diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 7a31347eb..5edfbd6dd 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -8,7 +8,7 @@
 version: 2
 updates:
   - package-ecosystem: "dotnet-sdk"
-    directory: "/AppControl Manager"
+    directory: "/AppControl Manager/"
     schedule:
       interval: "weekly"
       day: "thursday"
@@ -18,8 +18,8 @@ updates:
       - ".NET SDK"
   - package-ecosystem: "nuget"
     directories:
-      - "/AppControl Manager"
-      - "/Harden-Windows-Security Module"
+      - "/AppControl Manager/"
+      - "/Harden-Windows-Security Module/"
     schedule:
       interval: "daily"
       time: "07:30"
diff --git a/.github/workflows/Build AppControl Manager MSIX Package.yml b/.github/workflows/Build AppControl Manager MSIX Package.yml
index f53ec1c89..40988ae17 100644
--- a/.github/workflows/Build AppControl Manager MSIX Package.yml	
+++ b/.github/workflows/Build AppControl Manager MSIX Package.yml	
@@ -43,7 +43,7 @@ jobs:
           if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install .NET SDK') }
 
           Write-Host -Object "`nInstalling Visual Studio Build Tools" -ForegroundColor Magenta
-          $null = winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended'
+          $null = winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended'
           if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install Visual Studio Build Tools') }
 
           Write-Host -Object "`nInstalling Visual C++ Redistributable" -ForegroundColor Magenta
@@ -52,6 +52,14 @@ jobs:
       - name: Check out the repository code
         uses: actions/checkout@v4
 
+      # Runs certain Harden Windows Security application's categories in order to provide security for the build process that starts in the next step
+      - name: Securing the environment
+        id: securing
+        shell: pwsh
+        run: |
+          Install-Module -Name 'Harden-Windows-Security-Module' -Force
+          Protect-WindowsSecurity -Categories MicrosoftSecurityBaselines,MicrosoftDefender,AttackSurfaceReductionRules,MiscellaneousConfigurations -Verbose
+
       - name: Building And Packaging the AppControl Manager
         id: main_buildOp
         shell: pwsh
@@ -578,3 +586,53 @@ jobs:
 
           # Create the pull request
           gh pr create --title $CommitMessageAndPRTitle --body $PRBody --base main --label 'Automated 🤖' --assignee HotCakeX
+
+      - name: Add Body Text to the Draft Release
+        shell: pwsh
+        run: |
+          $ReleaseId = "${{ needs.build.outputs.DRAFT_RELEASE_ID }}"
+          $Repo = "${{ github.repository }}"
+
+          [string]$Note = @"
+
+          # What's New
+
+          <br>
+
+          > [!IMPORTANT]\
+          > **How To Install: Copy and Paste this command in a PowerShell window as Admin. ([Technical explanation available here](https://github.com/HotCakeX/Harden-Windows-Security/wiki/AppControl-Manager#how-to-install-or-update-the-app))**
+          > ``````powershell
+          > (irm 'https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/main/Harden-Windows-Security.ps1')+'AppControl'|iex
+          > ``````
+
+          <br>
+
+          <br>
+
+          How to [verify](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds#verifying-artifact-attestations-with-the-github-cli) the MSIXBundle's authenticity:
+
+          ``````
+          gh attestation verify "Path To MSIXBundle" --repo HotCakeX/Harden-Windows-Security --format json
+          ``````
+
+          You can [install the GitHub CLI](https://github.com/cli/cli?tab=readme-ov-file#windows) from Winget:
+
+          ``````
+          winget install --id GitHub.cli
+          ``````
+
+          <br>
+
+          > [!NOTE]\
+          > As mentioned at the top, please **[refer to this page](https://github.com/HotCakeX/Harden-Windows-Security/wiki/AppControl-Manager#how-to-install-or-update-the-app)** for installation instructions.
+
+          <br>
+
+          "@
+
+          $Payload = @{ body = $Note } | ConvertTo-Json
+          $Url = "https://api.github.com/repos/$Repo/releases/$ReleaseId"
+          Invoke-RestMethod -Uri $Url -Method Patch -Headers @{
+            "Authorization" = "token ${{ secrets.GITHUB_TOKEN }}"
+            "Content-Type"  = "application/json"
+          } -Body $Payload
diff --git a/AppControl Manager/AppControl Manager.csproj b/AppControl Manager/AppControl Manager.csproj
index 641584b3e..57768cd46 100644
--- a/AppControl Manager/AppControl Manager.csproj	
+++ b/AppControl Manager/AppControl Manager.csproj	
@@ -36,7 +36,6 @@
     -->
     <WindowsSdkPackageVersion>10.0.26100.56</WindowsSdkPackageVersion>
 
-
     <!--
     By default .NET runtimes are contained in the MSIX. This line will also include the WindowsAppSDK in the MSIX file
     so that the App will be installable on any system that neither has the .NET runtime nor the latest AppSDK
@@ -47,22 +46,24 @@
     -->
     <WindowsAppSDKSelfContained>true</WindowsAppSDKSelfContained>
 
-
     <!-- Publish Properties -->
     <PublishReadyToRun Condition="'$(Configuration)' == 'Debug'">False</PublishReadyToRun>
     <PublishReadyToRun Condition="'$(Configuration)' != 'Debug'">True</PublishReadyToRun>
 
-
     <!-- Disabling trimming temporarily -->
     <!-- There should be absolutely no trim warnings before this can be enabled
     Otherwise there is no guarantee that the app will work as expected at all times -->
     <!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trimming-options -->
-    <PublishTrimmed>false</PublishTrimmed>
-    <!-- <TrimMode>partial</TrimMode> -->
-    <!-- <SuppressTrimAnalysisWarnings>false</SuppressTrimAnalysisWarnings> -->
-    <!-- <TrimmerSingleWarn>false</TrimmerSingleWarn> -->
 
 
+    <PublishTrimmed>false</PublishTrimmed>
+    <!--   
+    
+    <TrimMode>partial</TrimMode>
+    <SuppressTrimAnalysisWarnings>false</SuppressTrimAnalysisWarnings>
+    <TrimmerSingleWarn>false</TrimmerSingleWarn>
+    -->
+
     <ImplicitUsings>disable</ImplicitUsings>
     <Description>A modern secure application that simplifies management of Application Control in Windows.</Description>
     <PackageProjectUrl>https://github.com/HotCakeX/Harden-Windows-Security</PackageProjectUrl>
@@ -70,7 +71,6 @@
     <PackageTags>App Control,WDAC,AppControl For Business, AppControl Manager</PackageTags>
     <PackageReleaseNotes>https://github.com/HotCakeX/Harden-Windows-Security/releases</PackageReleaseNotes>
 
-
     <!-- Automatically created for packing -->
     <!-- https://learn.microsoft.com/en-us/windows/msix/app-installer/create-appinstallerfile-vs -->
     <GenerateAppInstallerFile>False</GenerateAppInstallerFile>
@@ -79,7 +79,6 @@
     <AppxPackageSigningTimestampDigestAlgorithm>SHA512</AppxPackageSigningTimestampDigestAlgorithm>
     <AppxAutoIncrementPackageRevision>False</AppxAutoIncrementPackageRevision>
 
-
     <!-- Defining custom directory in the root directory to be created if it doesn't exist. MSIX package after packing will be stored there -->
     <AppxPackageDir>MSIXOutputX64\</AppxPackageDir>
     <AppxSymbolPackageEnabled>True</AppxSymbolPackageEnabled>
@@ -90,33 +89,35 @@
     <EnforceCodeStyleInBuild>True</EnforceCodeStyleInBuild>
     <AssemblyName>AppControlManager</AssemblyName>
     <!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot/optimizing -->
-    <PublishAot>False</PublishAot>
+    <PublishAot>false</PublishAot>
     <ErrorReport>send</ErrorReport>
-    <FileVersion>1.8.9.0</FileVersion>
+    <FileVersion>1.9.0.0</FileVersion>
     <AssemblyVersion>$(FileVersion)</AssemblyVersion>
     <NeutralLanguage>en-US</NeutralLanguage>
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
     <StartupObject>AppControlManager.Program</StartupObject>
     <GenerateAssemblyInfo>True</GenerateAssemblyInfo>
 
-
     <!-- https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/unsafe-code -->
     <AllowUnsafeBlocks>True</AllowUnsafeBlocks>
 
-
     <Version>$(FileVersion)</Version>
     <Copyright>© 2024-Present</Copyright>
     <Title>AppControl Manager</Title>
-
-
     <CheckForOverflowUnderflow>True</CheckForOverflowUnderflow>
-
+    <NuGetAuditMode>all</NuGetAuditMode>
+    <RepositoryType>git</RepositoryType>
+    <TreatWarningsAsErrors>True</TreatWarningsAsErrors>
   </PropertyGroup>
 
-  <!-- ARM64 doesn't support source generated XML de(serialization) -->
+  <!-- 
+  This section is no longer necessary since this generator is not Native AOT compatible and serialization/deserialization logic has been manually implemented with static code
+  
+  ARM64 doesn't support source generated XML de(serialization) 
   <ItemGroup Condition="'$(RuntimeIdentifier)' != 'win-arm64'">
     <DotNetCliToolReference Include="Microsoft.XmlSerializer.Generator" Version="9.0.1" />
-  </ItemGroup>
+  </ItemGroup>  
+  -->
 
