diff --git a/tools/guardian/tsaconfig-apiscan.json b/tools/guardian/tsaconfig-apiscan.json
new file mode 100644
index 0000000000..3cadeccff3
--- /dev/null
+++ b/tools/guardian/tsaconfig-apiscan.json
@@ -0,0 +1,6 @@
+{
+  "codebaseName": "PowerShellCore_201906",
+  "tools": [
+      "APIScan"
+  ]
+}
diff --git a/tools/guardian/tsaconfig-others.json b/tools/guardian/tsaconfig-others.json
new file mode 100644
index 0000000000..1f44978032
--- /dev/null
+++ b/tools/guardian/tsaconfig-others.json
@@ -0,0 +1,7 @@
+{
+  "codebaseName": "PowerShellCore_201906",
+  "tools": [
+      "CredScan",
+      "PoliCheck"
+  ]
+}
diff --git a/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml b/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml
index c972106195..aa81407e3e 100644
--- a/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml
+++ b/tools/releaseBuild/azureDevOps/templates/compliance/apiscan.yml
@@ -121,6 +121,12 @@ jobs:
         GdnExportGdnToolApiScan: true
         #this didn't do anything GdnExportCustomLogsFolder: '$(Build.ArtifactStagingDirectory)/Guardian'
 
+    - task: TSAUpload@2
+      displayName: 'TSA upload'
+      inputs:
+        GdnPublishTsaOnboard: false
+        GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)\tools\guardian\tsaconfig-APIScan.json'
+
     - pwsh: |
         Get-ChildItem -Path env:
       displayName: Capture Environment
diff --git a/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml b/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml
index eb0400bc3f..13603a0c80 100644
--- a/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml
+++ b/tools/releaseBuild/azureDevOps/templates/compliance/compliance.yml
@@ -35,7 +35,7 @@ jobs:
       debugMode: false
     continueOnError: true
 
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@1
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
     displayName: 'Run PoliCheck'
     inputs:
       # targetType F means file or folder and is the only applicable value and the default
@@ -54,24 +54,15 @@ jobs:
       optionsUEPath: $(Build.SourcesDirectory)\tools\terms\TermsExclusion.xml
     continueOnError: true
 
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@2
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-publishsecurityanalysislogs.PublishSecurityAnalysisLogs@3
     displayName: 'Publish Security Analysis Logs to Build Artifacts'
     continueOnError: true
 
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-uploadtotsa.TSAUpload@1
-    displayName: 'TSA upload to Codebase: PowerShellCore_201906'
+  - task: TSAUpload@2
+    displayName: 'TSA upload'
     inputs:
-      tsaVersion: TsaV2
-      codeBaseName: 'PowerShellCore_201906'
-      uploadFortifySCA: false
-      uploadFxCop: false
-      uploadModernCop: false
-      uploadPREfast: false
-      uploadRoslyn: false
-      uploadTSLint: false
-      uploadCredScan: true
-      uploadPoliCheck: true
-      uploadBinSkim: false
+      GdnPublishTsaOnboard: false
+      GdnPublishTsaConfigFile: '$(Build.SourcesDirectory)\tools\guardian\tsaconfig-others.json'
 
   - task: securedevelopmentteam.vss-secure-development-tools.build-task-report.SdtReport@1
     displayName: 'Create Security Analysis Report'