diff --git a/src/ontology/d3fend-protege.ttl b/src/ontology/d3fend-protege.ttl
index 74375fe9..018455ea 100644
--- a/src/ontology/d3fend-protege.ttl
+++ b/src/ontology/d3fend-protege.ttl
@@ -4345,7 +4345,10 @@ Management servers with enterprise policies for account management provide the a
         owl:Class,
         owl:NamedIndividual ;
     rdfs:label "Credential Scrubbing" ;
-    rdfs:subClassOf :SourceCodeHardening ;
+    rdfs:subClassOf :SourceCodeHardening,
+        [ a owl:Restriction ;
+            owl:onProperty :hardens ;
+            owl:someValuesFrom :Subroutine ] ;
     :d3fend-id "D3-CS" ;
     :definition "The systematic removal of hard-coded credentials from source code to prevent accidental exposure and unauthorized access." ;
     :kb-article """## How it Works
@@ -4355,6 +4358,7 @@ Credential Scrubbing involves identifying and eliminating hard-coded credentials
 * Developers should conduct regular audits of source code to ensure credentials are not hard-coded.
 * Exposed credentials found in version control history must be disabled and replaced promptly.
 * Adopt role-based access controls and credential rotation policies to minimize security risks.""" ;
+    :kb-reference :Reference-SecretsManagementCheatSheet-OWASP ;
     rdfs:seeAlso :CWE-798,
         <https://capec.mitre.org/data/definitions/191.html> .
 
@@ -32567,6 +32571,15 @@ delivery, up to message rejection.""" ;
         "Document Abstract was not found",
         "MITRE Analysis was not found" .
 
+:Reference-SecretsManagementCheatSheet-OWASP a :InternetArticleReference,
+        owl:NamedIndividual ;
+    rdfs:label "Secrets Management Cheat Sheet" ;
+    :has-link "https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html"^^xsd:anyURI ;
+    :kb-abstract "The OWASP Secrets Management Cheat Sheet provides clear directives for securely managing sensitive data like API keys and credentials. It emphasizes centralized control for storage, provisioning, and auditing to prevent unauthorized access. Adopting strong rotation and management protocols is essential for maintaining security and integrity in DevOps environments." ;
+    :kb-author "OWASP" ;
+    :kb-reference-of :CredentialScrubbing ;
+    :kb-reference-title "Secrets Management Cheat Sheet" .
+
 :Reference-SecureCachingOfServerCredentials_DellProductsLP a owl:NamedIndividual,
         :PatentReference ;
     rdfs:label "Reference - Secure caching of server credentials - Dell Products LP" ;