   <!--
   For trimming to exclude incompatible assemblies, but currently not working
@@ -134,29 +135,53 @@
     <ProjectCapability Include="Msix" />
   </ItemGroup>
 
-  <!-- Nuget packages -->
+  <!-- Nuget packages
+  All transitive/nested packages under the main packages are added 
+  so they can be updated separately and receive bug/security vulnerability fixes faster
+
+  https://devblogs.microsoft.com/nuget/introducing-transitive-dependencies-in-visual-studio/
+  -->
   <ItemGroup>
-    <PackageReference Include="CommunityToolkit.WinUI.Animations" Version="8.1.240916" />
-    <PackageReference Include="CommunityToolkit.WinUI.Controls.Primitives" Version="8.1.240916" />
-    <PackageReference Include="CommunityToolkit.WinUI.Controls.RadialGauge" Version="8.1.240916" />
-    <PackageReference Include="CommunityToolkit.WinUI.Controls.Segmented" Version="8.1.240916" />
-    <PackageReference Include="CommunityToolkit.WinUI.Controls.SettingsControls" Version="8.1.240916" />
-    <PackageReference Include="CommunityToolkit.WinUI.Controls.Sizers" Version="8.1.240916" />
+    <PackageReference Include="CommunityToolkit.Common" Version="8.4.0" />
+    <PackageReference Include="CommunityToolkit.WinUI.Animations" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Controls.Primitives" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Controls.RadialGauge" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Controls.Segmented" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Controls.SettingsControls" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Controls.Sizers" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Extensions" Version="8.2.250129-preview2" />
+    <PackageReference Include="CommunityToolkit.WinUI.Helpers" Version="8.2.250129-preview2" />
     <PackageReference Include="CommunityToolkit.WinUI.Lottie" Version="8.1.240821" />
+    <PackageReference Include="CommunityToolkit.WinUI.Triggers" Version="8.2.250129-preview2" />
     <PackageReference Include="CommunityToolkit.WinUI.UI.Controls.DataGrid" Version="7.1.2" />
     <PackageReference Include="Microsoft.Graphics.Win2D" Version="1.3.2" />
-    <PackageReference Include="Microsoft.Identity.Client" Version="4.67.2" />
-    <PackageReference Include="Microsoft.Windows.CsWin32" Version="0.3.162">
+    <PackageReference Include="Microsoft.Identity.Client" Version="4.68.0" />
+    <PackageReference Include="Microsoft.IdentityModel.Abstractions" Version="8.4.0" />
+    <PackageReference Include="Microsoft.Web.WebView2" Version="1.0.3065.39" />
+    <PackageReference Include="Microsoft.Windows.CsWin32" Version="0.3.183">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
     <PackageReference Include="Microsoft.Windows.CsWinRT" Version="2.2.0" />
-    <PackageReference Include="Microsoft.WindowsAppSDK" Version="1.6.250108002" />
-    <!-- ARM64 doesn't support source generated XML de(serialization) -->
-    <PackageReference Include="Microsoft.XmlSerializer.Generator" Version="9.0.1" Condition="'$(RuntimeIdentifier)' != 'win-arm64'" />
-    <PackageReference Include="System.Diagnostics.EventLog" Version="9.0.1" />
-    <PackageReference Include="System.Management" Version="9.0.1" />
-    <PackageReference Include="System.Security.Cryptography.Pkcs" Version="9.0.1" />
+    <PackageReference Include="Microsoft.Windows.SDK.BuildTools" Version="10.0.26100.1742" />
+    <PackageReference Include="Microsoft.Windows.SDK.Win32Docs" Version="0.1.42-alpha" />
+    <PackageReference Include="Microsoft.Windows.SDK.Win32Metadata" Version="63.0.31-preview" />
+    <PackageReference Include="Microsoft.Windows.WDK.Win32Metadata" Version="0.13.25-experimental" />
+    <PackageReference Include="Microsoft.WindowsAppSDK" Version="1.6.250205002" />
+    <PackageReference Include="System.CodeDom" Version="9.0.2" />
+    <PackageReference Include="System.Diagnostics.DiagnosticSource" Version="9.0.2" />
+
+
+    <!--
+    No longer needed - manual static code has been implemented
+    
+    ARM64 doesn't support source generated XML de(serialization) 
+    <PackageReference Include="Microsoft.XmlSerializer.Generator" Version="9.0.2" Condition="'$(RuntimeIdentifier)' != 'win-arm64'" />
+   -->
+
+    <PackageReference Include="System.Diagnostics.EventLog" Version="9.0.2" />
+    <PackageReference Include="System.Management" Version="9.0.2" />
+    <PackageReference Include="System.Security.Cryptography.Pkcs" Version="9.0.2" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/AppControl Manager/Excluded Code/SiPolicy Sample.xml b/AppControl Manager/Excluded Code/SiPolicy Sample.xml
new file mode 100644
index 000000000..123b5a7df
--- /dev/null
+++ b/AppControl Manager/Excluded Code/SiPolicy Sample.xml	
@@ -0,0 +1,417 @@
+<?xml version="1.0" encoding="utf-8"?>
+<SiPolicy FriendlyName="Complete Sample SiPolicy" PolicyType="Base Policy" xmlns="urn:schemas-microsoft-com:sipolicy">
+  <VersionEx>1.0.0.0</VersionEx>
+  <PolicyID>{11111111-1111-1111-1111-111111111111}</PolicyID>
+  <BasePolicyID>{11111111-1111-1111-1111-111111111111}</BasePolicyID>
+  <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
+  <Rules>
+    <Rule>
+      <Option>Enabled:UMCI</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Boot Menu Protection</Option>
+    </Rule>
+    <Rule>
+      <Option>Enabled:Intelligent Security Graph Authorization</Option>
+    </Rule>
+  </Rules>
+  <EKUs>
+    <EKU ID="ID_EKU_A" FriendlyName="EKU One" Value="0102"/>
+    <EKU ID="ID_EKU_B" FriendlyName="EKU Two" Value="0304"/>
+    <EKU ID="ID_EKU_C" FriendlyName="EKU Three" Value="0506"/>
+  </EKUs>
+  <FileRules>
+    <Allow ID="ID_ALLOW_A" FriendlyName="Allow Friendly 1" FileName="allow1.exe" InternalName="allowInternal1" FileDescription="Allow Description 1" ProductName="ProductA1" PackageFamilyName="FamilyA1" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\allow1.exe"/>
+    <Allow ID="ID_ALLOW_B" FriendlyName="Allow Friendly 2" FileName="allow2.exe" InternalName="allowInternal2" FileDescription="Allow Description 2" ProductName="ProductA2" PackageFamilyName="FamilyA2" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\allow2.exe"/>
+    <Allow ID="ID_ALLOW_C" FriendlyName="Allow Friendly 3" FileName="allow3.exe" InternalName="allowInternal3" FileDescription="Allow Description 3" ProductName="ProductA3" PackageFamilyName="FamilyA3" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\allow3.exe"/>
+    <Deny ID="ID_DENY_A" FriendlyName="Deny Friendly 1" FileName="deny1.exe" InternalName="denyInternal1" FileDescription="Deny Description 1" ProductName="ProductB1" PackageFamilyName="FamilyB1" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\deny1.exe"/>
+    <Deny ID="ID_DENY_B" FriendlyName="Deny Friendly 2" FileName="deny2.exe" InternalName="denyInternal2" FileDescription="Deny Description 2" ProductName="ProductB2" PackageFamilyName="FamilyB2" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\deny2.exe"/>
+    <Deny ID="ID_DENY_C" FriendlyName="Deny Friendly 3" FileName="deny3.exe" InternalName="denyInternal3" FileDescription="Deny Description 3" ProductName="ProductB3" PackageFamilyName="FamilyB3" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\deny3.exe"/>
+    <FileAttrib ID="ID_FILEATTRIB_A" FriendlyName="Attrib Friendly 1" FileName="attrib1.exe" InternalName="attribInternal1" FileDescription="Attrib Description 1" ProductName="ProductC1" PackageFamilyName="FamilyC1" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\attrib1.exe"/>
+    <FileAttrib ID="ID_FILEATTRIB_B" FriendlyName="Attrib Friendly 2" FileName="attrib2.exe" InternalName="attribInternal2" FileDescription="Attrib Description 2" ProductName="ProductC2" PackageFamilyName="FamilyC2" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\attrib2.exe"/>
+    <FileAttrib ID="ID_FILEATTRIB_C" FriendlyName="Attrib Friendly 3" FileName="attrib3.exe" InternalName="attribInternal3" FileDescription="Attrib Description 3" ProductName="ProductC3" PackageFamilyName="FamilyC3" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\attrib3.exe"/>
+    <FileRule ID="ID_FILE_A" FriendlyName="FileRule Friendly 1" FileName="firule1.exe" InternalName="firuleInternal1" FileDescription="FileRule Description 1" ProductName="ProductD1" PackageFamilyName="FamilyD1" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\firule1.exe" Type="Match"/>
+    <FileRule ID="ID_FILE_B" FriendlyName="FileRule Friendly 2" FileName="firule2.exe" InternalName="firuleInternal2" FileDescription="FileRule Description 2" ProductName="ProductD2" PackageFamilyName="FamilyD2" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\firule2.exe" Type="Match"/>
+    <FileRule ID="ID_FILE_C" FriendlyName="FileRule Friendly 3" FileName="firule3.exe" InternalName="firuleInternal3" FileDescription="FileRule Description 3" ProductName="ProductD3" PackageFamilyName="FamilyD3" PackageVersion="1.0.0.0" MinimumFileVersion="1.0.0.0" MaximumFileVersion="2.0.0.0" AppIDs="TestApp" FilePath="C:\Program Files\firule3.exe" Type="Match"/>
+  </FileRules>
+  <Signers>
+    <Signer ID="ID_SIGNER_A" Name="Signer Name 1">
+      <CertRoot Type="TBS" Value="5061"/>
+      <CertEKU ID="ID_EKU_A"/>
+      <CertIssuer Value="Issuer 1"/>
+      <CertPublisher Value="Publisher 1"/>
+      <CertOemID Value="OEMID 1"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_A"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_B"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_C"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_B" Name="Signer Name 2">
+      <CertRoot Type="TBS" Value="5162"/>
+      <CertEKU ID="ID_EKU_B"/>
+      <CertIssuer Value="Issuer 2"/>
+      <CertPublisher Value="Publisher 2"/>
+      <CertOemID Value="OEMID 2"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_A"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_B"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_C"/>
+    </Signer>
+    <Signer ID="ID_SIGNER_C" Name="Signer Name 3">
+      <CertRoot Type="TBS" Value="5263"/>
+      <CertEKU ID="ID_EKU_C"/>
+      <CertIssuer Value="Issuer 3"/>
+      <CertPublisher Value="Publisher 3"/>
+      <CertOemID Value="OEMID 3"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_A"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_B"/>
+      <FileAttribRef RuleID="ID_FILEATTRIB_C"/>
+    </Signer>
+  </Signers>
+  <SigningScenarios>
+    <SigningScenario Value="12" ID="ID_SIGNINGSCENARIO_A" FriendlyName="Signing Scenario 1" InheritedScenarios="ID_SIGNINGSCENARIO_A" MinimumHashAlgorithm="10">
