diff --git a/build-tools/automation/PoliCheckExclusions.xml b/build-tools/automation/PoliCheckExclusions.xml
new file mode 100644
index 00000000000..4ec72dc9b23
--- /dev/null
+++ b/build-tools/automation/PoliCheckExclusions.xml
@@ -0,0 +1,10 @@
+<PoliCheckExclusions>
+  <!-- Each of these exclusions is a folder name - if \[name]\ exists in the file path, it will be skipped -->
+  <Exclusion Type="FolderPathFull">NREFACTORY</Exclusion>
+  <!-- Each of these exclusions is a folder name - if any folder or file starts with "\[name]", it will be skipped -->
+  <!--<Exclusion Type="FolderPathStart">ABC|XYZ</Exclusion>-->
+  <!-- Each of these file types will be completely skipped for the entire scan -->
+  <!--<Exclusion Type="FileType">.ABC|.XYZ</Exclusion>-->
+  <!-- The specified file names will be skipped during the scan regardless which folder they are in -->
+  <Exclusion Type="FileName">REMAINING-INT-CONSTS.TXT|TAIWANCALENDAR.XML|XAMARIN-ANDROID-SDK-9.XML|SQLITE3.C|MAP.CSV</Exclusion>
+</PoliCheckExclusions>
diff --git a/build-tools/automation/azure-pipelines.yaml b/build-tools/automation/azure-pipelines.yaml
index 220b1be1fd2..d48a6ef1f6a 100644
--- a/build-tools/automation/azure-pipelines.yaml
+++ b/build-tools/automation/azure-pipelines.yaml
@@ -69,18 +69,43 @@ stages:
 - stage: code_analysis
   displayName: Code Analysis
   jobs:
-  # Check - "Xamarin.Android (Code Analysis CredScan)"
+  # Check - "Xamarin.Android (Code Analysis CredScan and PoliCheck)"
   - job: run_static_analysis
-    displayName: CredScan
+    displayName: CredScan and PoliCheck
     pool: $(HostedWinVS2019)
     timeoutInMinutes: 60
     cancelTimeoutInMinutes: 5
     steps:
     - checkout: self
       submodules: recursive
-    - template: security\xa-static-analysis\v2.yml@yaml
+
+    - template: security\credscan\v2.yml@yaml
+      parameters:
+        suppressionsFile: $(System.DefaultWorkingDirectory)\build-tools\automation\CredScanSuppressions.json
+
+    - template: security\policheck\v1.yml@yaml
       parameters:
-        credScanSuppressionsFile: $(System.DefaultWorkingDirectory)\build-tools\automation\CredScanSuppressions.json
+        exclusionFile: $(System.DefaultWorkingDirectory)\build-tools\automation\PoliCheckExclusions.xml
+
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@1
+      displayName: Create Security Analysis Report
+      inputs:
+        CredScan: true
+        PoliCheck: true
+      condition: succeededOrFailed()
+
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
+      displayName: Publish Security Analysis Logs
+      inputs:
+        ArtifactName: CodeAnalysisLogs
+      condition: succeededOrFailed()
+
+    - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
+      displayName: Fail Job if Security Issues are Detected
+      inputs:
+        CredScan: true
+        PoliCheck: true
+      condition: succeededOrFailed()
 
 - stage: mac_build
   displayName: Mac