: Enforce Access Controls](20-proactive-control-checklist/08-access-controls.md)  
-20.9 [Checklist: Protect Data Everywhere](20-proactive-control-checklist/09-protect-data.md)  
-20.10 [Checklist: Implement Security Logging and Monitoring](20-proactive-control-checklist/10-logging-monitoring.md)  
-20.11 [Checklist: Handle all Errors and Exceptions](20-proactive-control-checklist/11-handle-errors-exceptions.md)  
+10 **[Checklist](11-checklist/toc.md)**  
+11.1 [Checklist: Define Security Requirements](11-checklist/01-define-security-requirements.md)  
+11.2 [Checklist: Leverage Security Frameworks and Libraries](11-checklist/02-frameworks-libraries.md)  
+11.3 [Checklist: Secure Database Access](11-checklist/03-secure-database-access.md)  
+11.4 [Checklist: Encode and Escape Data](11-checklist/04-encode-escape-data.md)  
+11.5 [Checklist: Validate All Inputs](11-checklist/05-validate-inputs.md)  
+11.6 [Checklist: Implement Digital Identity](11-checklist/06-digital-identity.md)  
+11.7 [Checklist: Enforce Access Controls](11-checklist/07-access-controls.md)  
+11.8 [Checklist: Protect Data Everywhere](11-checklist/08-protect-data.md)  
+11.9 [Checklist: Implement Security Logging and Monitoring](11-checklist/09-logging-monitoring.md)  
+11.10 [Checklist: Handle all Errors and Exceptions](11-checklist/10-handle-errors-exceptions.md)