+      <ProductSigners>
+        <AllowedSigners Workaround="ProdAllowedWorkaround">
+          <AllowedSigner SignerId="ID_SIGNER_A">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_B">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_C">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+        </AllowedSigners>
+        <DeniedSigners Workaround="ProdDeniedWorkaround">
+          <DeniedSigner SignerId="ID_SIGNER_A">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_B">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_C">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+        </DeniedSigners>
+        <FileRulesRef Workaround="ProdFileRulesRefWorkaround">
+          <FileRuleRef RuleID="ID_ALLOW_A"/>
+          <FileRuleRef RuleID="ID_DENY_A"/>
+          <FileRuleRef RuleID="ID_FILE_A"/>
+        </FileRulesRef>
+      </ProductSigners>
+      <TestSigners>
+        <AllowedSigners Workaround="TestAllowedWorkaround">
+          <AllowedSigner SignerId="ID_SIGNER_A">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_B">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_C">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+        </AllowedSigners>
+        <DeniedSigners Workaround="TestDeniedWorkaround">
+          <DeniedSigner SignerId="ID_SIGNER_A">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_B">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_C">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+        </DeniedSigners>
+        <FileRulesRef Workaround="TestFileRulesRefWorkaround">
+          <FileRuleRef RuleID="ID_ALLOW_A"/>
+          <FileRuleRef RuleID="ID_DENY_A"/>
+          <FileRuleRef RuleID="ID_FILE_A"/>
+        </FileRulesRef>
+      </TestSigners>
+      <TestSigningSigners>
+        <AllowedSigners Workaround="TestSigningAllowedWorkaround">
+          <AllowedSigner SignerId="ID_SIGNER_A">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_B">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_C">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+        </AllowedSigners>
+        <DeniedSigners Workaround="TestSigningDeniedWorkaround">
+          <DeniedSigner SignerId="ID_SIGNER_A">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_B">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_C">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+        </DeniedSigners>
+        <FileRulesRef Workaround="TestSigningFileRulesRefWorkaround">
+          <FileRuleRef RuleID="ID_ALLOW_A"/>
+          <FileRuleRef RuleID="ID_DENY_A"/>
+          <FileRuleRef RuleID="ID_FILE_A"/>
+        </FileRulesRef>
+      </TestSigningSigners>
+      <AppIDTags EnforceDLL="true">
+        <AppIDTag Key="runtime.windows" Value="WinValue"/>
+        <AppIDTag Key="runtime.office" Value="OfficeValue"/>
+        <AppIDTag Key="runtime.adobe" Value="AdobeValue"/>
+      </AppIDTags>
+    </SigningScenario>
+    <SigningScenario Value="131" ID="ID_SIGNINGSCENARIO_B" FriendlyName="Signing Scenario 2" InheritedScenarios="ID_SIGNINGSCENARIO_B" MinimumHashAlgorithm="10">
+      <ProductSigners>
+        <AllowedSigners Workaround="ProdAllowedWorkaround">
+          <AllowedSigner SignerId="ID_SIGNER_A">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_B">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_C">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+        </AllowedSigners>
+        <DeniedSigners Workaround="ProdDeniedWorkaround">
+          <DeniedSigner SignerId="ID_SIGNER_A">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_B">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_C">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+        </DeniedSigners>
+        <FileRulesRef Workaround="ProdFileRulesRefWorkaround">
+          <FileRuleRef RuleID="ID_ALLOW_A"/>
+          <FileRuleRef RuleID="ID_DENY_A"/>
+          <FileRuleRef RuleID="ID_FILE_A"/>
+        </FileRulesRef>
+      </ProductSigners>
+      <TestSigners>
+        <AllowedSigners Workaround="TestAllowedWorkaround">
+          <AllowedSigner SignerId="ID_SIGNER_A">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_B">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_C">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+        </AllowedSigners>
+        <DeniedSigners Workaround="TestDeniedWorkaround">
+          <DeniedSigner SignerId="ID_SIGNER_A">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_B">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_C">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+        </DeniedSigners>
+        <FileRulesRef Workaround="TestFileRulesRefWorkaround">
+          <FileRuleRef RuleID="ID_ALLOW_A"/>
+          <FileRuleRef RuleID="ID_DENY_A"/>
+          <FileRuleRef RuleID="ID_FILE_A"/>
+        </FileRulesRef>
+      </TestSigners>
+      <TestSigningSigners>
+        <AllowedSigners Workaround="TestSigningAllowedWorkaround">
+          <AllowedSigner SignerId="ID_SIGNER_A">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_B">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+          <AllowedSigner SignerId="ID_SIGNER_C">
+            <ExceptDenyRule DenyRuleID="ID_DENY_A"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_B"/>
+            <ExceptDenyRule DenyRuleID="ID_DENY_C"/>
+          </AllowedSigner>
+        </AllowedSigners>
+        <DeniedSigners Workaround="TestSigningDeniedWorkaround">
+          <DeniedSigner SignerId="ID_SIGNER_A">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_B">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+          <DeniedSigner SignerId="ID_SIGNER_C">
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_A"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_B"/>
+            <ExceptAllowRule AllowRuleID="ID_ALLOW_C"/>
+          </DeniedSigner>
+        </DeniedSigners>
+        <FileRulesRef Workaround="TestSigningFileRulesRefWorkaround">
+          <FileRuleRef RuleID="ID_ALLOW_A"/>
+          <FileRuleRef RuleID="ID_DENY_A"/>
+          <FileRuleRef RuleID="ID_FILE_A"/>
+        </FileRulesRef>
+      </TestSigningSigners>
+    </SigningScenario>
+  </SigningScenarios>
+  <UpdatePolicySigners>
+    <UpdatePolicySigner SignerId="ID_SIGNER_A"/>
+    <UpdatePolicySigner SignerId="ID_SIGNER_B"/>
+    <UpdatePolicySigner SignerId="ID_SIGNER_C"/>
+  </UpdatePolicySigners>
+  <CiSigners>
+    <CiSigner SignerId="ID_SIGNER_A"/>
+    <CiSigner SignerId="ID_SIGNER_B"/>
+    <CiSigner SignerId="ID_SIGNER_C"/>
+  </CiSigners>
+  <HvciOptions>12345</HvciOptions>
+  <Settings>
+    <Setting Provider="Provider1" Key="Key1" ValueName="ValueName1">
+      <Value>
+        <String>SampleString</String>
+      </Value>
+    </Setting>
+    <Setting Provider="Provider2" Key="Key2" ValueName="ValueName2">
+      <Value>
+        <Boolean>true</Boolean>
+      </Value>
+    </Setting>
+    <Setting Provider="Provider3" Key="Key3" ValueName="ValueName3">
+      <Value>
+        <DWord>100</DWord>
+      </Value>
+    </Setting>
+  </Settings>
+  <Macros>
+    <Macro Id="runtime.windows" Value="WinValue"/>
+    <Macro Id="runtime.office" Value="OfficeValue"/>
+    <Macro Id="runtime.adobe" Value="AdobeValue"/>
+  </Macros>
+  <SupplementalPolicySigners>
+    <SupplementalPolicySigner SignerId="ID_SIGNER_A"/>
+    <SupplementalPolicySigner SignerId="ID_SIGNER_B"/>
+    <SupplementalPolicySigner SignerId="ID_SIGNER_C"/>
+  </SupplementalPolicySigners>
+  <AppSettings>
+    <App Manifest="http://example.com/manifest1.xml">
+      <Setting Name="AppSetting1">
+        <Value>Val1</Value>
+        <Value>Val2</Value>
+        <Value>Val3</Value>
+      </Setting>
+      <Setting Name="AppSetting2">
+        <Value>Val4</Value>
+        <Value>Val5</Value>
+        <Value>Val6</Value>
+      </Setting>
+      <Setting Name="AppSetting3">
+        <Value>Val7</Value>
+        <Value>Val8</Value>
+        <Value>Val9</Value>
+      </Setting>
+    </App>
+    <App Manifest="http://example.com/manifest2.xml">
+      <Setting Name="AppSetting4">
+        <Value>Val10</Value>
+        <Value>Val11</Value>
+        <Value>Val12</Value>
+      </Setting>
+      <Setting Name="AppSetting5">
+        <Value>Val13</Value>
+        <Value>Val14</Value>
+        <Value>Val15</Value>
+      </Setting>
+      <Setting Name="AppSetting6">
+        <Value>Val16</Value>
+        <Value>Val17</Value>
+        <Value>Val18</Value>
+      </Setting>
+    </App>
+    <App Manifest="http://example.com/manifest3.xml">
+      <Setting Name="AppSetting7">
+        <Value>Val19</Value>
+        <Value>Val20</Value>
+        <Value>Val21</Value>
+      </Setting>
+      <Setting Name="AppSetting8">
+        <Value>Val22</Value>
+        <Value>Val23</Value>
+        <Value>Val24</Value>
+      </Setting>
+      <Setting Name="AppSetting9">
+        <Value>Val25</Value>
+        <Value>Val26</Value>
+        <Value>Val27</Value>
+      </Setting>
+    </App>
+  </AppSettings>
+</SiPolicy>
\ No newline at end of file
diff --git a/AppControl Manager/Excluded Code/SiPolicyAlt/Definitions.cs b/AppControl Manager/Excluded Code/SiPolicyAlt/Definitions.cs
deleted file mode 100644
index 8785d8ae6..000000000
--- a/AppControl Manager/Excluded Code/SiPolicyAlt/Definitions.cs	
+++ /dev/null
@@ -1,375 +0,0 @@
-using System;
-using System.Collections.Generic;
-
-#pragma warning disable
-
-namespace AppControlManager.SiPolicyAlt
-{
-    /// <summary>
-    /// This class will be potentially used in the future to create serialization/deserialization manually to be trim and NativeAOT compatible
-    /// It currently completely represents the SiPolicy based on the auto-generated class
-    /// </summary>
-    public class SiPolicy
-    {
-        public string VersionEx { get; set; }
-        public string PolicyTypeID { get; set; }
-        public string PlatformID { get; set; }
-        public string PolicyID { get; set; }
-        public string BasePolicyID { get; set; }
-        public List<RuleType> Rules { get; set; }
-        public List<EKU> EKUs { get; set; }
-        public List<FileRule> FileRules { get; set; }
-        public List<Signer> Signers { get; set; }
-        public List<SigningScenario> SigningScenarios { get; set; }
-        public List<UpdatePolicySigner> UpdatePolicySigners { get; set; }
-        public List<CiSigner> CiSigners { get; set; }
-        public uint HvciOptions { get; set; }
