diff --git a/prowler/lib/check/models.py b/prowler/lib/check/models.py
index 97b55a1b..762f46bb 100644
--- a/prowler/lib/check/models.py
+++ b/prowler/lib/check/models.py
@@ -1,4 +1,5 @@
 import os
+import re
 import sys
 from abc import ABC, abstractmethod
 from dataclasses import dataclass
@@ -57,6 +58,17 @@ class Check_Metadata_Model(BaseModel):
     # store the compliance later if supplied
     Compliance: list = None
 
+    @validator("Categories", each_item=True, pre=True, always=True)
+    def valid_category(value):
+        if not isinstance(value, str):
+            raise ValueError("Categories must be a list of strings")
+        value_lower = value.lower()
+        if not re.match("^[a-z-]+$", value_lower):
+            raise ValueError(
+                f"Invalid category: {value}. Categories can only contain lowercase letters and hyphen '-'"
+            )
+        return value_lower
+
     @validator("Severity", pre=True, always=True)
     def severity_to_lower(severity):
         return severity.lower()
diff --git a/tests/lib/check/fixtures/bulk_checks_metadata.py b/tests/lib/check/fixtures/bulk_checks_metadata.py
index 492f9da3..e6afce26 100644
--- a/tests/lib/check/fixtures/bulk_checks_metadata.py
+++ b/tests/lib/check/fixtures/bulk_checks_metadata.py
@@ -59,7 +59,7 @@ test_bulk_checks_metadata = {
                 Url="",
             ),
         ),
-        Categories=["secrets", ""],
+        Categories=["secrets"],
         DependsOn=[],
         RelatedTo=[],
         Notes="",
@@ -143,7 +143,7 @@ test_bulk_checks_metadata = {
                 Url="https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces-vpc.html",
             ),
         ),
-        Categories=[""],
+        Categories=[],
         DependsOn=[],
         RelatedTo=[],
         Notes="",
diff --git a/tests/lib/check/fixtures/metadata.json b/tests/lib/check/fixtures/metadata.json
index f1bffb62..a376d491 100644
--- a/tests/lib/check/fixtures/metadata.json
+++ b/tests/lib/check/fixtures/metadata.json
@@ -1,7 +1,7 @@
 {
   "Categories": [
-    "cat1",
-    "cat2"
+    "cat-one",
+    "cat-two"
   ],
   "CheckID": "iam_user_accesskey_unused",
   "CheckTitle": "Ensure Access Keys unused are disabled",
diff --git a/tests/lib/outputs/fixtures/metadata.json b/tests/lib/outputs/fixtures/metadata.json
index f1bffb62..a376d491 100644
--- a/tests/lib/outputs/fixtures/metadata.json
+++ b/tests/lib/outputs/fixtures/metadata.json
@@ -1,7 +1,7 @@
 {
   "Categories": [
-    "cat1",
-    "cat2"
+    "cat-one",
+    "cat-two"
   ],
   "CheckID": "iam_user_accesskey_unused",
   "CheckTitle": "Ensure Access Keys unused are disabled",
diff --git a/tests/providers/aws/lib/security_hub/fixtures/metadata.json b/tests/providers/aws/lib/security_hub/fixtures/metadata.json
index f1bffb62..a376d491 100644
--- a/tests/providers/aws/lib/security_hub/fixtures/metadata.json
+++ b/tests/providers/aws/lib/security_hub/fixtures/metadata.json
@@ -1,7 +1,7 @@
 {
   "Categories": [
-    "cat1",
-    "cat2"
+    "cat-one",
+    "cat-two"
   ],
   "CheckID": "iam_user_accesskey_unused",
   "CheckTitle": "Ensure Access Keys unused are disabled",