diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..8f35efd
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+      time: '00:45'
diff --git a/.github/workflows/validate-owasp-metadata.yaml b/.github/workflows/validate-owasp-metadata.yaml
new file mode 100644
index 0000000..3c148ca
--- /dev/null
+++ b/.github/workflows/validate-owasp-metadata.yaml
@@ -0,0 +1,27 @@
+name: Validate OWASP entity metadata
+
+on:
+  pull_request:
+    paths:
+      - '*.owasp.yaml'
+  push:
+    paths:
+      - '*.owasp.yaml'
+
+permissions:
+  contents: read
+
+concurrency:
+  cancel-in-progress: true
+  group: ${{ github.repository }}-${{ github.workflow }}-${{ github.ref }}
+
+jobs:
+  validate-metadata:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Validate metadata file
+        uses: owasp/nest-schema/.github/actions/validate@a733198b4a942eb12d3ee8629cd9e0d409b1b2b9
diff --git a/project.owasp.yaml b/project.owasp.yaml
new file mode 100644
index 0000000..b642722
--- /dev/null
+++ b/project.owasp.yaml
@@ -0,0 +1,38 @@
+audience:
+  - builder
+  - defender
+leaders:
+  - name: Ricardo Iramar
+    email: ricardo.iramar@owasp.org
+    github: riramar
+  - name: Dominique Righetto
+    email: dominique.righetto@owasp.org
+    github: righettod
+level: 3.5
+license:
+  - Apache-2.0
+  - GPL-2.0
+  - GPL-3.0
+name: OWASP Secure Headers Project
+pitch: Provides technical information about HTTP security headers.
+repositories:
+  - name: www-project-secure-headers
+    url: https://github.com/OWASP/www-project-secure-headers
+    description: The OWASP Secure Headers Project
+  - name: owasp-swag
+    url: https://github.com/OWASP/owasp-swag
+    description: Swag for the OWASP projects and chapters
+  - name: oshp-stats
+    url: https://github.com/oshp/oshp-stats
+    description: Stats about HTTP response security headers usage mentioned by the OSHP.
+  - name: oshp-validator
+    url: https://github.com/oshp/oshp-validator
+    description: Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.
+  - name: oshp.github.io
+    url: https://github.com/oshp/oshp.github.io
+tags:
+  - headers
+  - custom-tag-1
+  - custom-tag-2
+type: documentation
+website: https://owasp.org/www-project-secure-headers