-        public bool HvciOptionsSpecified { get; set; }
-        public List<Setting> Settings { get; set; }
-        public List<Macro> Macros { get; set; }
-        public List<SupplementalPolicySigner> SupplementalPolicySigners { get; set; }
-        public AppSettingRegion AppSettings { get; set; }
-        public string FriendlyName { get; set; }
-        public PolicyType PolicyType { get; set; }
-        public bool PolicyTypeSpecified { get; set; }
-    }
-
-    public class RuleType
-    {
-        public OptionType Item { get; set; }
-    }
-
-    public enum OptionType
-    {
-        EnabledUMCI,
-        EnabledBootMenuProtection,
-        EnabledIntelligentSecurityGraphAuthorization,
-        EnabledInvalidateEAsonReboot,
-        RequiredWHQL,
-        EnabledDeveloperModeDynamicCodeTrust,
-        EnabledAllowSupplementalPolicies,
-        DisabledRuntimeFilePathRuleProtection,
-        EnabledRevokedExpiredAsUnsigned,
-        EnabledAuditMode,
-        DisabledFlightSigning,
-        EnabledInheritDefaultPolicy,
-        EnabledUnsignedSystemIntegrityPolicy,
-        EnabledDynamicCodeSecurity,
-        RequiredEVSigners,
-        EnabledBootAuditOnFailure,
-        EnabledAdvancedBootOptionsMenu,
-        DisabledScriptEnforcement,
-        RequiredEnforceStoreApplications,
-        EnabledSecureSettingPolicy,
-        EnabledManagedInstaller,
-        EnabledUpdatePolicyNoReboot,
-        EnabledConditionalWindowsLockdownPolicy
-    }
-
-    public class EKUs
-    {
-        public List<EKU> Items { get; set; }
-    }
-
-    public class EKU
-    {
-        public string ID { get; set; }
-        public string Value { get; set; }
-        public string FriendlyName { get; set; }
-    }
-
-    public class FileRules
-    {
-        public List<Allow> AllowItems { get; set; }
-        public List<Deny> DenyItems { get; set; }
-        public List<FileAttrib> FileAttribItems { get; set; }
-        public List<FileRule> FileRuleItems { get; set; }
-
-        public FileRules()
-        {
-            AllowItems = [];
-            DenyItems = [];
-            FileAttribItems = [];
-            FileRuleItems = [];
-        }
-    }
-
-    public class Allow
-    {
-        public string ID { get; set; }
-        public string FriendlyName { get; set; }
-        public string FileName { get; set; }
-        public string InternalName { get; set; }
-        public string FileDescription { get; set; }
-        public string ProductName { get; set; }
-        public string PackageFamilyName { get; set; }
-        public string PackageVersion { get; set; }
-        public string MinimumFileVersion { get; set; }
-        public string MaximumFileVersion { get; set; }
-        public string Hash { get; set; }
-        public string AppIDs { get; set; }
-        public string FilePath { get; set; }
-    }
-
-    public class Deny
-    {
-        public string ID { get; set; }
-        public string FriendlyName { get; set; }
-        public string FileName { get; set; }
-        public string InternalName { get; set; }
-        public string FileDescription { get; set; }
-        public string ProductName { get; set; }
-        public string PackageFamilyName { get; set; }
-        public string PackageVersion { get; set; }
-        public string MinimumFileVersion { get; set; }
-        public string MaximumFileVersion { get; set; }
-        public string Hash { get; set; }
-        public string AppIDs { get; set; }
-        public string FilePath { get; set; }
-    }
-
-    public class FileAttrib
-    {
-        public string ID { get; set; }
-        public string FriendlyName { get; set; }
-        public string FileName { get; set; }
-        public string InternalName { get; set; }
-        public string FileDescription { get; set; }
-        public string ProductName { get; set; }
-        public string PackageFamilyName { get; set; }
-        public string PackageVersion { get; set; }
-        public string MinimumFileVersion { get; set; }
-        public string MaximumFileVersion { get; set; }
-        public string Hash { get; set; }
-        public string AppIDs { get; set; }
-        public string FilePath { get; set; }
-    }
-
-    public class FileRule
-    {
-        public string ID { get; set; }
-        public string FriendlyName { get; set; }
-        public string FileName { get; set; }
-        public string InternalName { get; set; }
-        public string FileDescription { get; set; }
-        public string ProductName { get; set; }
-        public string PackageFamilyName { get; set; }
-        public string PackageVersion { get; set; }
-        public string MinimumFileVersion { get; set; }
-        public string MaximumFileVersion { get; set; }
-        public string Hash { get; set; }
-        public string AppIDs { get; set; }
-        public string FilePath { get; set; }
-        public RuleTypeType Type { get; set; }
-    }
-
-    public enum RuleTypeType
-    {
-        Match,
-        Exclude,
-        Attribute
-    }
-
-    public class Signer
-    {
-        public CertRoot CertRoot { get; set; }
-        public List<CertEKU> CertEKU { get; set; }
-        public CertIssuer CertIssuer { get; set; }
-        public CertPublisher CertPublisher { get; set; }
-        public CertOemID CertOemID { get; set; }
-        public List<FileAttribRef> FileAttribRef { get; set; }
-        public string Name { get; set; }
-        public string ID { get; set; }
-        public DateTime SignTimeAfter { get; set; }
-        public bool SignTimeAfterSpecified { get; set; }
-    }
-
-    public enum CertEnumType
-    {
-        TBS,
-        Wellknown
-    }
-
-    public class CertRoot
-    {
-        public CertEnumType Type { get; set; }
-        public string Value { get; set; }
-    }
-
-    public class CertEKU
-    {
-        public string ID { get; set; }
-    }
-
-    public class CertIssuer
-    {
-        public string Value { get; set; }
-    }
-
-    public class CertPublisher
-    {
-        public string Value { get; set; }
-    }
-
-
-    public class CertOemID
-    {
-        public string Value { get; set; }
-    }
-
-    public class FileAttribRef
-    {
-        public string RuleID { get; set; }
-    }
-
-    public enum PolicyType
-    {
-        BasePolicy,
-        SupplementalPolicy,
-        AppIDTaggingPolicy,
-    }
-
-    public class AppSettingRegion
-    {
-        public List<AppRoot> App { get; set; }
-    }
-
-    public class AppRoot
-    {
-        public List<AppSetting> Setting { get; set; }
-        public string Manifest { get; set; }
-    }
-
-    public class AppSetting
-    {
-        public List<string> Value { get; set; }
-        public string Name { get; set; }
-    }
-
-    public class SupplementalPolicySigner
-    {
-        public string SignerId { get; set; }
-    }
-
-    public class Macro
-    {
-        public string Id { get; set; }
-        public string Value { get; set; }
-    }
-
-    public class Setting
-    {
-        public SettingValueType Value { get; set; }
-        public string Provider { get; set; }
-        public string Key { get; set; }
-        public string ValueName { get; set; }
-    }
-
-    public class SettingValueType
-    {
-        public object Item { get; set; }
-    }
-
-    public class CiSigner
-    {
-        public string SignerId { get; set; }
-    }
-
-    public class UpdatePolicySigner
-    {
-        public string SignerId { get; set; }
-    }
-
-    public class SigningScenario
-    {
-        public ProductSigners ProductSigners { get; set; }
-        public TestSigners TestSigners { get; set; }
-        public TestSigningSigners TestSigningSigners { get; set; }
-        public AppIDTags AppIDTags { get; set; }
-        public string ID { get; set; }
-        public string FriendlyName { get; set; }
-        public byte Value { get; set; }
-        public string InheritedScenarios { get; set; }
-        public ushort MinimumHashAlgorithm { get; set; }
-        public bool MinimumHashAlgorithmSpecified { get; set; }
-    }
-
-    public class ProductSigners
-    {
-        public AllowedSigners AllowedSigners { get; set; }
-        public DeniedSigners DeniedSigners { get; set; }
-        public FileRulesRef FileRulesRef { get; set; }
-    }
-
-    public class TestSigners
-    {
-        public AllowedSigners AllowedSigners { get; set; }
-        public DeniedSigners DeniedSigners { get; set; }
-        public FileRulesRef FileRulesRef { get; set; }
-    }
-
-    public class TestSigningSigners
-    {
-        public AllowedSigners AllowedSigners { get; set; }
-        public DeniedSigners DeniedSigners { get; set; }
-        public FileRulesRef FileRulesRef { get; set; }
-    }
-
-    public class AppIDTags
-    {
-        public List<AppIDTag> AppIDTag { get; set; }
-        public bool EnforceDLL { get; set; }
-        public bool EnforceDLLSpecified { get; set; }
-    }
-
-    public class AppIDTag
-    {
-        public string Key { get; set; }
-        public string Value { get; set; }
-    }
-
-    public class AllowedSigners
-    {
-        public List<AllowedSigner> AllowedSigner { get; set; }
-        public string Workaround { get; set; }
-    }
-
-    public class AllowedSigner
-    {
-        public List<ExceptDenyRule> ExceptDenyRule { get; set; }
-        public string SignerId { get; set; }
-    }
-
-    public class ExceptDenyRule
-    {
-        public string DenyRuleID { get; set; }
-    }
-
-    public class DeniedSigners
-    {
-        public List<DeniedSigner> DeniedSigner { get; set; }
-        public string Workaround { get; set; }
-    }
-
-    public class DeniedSigner
-    {
-        public List<ExceptAllowRule> ExceptAllowRule { get; set; }
-        public string SignerId { get; set; }
-    }
-
-    public class ExceptAllowRule
-    {
-        public string AllowRuleID { get; set; }
-    }
-
-    public class FileRulesRef
-    {
-        public List<FileRuleRef> FileRuleRef { get; set; }
-        public string Workaround { get; set; }
-    }
-
-    public class FileRuleRef
-    {
-        public string RuleID { get; set; }
-    }
-}
diff --git a/AppControl Manager/MainWindow.xaml b/AppControl Manager/MainWindow.xaml
index 3ae97c57f..bc975a693 100644
--- a/AppControl Manager/MainWindow.xaml	
+++ b/AppControl Manager/MainWindow.xaml	
@@ -77,7 +77,6 @@
             </VisualStateGroup>
         </VisualStateManager.VisualStateGroups>
 
