diff --git a/build/stages/build.yml b/build/stages/build.yml
index efcfd00..d2b7890 100644
--- a/build/stages/build.yml
+++ b/build/stages/build.yml
@@ -20,24 +20,28 @@ stages:
         targetPath: '$(Build.SourcesDirectory)\src\Tests\bin\$(Configuration)'
         artifactName: unit-tests
         sbomEnabled: false
+        codeSignValidationEnabled: false
       - output: pipelineArtifact
         displayName: 'Publish Artifact: integration-tests'
         condition: always()
         targetPath: '$(Build.SourcesDirectory)\src\IntegrationTests\bin\$(Configuration)'
         artifactName: integration-tests
         sbomEnabled: false
+        codeSignValidationEnabled: false
       - output: pipelineArtifact
         displayName: 'Publish Artifact: logs'
         condition: always()
         targetPath: '$(Build.ArtifactStagingDirectory)\binlogs'
         artifactName: logs
         sbomEnabled: false
+        codeSignValidationEnabled: false
       - output: pipelineArtifact
         displayName: 'Publish Artifact: symbols'
         condition: always()
         targetPath: '$(Build.ArtifactStagingDirectory)/Symbols'
         artifactName: symbols
         sbomEnabled: false
+        codeSignValidationEnabled: false
     steps:
     - checkout: self
       clean: true
diff --git a/pipeline.yml b/pipeline.yml
index a9b9ed3..ec5208d 100644
--- a/pipeline.yml
+++ b/pipeline.yml
@@ -36,6 +36,11 @@ extends:
       policheck:
         enabled: true
         exclusionsFile: $(Build.SourcesDirectory)\build\PoliCheckExclusions.xml
+      codeSignValidation:
+        break: true
+        targetPathExclusionPattern: \"**\*.xml\"
+        ${{ if not(and(eq(variables['Build.Reason'], 'IndividualCI'), eq(variables['Build.SourceBranch'], 'refs/heads/main'))) }}:
+          policyFile: $(MBSIGN_APPFOLDER)\CSVTestSignPolicy.xml
       sourceAnalysisPool: VSEngSS-MicroBuild2022-1ES
     pool:
       name: AzurePipelines-EO