diff --git a/eng/common/sdl/packages.config b/eng/common/sdl/packages.config
index 256ffbfb93a30..968b39bef5f19 100644
--- a/eng/common/sdl/packages.config
+++ b/eng/common/sdl/packages.config
@@ -1,4 +1,4 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
-  <package id="Microsoft.Guardian.Cli" version="0.7.2"/>
+  <package id="Microsoft.Guardian.Cli.win10-x64" version="0.20.1"/>
 </packages>
diff --git a/eng/common/templates/job/execute-sdl.yml b/eng/common/templates/job/execute-sdl.yml
index 640f2b04e240f..2a7a2aebbf68a 100644
--- a/eng/common/templates/job/execute-sdl.yml
+++ b/eng/common/templates/job/execute-sdl.yml
@@ -81,7 +81,7 @@ jobs:
       continueOnError: ${{ parameters.sdlContinueOnError }}
   - ${{ if eq(parameters.overrideParameters, '') }}:
     - powershell: eng/common/sdl/execute-all-sdl-tools.ps1
-        -GuardianPackageName Microsoft.Guardian.Cli.0.7.2
+        -GuardianPackageName Microsoft.Guardian.Cli.win10-x64.0.20.1
         -NugetPackageDirectory $(Build.SourcesDirectory)\.packages
         -AzureDevOpsAccessToken $(dn-bot-dotnet-build-rw-code-rw)
         ${{ parameters.additionalParameters }}
diff --git a/eng/pipelines/official/stages/publish.yml b/eng/pipelines/official/stages/publish.yml
index 260931d01cb43..a8ebd5dc622dd 100644
--- a/eng/pipelines/official/stages/publish.yml
+++ b/eng/pipelines/official/stages/publish.yml
@@ -35,20 +35,19 @@ stages:
     symbolPublishingAdditionalParameters: "'-warnAsError:$false'"
     # Publish to blob storage.
     publishInstallersAndChecksums: true
-    # Enable SDL validation, passing through values from the 'core-setup-sdl-validation' group.
+    # Enable SDL validation, passing through values from the 'DotNet-Runtime-SDLValidation-Params' group.
     SDLValidationParameters:
-      enable: false # TODO: (Consolidation) Decide who owns SDL validation errors and enable. https://github.com/dotnet/runtime/issues/1027
+      enable: true
       artifactNames:
-      - PackageArtifacts
-      - BlobArtifacts
+      - AssetManifests
       params: >-
         -SourceToolsList @("policheck","credscan")
-        -TsaInstanceURL "$(TsaInstanceURL)"
-        -TsaProjectName "$(TsaProjectName)"
-        -TsaNotificationEmail "$(TsaNotificationEmail)"
-        -TsaCodebaseAdmin "$(TsaCodebaseAdmin)"
-        -TsaBugAreaPath "$(TsaBugAreaPath)"
-        -TsaIterationPath "$(TsaIterationPath)"
-        -TsaRepositoryName "$(TsaRepositoryName)"
-        -TsaCodebaseName "$(TsaCodebaseName)"
+        -TsaInstanceURL $(TsaInstanceURL)
+        -TsaProjectName $(TsaProjectName)
+        -TsaNotificationEmail $(TsaNotificationEmail)
+        -TsaCodebaseAdmin $(TsaCodebaseAdmin)
+        -TsaBugAreaPath $(TsaBugAreaPath)
+        -TsaIterationPath $(TsaIterationPath)
+        -TsaRepositoryName $(TsaRepositoryName)
+        -TsaCodebaseName $(TsaCodebaseName)
         -TsaPublish $True
diff --git a/eng/pipelines/runtime-official.yml b/eng/pipelines/runtime-official.yml
index a49a4b1bbda73..bca0406b18b2d 100644
--- a/eng/pipelines/runtime-official.yml
+++ b/eng/pipelines/runtime-official.yml
@@ -30,6 +30,7 @@ variables:
   value: .NETCore
 - name: _DotNetValidationArtifactsCategory
   value: .NETCoreValidation
+- group: DotNet-Runtime-SDLValidation-Params
 
 stages:
 - stage: Build