-
         <!-- Titlebar -->
         <!-- https://learn.microsoft.com/en-us/windows/apps/develop/title-bar#full-customization-example -->
         <Grid x:Name="AppTitleBar" Height="48" Grid.Row="0">
@@ -121,7 +120,6 @@
                             SuggestionChosen="SearchBox_SuggestionChosen"
                             PlaceholderText="Search menu items..." Margin="0"/>
 
-
             <!-- Sidebar access point -->
             <Button x:Name="SidebarButton" Click="SidebarButton_Click" Grid.Column="8"
                     Height="32" Margin="5,0,30,0">
@@ -142,7 +140,6 @@
 
         </Grid>
 
-
         <!-- Doc: https://learn.microsoft.com/en-us/windows/apps/design/controls/navigationview -->
         <NavigationView x:Name="MainNavigation"
                     IsTabStop="True"
@@ -154,7 +151,6 @@
                     IsTitleBarAutoPaddingEnabled="False"
                     IsPaneToggleButtonVisible="False">
 
-
             <!--
              Being controlled from MainWindow.xaml.cs
 
@@ -164,7 +160,6 @@
 
             -->
 
-
             <!--
             Used in the Titlebar
 
@@ -286,21 +281,35 @@
                                             <ColumnDefinition Width="Auto"/>
                                         </Grid.ColumnDefinitions>
 
-
-                                        <TextBlock Grid.Row="0" Grid.ColumnSpan="2" Margin="0,0,0,15" TextWrapping="Wrap" Text="Unsigned Base Policy" Style="{ThemeResource BodyStrongTextBlockStyle}" />
-
+                                        <TextBlock Grid.Row="0" Grid.ColumnSpan="2" Margin="0,0,0,15" TextWrapping="Wrap" HorizontalAlignment="Center" Text="Unsigned Base Policy" Style="{ThemeResource BodyStrongTextBlockStyle}" />
 
                                         <TextBox Grid.Row="1" Grid.ColumnSpan="2" Margin="0,0,0,15" IsReadOnly="True"
                                         x:Name="SidebarBasePolicyPathTextBox" PlaceholderText="Base Policy Path" TextWrapping="Wrap"
                                         Width="150" />
 
-                                        <Button Grid.Column="0" Margin="0,0,10,0" Grid.ColumnSpan="1" Grid.Row="2" x:Name="SidebarBasePolicyBrowseButton" Click="SidebarBasePolicyBrowseButton_Click" Content="Browse" Style="{ThemeResource AccentButtonStyle}" />
-
-                                        <Button Grid.Column="1" Margin="10,0,0,0" Grid.ColumnSpan="1" Grid.Row="2" x:Name="SidebarBasePolicyClearButton" Click="SidebarBasePolicyClearButton_Click" Content="Clear" Style="{ThemeResource AccentButtonStyle}" />
-
-                                        <Button Margin="0,15,0,0" Grid.ColumnSpan="2" Grid.Row="3" x:Name="SidebarBasePolicySelectButton" HorizontalAlignment="Center">
+                                        <Button Grid.Column="0" Margin="0,0,10,0" Grid.ColumnSpan="1" Grid.Row="2" ToolTipService.ToolTip="Browse for an XML policy file" x:Name="SidebarBasePolicyBrowseButton" Click="SidebarBasePolicyBrowseButton_Click" Style="{ThemeResource AccentButtonStyle}">
+                                            <Button.Content>
+                                                <StackPanel Orientation="Horizontal">
+                                                    <StackPanel Orientation="Horizontal" VerticalAlignment="Center" HorizontalAlignment="Center">
+                                                        <FontIcon Glyph="&#xE8E5;" Margin="0,0,8,0" />
+                                                        <TextBlock Text="Browse"/>
+                                                    </StackPanel>
+                                                </StackPanel>
+                                            </Button.Content>
+                                        </Button>
 
+                                        <Button Grid.Column="1" Margin="10,0,0,0" Grid.ColumnSpan="1" Grid.Row="2" ToolTipService.ToolTip="Clear the selected XML file path text box" x:Name="SidebarBasePolicyClearButton" Click="SidebarBasePolicyClearButton_Click" Style="{ThemeResource AccentButtonStyle}">
+                                            <Button.Content>
+                                                <StackPanel Orientation="Horizontal">
+                                                    <StackPanel Orientation="Horizontal" VerticalAlignment="Center" HorizontalAlignment="Center">
+                                                        <FontIcon Glyph="&#xE8E6;" Margin="0,0,8,0" />
+                                                        <TextBlock Text="Clear"/>
+                                                    </StackPanel>
+                                                </StackPanel>
+                                            </Button.Content>
+                                        </Button>
 
