diff --git a/.github/workflows/track_dependencies.yml b/.github/workflows/track_dependencies.yml
new file mode 100644
index 0000000..24672e2
--- /dev/null
+++ b/.github/workflows/track_dependencies.yml
@@ -0,0 +1,30 @@
+name: Track Dependencies
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+jobs:
+  dependency_track:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+      - name: Enable Corepack
+        run: corepack enable
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+          cache: 'yarn'
+      - name: Generate SBOM
+        run: yarn dlx -q @cyclonedx/yarn-plugin-cyclonedx -o sbom.json
+      - name: Upload CycloneDx bom to dependency track
+        uses: DependencyTrack/gh-upload-sbom@v3
+        with:
+          serverhostname: ${{ secrets.DEPENDENCY_TRACK_SERVER_HOSTNAME }}
+          apikey: ${{ secrets.DEPENDENCY_TRACK_API_KEY }}
+          project: 'c9e26ece-6f0c-4834-94c3-a20efd1d7fb7'
+          bomfilename: 'sbom.json'