diff --git a/.github/paths-labeller.yml b/.github/paths-labeller.yml
new file mode 100644
index 000000000..8beec7407
--- /dev/null
+++ b/.github/paths-labeller.yml
@@ -0,0 +1,57 @@
+---
+- "documentation":
+  - "./**/*.md"
+- "schema":
+  - "detection_rules/beats.py"
+  - "etc/beats_schemas/**/*"
+  - "detection_rules/ecs.py"
+  - "etc/ecs_schemas/**/*"
+  - "etc/api_schemas/**/*"
+  - "detection_rules/schemas/**/*"
+- "python":
+  - "detection_rules/**/*.py"
+  - "kibana/**/*.py"
+  - "kql/**/*.py"
+- "RTA":
+  - "rta/**/*"
+
+# rules
+- "Domain: Cloud":
+  - "rules/integrations/aws/**/*.toml"
+  - "rules/integrations/azure/**/*.toml"
+  - "rules/integrations/cyberarkpas/**/*.toml"
+  - "rules/integrations/gcp/**/*.toml"
+  - "rules/integrations/google_workspace/**/*.toml"
+  - "rules/integrations/o365/**/*.toml"
+  - "rules/integrations/okta/**/*.toml"
+- "Domain: Endpoint":
+  - "rules/windows/**/*.toml"
+  - "rules/linux/**/*.toml"
+  - "rules/macos/**/*.toml"
+- "ML":
+  - "rules/ml/**/*.toml"
+  - "rules/**/ml_*.toml"
+- "OS: Linux":
+  - "rules/linux/**/*.toml"
+- "OS: macOS":
+  - "rules/macos/**/*.toml"
+- "OS: Windows":
+  - "rules/windows/**/*.toml"
+- "Integration: AWS":
+  - "rules/integrations/aws/**/*.toml"
+- "Integration: Azure":
+  - "rules/integrations/azure/**/*.toml"
+- "Integration: Crowdstrike":
+  - "rules/integrations/crowdstrike/**/*.toml"
+- "Integration: CyberArkPas":
+  - "rules/integrations/cyberarkpas/**/*.toml"
+- "Integration: GCP":
+  - "rules/integrations/gcp/**/*.toml"
+- "Integration: Google Workspace":
+  - "rules/integrations/google_workspace/**/*.toml"
+- "Integration: Microsoft 365":
+  - "rules/integrations/o365/**/*.toml"
+- "Integration: Okta":
+  - "rules/integrations/okta/**/*.toml"
+- "Rule: Deprecation":
+  - "rules/_deprecated/**/*"