+                                        <Button Margin="0,15,0,0" Grid.ColumnSpan="2" Grid.Row="3" ToolTipService.ToolTip="Assign the selected XML policy file in the sidebar to the base policy path of the applicable section in the currently visible page" x:Name="SidebarBasePolicySelectButton" HorizontalAlignment="Center">
                                             <Button.Content>
                                                 <controls:WrapPanel Orientation="Horizontal">
 
@@ -338,7 +347,18 @@
                                     <ToggleSwitch Toggled="AutomaticAssignmentSidebarToggleSwitch_Toggled" x:Name="AutomaticAssignmentSidebarToggleSwitch"/>
                                 </controls:SettingsCard>
 
-                                <HyperlinkButton HorizontalAlignment="Center" Content="Guide" NavigateUri="https://github.com/HotCakeX/Harden-Windows-Security/wiki/Sidebar" />
+                                <HyperlinkButton HorizontalAlignment="Center" ToolTipService.ToolTip="Sidebar usage guide on GitHub wiki" Content="Sidebar Guide" NavigateUri="https://github.com/HotCakeX/Harden-Windows-Security/wiki/Sidebar" />
+
+                                <Button HorizontalAlignment="Center" x:Name="OpenConfigDirectoryButton" ToolTipService.ToolTip="Open the directory where user configurations and user generated files are stored" Click="OpenConfigDirectoryButton_Click">
+                                    <Button.Content>
+                                        <StackPanel Orientation="Horizontal">
+                                            <StackPanel Orientation="Horizontal" VerticalAlignment="Center" HorizontalAlignment="Center">
+                                                <FontIcon Glyph="&#xE8A7;" Margin="0,0,8,0" />
+                                                <TextBlock Text="Open User Config Directory"/>
+                                            </StackPanel>
+                                        </StackPanel>
+                                    </Button.Content>
+                                </Button>
 
                             </controls:WrapPanel>
 
diff --git a/AppControl Manager/MainWindow.xaml.cs b/AppControl Manager/MainWindow.xaml.cs
index dfeb3b0e5..28148a85d 100644
--- a/AppControl Manager/MainWindow.xaml.cs	
+++ b/AppControl Manager/MainWindow.xaml.cs	
@@ -1,6 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.Collections.ObjectModel;
+using System.Diagnostics;
 using System.Linq;
 using System.Numerics;
 using System.Threading.Tasks;
@@ -1735,4 +1736,17 @@ private void AutomaticAssignmentSidebarToggleSwitch_Toggled(object sender, Route
 	}
 
 
+	/// <summary>
+	/// Event handler for the Sidebar button to open the user config directory
+	/// </summary>
+	/// <param name="sender"></param>
+	/// <param name="e"></param>
+	private void OpenConfigDirectoryButton_Click(object sender, RoutedEventArgs e)
+	{
+		_ = Process.Start(new ProcessStartInfo
+		{
+			FileName = GlobalVars.UserConfigDir,
+			UseShellExecute = true
+		});
+	}
 }
diff --git a/AppControl Manager/Others/CertificateCreator.cs b/AppControl Manager/Others/CertificateCreator.cs
index e062d4444..b648b76c6 100644
--- a/AppControl Manager/Others/CertificateCreator.cs	
+++ b/AppControl Manager/Others/CertificateCreator.cs	
@@ -125,6 +125,9 @@ [new Oid("1.3.6.1.5.5.7.3.3")],
 			);
 
 		// Add custom extension for "Application Policies"
+		// https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/44012f2d-5ef3-440d-a61b-b30d3d978130
+		// https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc776986(v=ws.10)?redirectedfrom=MSDN
+		// https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc754305(v=ws.10)
 		// Application Policies OID
 		Oid appPoliciesOid = new("1.3.6.1.4.1.311.21.10");
 		// this must be set as specified and not randomly generated
diff --git a/AppControl Manager/Others/CodeIntegrityPolicy.cs b/AppControl Manager/Others/CodeIntegrityPolicy.cs
index 9b3006cb2..136349803 100644
--- a/AppControl Manager/Others/CodeIntegrityPolicy.cs	
+++ b/AppControl Manager/Others/CodeIntegrityPolicy.cs	
@@ -12,8 +12,6 @@ namespace AppControlManager.Others;
 
 internal sealed class CodeIntegrityPolicy
 {
-	// NameSpace URI
-	internal readonly string NameSpaceURI = "urn:schemas-microsoft-com:sipolicy";
 
 	internal XmlDocument XmlDocument { get; }
 	internal XmlNamespaceManager NamespaceManager { get; }
@@ -75,7 +73,7 @@ internal CodeIntegrityPolicy(string? xmlFilePath, XmlDocument? xmlDocument)
 
 		// Create namespace manager and add the default namespace with a prefix
 		NamespaceManager = new XmlNamespaceManager(XmlDocument.NameTable);
-		NamespaceManager.AddNamespace("ns", NameSpaceURI);
+		NamespaceManager.AddNamespace("ns", GlobalVars.SiPolicyNamespace);
 
 		// Get SiPolicy node
 		SiPolicyNode = XmlDocument.SelectSingleNode("ns:SiPolicy", NamespaceManager)
@@ -118,7 +116,7 @@ internal CodeIntegrityPolicy(string? xmlFilePath, XmlDocument? xmlDocument)
 
 		if (ciSignersNode is null)
 		{
-			XmlElement newCiSignersNode = XmlDocument.CreateElement("CiSigners", NameSpaceURI);
+			XmlElement newCiSignersNode = XmlDocument.CreateElement("CiSigners", GlobalVars.SiPolicyNamespace);
 			_ = SiPolicyNode.AppendChild(newCiSignersNode);
 
 			CiSignersNode = newCiSignersNode;
@@ -137,7 +135,7 @@ internal CodeIntegrityPolicy(string? xmlFilePath, XmlDocument? xmlDocument)
 
 		if (fileRulesNode is null)
 		{
-			XmlElement newFileRulesNode = XmlDocument.CreateElement("FileRules", NameSpaceURI);
+			XmlElement newFileRulesNode = XmlDocument.CreateElement("FileRules", GlobalVars.SiPolicyNamespace);
 			_ = SiPolicyNode.AppendChild(newFileRulesNode);
 
 			FileRulesNode = newFileRulesNode;
@@ -184,7 +182,7 @@ internal CodeIntegrityPolicy(string? xmlFilePath, XmlDocument? xmlDocument)
 		if (basePolicyIDNode is null)
 		{
 			// Create the node
-			XmlElement newBasePolicyIDNode = XmlDocument.CreateElement("BasePolicyID", NameSpaceURI);
+			XmlElement newBasePolicyIDNode = XmlDocument.CreateElement("BasePolicyID", GlobalVars.SiPolicyNamespace);
 
 			// Set its value to match PolicyID because we are making it a Base policy when the node doesn't exist
 			newBasePolicyIDNode.InnerText = newRandomGUIDString;
@@ -212,7 +210,7 @@ internal CodeIntegrityPolicy(string? xmlFilePath, XmlDocument? xmlDocument)
 		if (policyIDNode is null)
 		{
 			// Create the node
-			XmlElement newPolicyIDNode = XmlDocument.CreateElement("PolicyID", NameSpaceURI);
+			XmlElement newPolicyIDNode = XmlDocument.CreateElement("PolicyID", GlobalVars.SiPolicyNamespace);
 
 			// Set its value to match PolicyID because this is a Base policy
 			newPolicyIDNode.InnerText = newRandomGUIDString;
@@ -294,7 +292,7 @@ private XmlNode EnsureFileRulesRefNode(XmlNode parentNode, string mode)
 		// If it doesn't exist, create it
 		if (fileRulesRefNode is null)
 		{
-			XmlElement newFileRulesRefNode = XmlDocument.CreateElement("FileRulesRef", NameSpaceURI);
+			XmlElement newFileRulesRefNode = XmlDocument.CreateElement("FileRulesRef", GlobalVars.SiPolicyNamespace);
 			_ = parentNode.AppendChild(newFileRulesRefNode);
 
 			fileRulesRefNode = parentNode.SelectSingleNode("ns:FileRulesRef", NamespaceManager);
@@ -316,7 +314,7 @@ private XmlNode EnsureAllowedSignersNode(XmlNode parentNode, string mode)
 		// If it doesn't exist, create it
 		if (allowedSignersNode is null)
 		{
-			XmlElement newAllowedSignersNode = XmlDocument.CreateElement("AllowedSigners", NameSpaceURI);
+			XmlElement newAllowedSignersNode = XmlDocument.CreateElement("AllowedSigners", GlobalVars.SiPolicyNamespace);
 			_ = parentNode.AppendChild(newAllowedSignersNode);
 
 			allowedSignersNode = parentNode.SelectSingleNode("ns:AllowedSigners", NamespaceManager);
@@ -338,7 +336,7 @@ private XmlNode EnsureDeniedSignersNode(XmlNode parentNode, string mode)
 		// If it doesn't exist, create it
 		if (deniedSignersNode is null)
 		{
-			XmlElement newDeniedSignersNode = XmlDocument.CreateElement("DeniedSigners", NameSpaceURI);
+			XmlElement newDeniedSignersNode = XmlDocument.CreateElement("DeniedSigners", GlobalVars.SiPolicyNamespace);
 			_ = parentNode.AppendChild(newDeniedSignersNode);
 
 			deniedSignersNode = parentNode.SelectSingleNode("ns:DeniedSigners", NamespaceManager);
@@ -366,7 +364,7 @@ private XmlNode EnsureSigningScenario(uint scenarioValue, string scenarioId)
 
 		if (signingScenariosNode is null)
 		{
-			XmlElement newSigningScenariosNode = XmlDocument.CreateElement("SigningScenarios", NameSpaceURI);
+			XmlElement newSigningScenariosNode = XmlDocument.CreateElement("SigningScenarios", GlobalVars.SiPolicyNamespace);
 			signingScenariosNode = SiPolicyNode.AppendChild(newSigningScenariosNode);
 		}
 
@@ -376,7 +374,7 @@ private XmlNode EnsureSigningScenario(uint scenarioValue, string scenarioId)
 		if (signingScenarioNode is null)
 		{
 			// Create the SigningScenario node
-			XmlElement newSigningScenarioNode = XmlDocument.CreateElement("SigningScenario", NameSpaceURI);
+			XmlElement newSigningScenarioNode = XmlDocument.CreateElement("SigningScenario", GlobalVars.SiPolicyNamespace);
 			newSigningScenarioNode.SetAttribute("Value", scenarioValue.ToString(CultureInfo.InvariantCulture));
 			newSigningScenarioNode.SetAttribute("ID", scenarioId);
 			newSigningScenarioNode.SetAttribute("FriendlyName", scenarioValue is 12 ? "User Mode Signing Scenario" : "Kernel Mode Signing Scenario");
@@ -385,7 +383,7 @@ private XmlNode EnsureSigningScenario(uint scenarioValue, string scenarioId)
 			signingScenarioNode = signingScenariosNode.AppendChild(newSigningScenarioNode);
 
 			// Create and append the ProductSigners node
-			XmlElement newProductSignersNode = XmlDocument.CreateElement("ProductSigners", NameSpaceURI);
+			XmlElement newProductSignersNode = XmlDocument.CreateElement("ProductSigners", GlobalVars.SiPolicyNamespace);
 			_ = signingScenarioNode!.AppendChild(newProductSignersNode);
 		}
 
diff --git a/AppControl Manager/Others/FileDialogHelper.cs b/AppControl Manager/Others/FileDialogHelper.cs
index 2b3553479..624845046 100644
--- a/AppControl Manager/Others/FileDialogHelper.cs	
+++ b/AppControl Manager/Others/FileDialogHelper.cs	
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.IO;
 using System.Runtime.InteropServices;
 using Windows.Win32;
 using Windows.Win32.Foundation;
@@ -17,6 +18,11 @@ namespace AppControlManager.Others;
 /// </summary>
 internal static class FileDialogHelper
 {
+	// Location where File/Folder picker dialog will be opened
+	// It is only the directory where the first dialog will be opened in, it will then be replaced by the directory
+	// That user browses to to pick a single file/directory
+	private static string DirectoryToOpen = GlobalVars.UserConfigDir;
+
 	/// <summary>
 	/// Opens a file picker dialog to select a single file.
 	/// </summary>
@@ -64,7 +70,7 @@ out IFileOpenDialog* fileOpenDialog // Explicitly specify the output type
 
 		// Set the default folder to "My Documents".
 		hr = PInvoke.SHCreateItemFromParsingName(
-			GlobalVars.UserConfigDir,
+			DirectoryToOpen,
 			null,
 			typeof(IShellItem).GUID,
 			out void* pDirectoryShellItem
@@ -119,6 +125,11 @@ out void* pDirectoryShellItem
 			// Release COM objects
 			_ = ppsi->Release();
 
+			// Assign the directory where user last browsed for a file to the directory where file picker will be opened from next time
+			string? _selectedFilePath = Path.GetDirectoryName(selectedFilePath);
+			if (!string.IsNullOrEmpty(_selectedFilePath))
+				DirectoryToOpen = _selectedFilePath;
+
 			return selectedFilePath;
 		}
 
@@ -194,7 +205,7 @@ out void* pDirectoryShellItem
 
 		// Set default folder to My Documents
 		hr = PInvoke.SHCreateItemFromParsingName(
-			GlobalVars.UserConfigDir,
+			DirectoryToOpen,
 			null,
 			typeof(IShellItem).GUID,
 			out void* directoryShellItem
@@ -320,7 +331,7 @@ out void* directoryShellItem
 
 		// Set default folder to "My Documents"
 		hr = PInvoke.SHCreateItemFromParsingName(
-			GlobalVars.UserConfigDir,
+			DirectoryToOpen,
 			null,
 			typeof(IShellItem).GUID,
 			out void* directoryShellItem
@@ -367,6 +378,11 @@ out void* directoryShellItem
 			// Free unmanaged memory for the folder path
 			Marshal.FreeCoTaskMem((IntPtr)folderPath.Value);
 
+
+			// Assign the directory where user last browsed for to the directory where folder picker will be opened from next time
+			if (!string.IsNullOrEmpty(selectedFolderPath))
+				DirectoryToOpen = selectedFolderPath;
+
 			return selectedFolderPath;
 
 		}
@@ -411,7 +427,7 @@ out void* directoryShellItem
 
 		// Set default folder to "My Documents"
 		hr = PInvoke.SHCreateItemFromParsingName(
-			GlobalVars.UserConfigDir,
+			DirectoryToOpen,
 			null,
 			typeof(IShellItem).GUID,
 			out void* directoryShellItem
diff --git a/AppControl Manager/Others/GlobalVars.cs b/AppControl Manager/Others/GlobalVars.cs
index e08fa9270..c86618b57 100644
--- a/AppControl Manager/Others/GlobalVars.cs	
+++ b/AppControl Manager/Others/GlobalVars.cs	
@@ -74,6 +74,8 @@ internal static string GetString(string resourceKey)
 	// Determine whether the current OS is older than 24H2
 	internal static bool IsOlderThan24H2 => CurrentOSVersion < VersionFor24H2;
 
+	internal const string SiPolicyNamespace = "urn:schemas-microsoft-com:sipolicy";
+
 	static GlobalVars()
 	{
 		// Ensure the directory exists
diff --git a/AppControl Manager/Others/RemoveSupplementalSigners.cs b/AppControl Manager/Others/RemoveSupplementalSigners.cs
index 326f60e5e..64eb3465a 100644
--- a/AppControl Manager/Others/RemoveSupplementalSigners.cs	
+++ b/AppControl Manager/Others/RemoveSupplementalSigners.cs	
@@ -79,7 +79,7 @@ internal static void RemoveSupplementalSigners(string path)
 		if (signersNode is not null && !signersNode.HasChildNodes)
 		{
 			// Create a new self-closing element with the same name and attributes as the old one
-			XmlElement newSignersNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signers", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newSignersNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signers", GlobalVars.SiPolicyNamespace);
 
 			if (signersNode.Attributes is not null)
 			{
diff --git a/AppControl Manager/Package.appxmanifest b/AppControl Manager/Package.appxmanifest
index da6bc5095..83e2f1c11 100644
--- a/AppControl Manager/Package.appxmanifest	
+++ b/AppControl Manager/Package.appxmanifest	
@@ -11,7 +11,7 @@
   <Identity
     Name="AppControlManager"
     Publisher="CN=SelfSignedCertForAppControlManager"
-    Version="1.8.9.0" />
+    Version="1.9.0.0" />
 
   <mp:PhoneIdentity PhoneProductId="199a23ec-7cb6-4ab5-ab50-8baca348bc79" PhonePublisherId="00000000-0000-0000-0000-000000000000"/>
 
diff --git a/AppControl Manager/Resources/StrictKernelMode.xml b/AppControl Manager/Resources/StrictKernelMode.xml
index 5f53dd2ff..4632d583a 100644
--- a/AppControl Manager/Resources/StrictKernelMode.xml	
+++ b/AppControl Manager/Resources/StrictKernelMode.xml	
@@ -19,9 +19,9 @@
     </Rule>
   </Rules>
   <EKUs>
-    <EKU ID="ID_EKU_WINDOWS" Value="010A2B0601040182370A0306" FriendlyName=""/>
-    <EKU ID="ID_EKU_ELAM" Value="010A2B0601040182373D0401" FriendlyName=""/>
-    <EKU ID="ID_EKU_HAL_EXT" Value="010a2b0601040182373d0501" FriendlyName=""/>
+    <EKU ID="ID_EKU_WINDOWS" Value="010A2B0601040182370A0306"/>
+    <EKU ID="ID_EKU_ELAM" Value="010A2B0601040182373D0401"/>
+    <EKU ID="ID_EKU_HAL_EXT" Value="010A2B0601040182373D0501"/>
   </EKUs>
   <FileRules/>
   <Signers>
diff --git a/AppControl Manager/Resources/StrictKernelMode_NoFlightRoots.xml b/AppControl Manager/Resources/StrictKernelMode_NoFlightRoots.xml
index 8d1133920..866010394 100644
--- a/AppControl Manager/Resources/StrictKernelMode_NoFlightRoots.xml	
+++ b/AppControl Manager/Resources/StrictKernelMode_NoFlightRoots.xml	
@@ -22,9 +22,9 @@
     </Rule>
   </Rules>
   <EKUs>
-    <EKU ID="ID_EKU_WINDOWS" Value="010A2B0601040182370A0306" FriendlyName=""/>
-    <EKU ID="ID_EKU_ELAM" Value="010A2B0601040182373D0401" FriendlyName=""/>
-    <EKU ID="ID_EKU_HAL_EXT" Value="010a2b0601040182373d0501" FriendlyName=""/>
+    <EKU ID="ID_EKU_WINDOWS" Value="010A2B0601040182370A0306"/>
+    <EKU ID="ID_EKU_ELAM" Value="010A2B0601040182373D0401"/>
+    <EKU ID="ID_EKU_HAL_EXT" Value="010a2b0601040182373d0501"/>
   </EKUs>
   <FileRules/>
   <Signers>
diff --git a/AppControl Manager/SiPolicy/CustomDeserialization.cs b/AppControl Manager/SiPolicy/CustomDeserialization.cs
new file mode 100644
index 000000000..16ae49048
--- /dev/null
+++ b/AppControl Manager/SiPolicy/CustomDeserialization.cs	
@@ -0,0 +1,899 @@
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Linq;
+using System.Xml;
+using AppControlManager.Others;
+
+namespace AppControlManager.SiPolicy;
+
+internal static class CustomDeserialization
+{
+
+	internal static SiPolicy DeserializeSiPolicy(string filePath)
+	{
+		XmlDocument xmlDoc = new();
+		xmlDoc.Load(filePath);
+		XmlElement? root = xmlDoc.DocumentElement ?? throw new InvalidOperationException("Invalid XML: Missing root element.");
+		SiPolicy policy = new();
+
+		// Read root attributes
+		if (root.HasAttribute("FriendlyName"))
+			policy.FriendlyName = root.GetAttribute("FriendlyName");
+		if (root.HasAttribute("PolicyType"))
+		{
+			policy.PolicyType = ConvertStringToPolicyType(root.GetAttribute("PolicyType"));
+			policy.PolicyTypeSpecified = true;
+		}
+
+		// Read basic text elements
+		policy.VersionEx = GetElementText(root, "VersionEx");
+		policy.PolicyID = GetElementText(root, "PolicyID");
+		policy.BasePolicyID = GetElementText(root, "BasePolicyID");
+		policy.PlatformID = GetElementText(root, "PlatformID");
+
+		// Deserialize Rules
+		XmlElement? rulesElement = root["Rules", GlobalVars.SiPolicyNamespace];
+		if (rulesElement is not null)
+		{
+			List<RuleType> rules = [];
+			foreach (XmlElement ruleElem in rulesElement.ChildNodes.OfType<XmlElement>())
+			{
+				string optionText = GetElementText(ruleElem, "Option");
+				OptionType opt = ConvertStringToOptionType(optionText);
+				RuleType rule = new() { Item = opt };
+				rules.Add(rule);
+			}
+			policy.Rules = [.. rules];
+		}
+
+		// Deserialize EKUs
+		XmlElement? ekusElement = root["EKUs", GlobalVars.SiPolicyNamespace];
+		if (ekusElement is not null)
+		{
+			List<EKU> ekus = [];
+			foreach (XmlElement ekuElem in ekusElement.ChildNodes.OfType<XmlElement>())
+			{
+				EKU eku = new();
+				if (ekuElem.HasAttribute("ID"))
+					eku.ID = ekuElem.GetAttribute("ID");
+				if (ekuElem.HasAttribute("FriendlyName"))
+					eku.FriendlyName = ekuElem.GetAttribute("FriendlyName");
+				if (ekuElem.HasAttribute("Value"))
+					eku.Value = ConvertHexStringToByteArray(ekuElem.GetAttribute("Value"));
+				ekus.Add(eku);
+			}
+			policy.EKUs = [.. ekus];
+		}
+
+		// Deserialize FileRules
+		XmlElement? fileRulesElement = root["FileRules", GlobalVars.SiPolicyNamespace];
+		if (fileRulesElement is not null)
+		{
+			List<object> fileRules = [];
+			foreach (XmlElement ruleElem in fileRulesElement.ChildNodes.OfType<XmlElement>())
+			{
+				switch (ruleElem.LocalName)
+				{
+					case "Allow":
+						fileRules.Add(DeserializeAllow(ruleElem));
+						break;
+					case "Deny":
+						fileRules.Add(DeserializeDeny(ruleElem));
+						break;
+					case "FileAttrib":
+						fileRules.Add(DeserializeFileAttrib(ruleElem));
+						break;
+					case "FileRule":
+						fileRules.Add(DeserializeFileRule(ruleElem));
+						break;
+					default:
+						break;
+				}
+			}
+			policy.FileRules = [.. fileRules];
+		}
+
+		// Deserialize Signers
+		XmlElement? signersElement = root["Signers", GlobalVars.SiPolicyNamespace];
+		if (signersElement is not null)
+		{
+			List<Signer> signers = [];
+			foreach (XmlElement signerElem in signersElement.ChildNodes.OfType<XmlElement>())
+			{
+				signers.Add(DeserializeSigner(signerElem));
+			}
+			policy.Signers = [.. signers];
+		}
+
+		// Deserialize SigningScenarios
+		XmlElement? signingScenariosElement = root["SigningScenarios", GlobalVars.SiPolicyNamespace];
+		if (signingScenariosElement is not null)
+		{
+			List<SigningScenario> scenarios = [];
+			foreach (XmlElement scenarioElem in signingScenariosElement.ChildNodes.OfType<XmlElement>())
+			{
+				scenarios.Add(DeserializeSigningScenario(scenarioElem));
+			}
+			policy.SigningScenarios = [.. scenarios];
+		}
+
+		// Deserialize UpdatePolicySigners
+		XmlElement? upsElement = root["UpdatePolicySigners", GlobalVars.SiPolicyNamespace];
+		if (upsElement is not null)
+		{
+			List<UpdatePolicySigner> upsList = [];
+			foreach (XmlElement upsChild in upsElement.ChildNodes.OfType<XmlElement>())
+			{
+				UpdatePolicySigner ups = new();
+				if (upsChild.HasAttribute("SignerId"))
+					ups.SignerId = upsChild.GetAttribute("SignerId");
+				upsList.Add(ups);
+			}
+			policy.UpdatePolicySigners = [.. upsList];
+		}
+
+		// Deserialize CiSigners
+		XmlElement? ciElement = root["CiSigners", GlobalVars.SiPolicyNamespace];
+		if (ciElement is not null)
+		{
+			List<CiSigner> ciList = [];
+			foreach (XmlElement ciChild in ciElement.ChildNodes.OfType<XmlElement>())
+			{
+				CiSigner ci = new();
+				if (ciChild.HasAttribute("SignerId"))
+					ci.SignerId = ciChild.GetAttribute("SignerId");
+				ciList.Add(ci);
+			}
+			policy.CiSigners = [.. ciList];
+		}
+
+		// Deserialize HvciOptions
+		string hvciText = GetElementText(root, "HvciOptions");
+		if (!string.IsNullOrEmpty(hvciText))
+		{
+			policy.HvciOptions = uint.Parse(hvciText, CultureInfo.InvariantCulture);
+			policy.HvciOptionsSpecified = true;
+		}
+
+		// Deserialize Settings
+		XmlElement? settingsElem = root["Settings", GlobalVars.SiPolicyNamespace];
+		if (settingsElem is not null)
+		{
+			List<Setting> settings = [];
+			foreach (XmlElement settingElem in settingsElem.ChildNodes.OfType<XmlElement>())
+			{
+				settings.Add(DeserializeSetting(settingElem));
+			}
+			policy.Settings = [.. settings];
+		}
+
+		// Deserialize Macros
+		XmlElement? macrosElem = root["Macros", GlobalVars.SiPolicyNamespace];
+		if (macrosElem is not null)
+		{
+			List<MacrosMacro> macros = [];
+			foreach (XmlElement macroElem in macrosElem.ChildNodes.OfType<XmlElement>())
+			{
+				MacrosMacro macro = new();
+				if (macroElem.HasAttribute("Id"))
+					macro.Id = macroElem.GetAttribute("Id");
+				if (macroElem.HasAttribute("Value"))
+					macro.Value = macroElem.GetAttribute("Value");
+				macros.Add(macro);
+			}
+			policy.Macros = [.. macros];
+		}
+
+		// Deserialize SupplementalPolicySigners
+		XmlElement? suppElem = root["SupplementalPolicySigners", GlobalVars.SiPolicyNamespace];
+		if (suppElem is not null)
+		{
+			List<SupplementalPolicySigner> spsList = [];
+			foreach (XmlElement spsElem in suppElem.ChildNodes.OfType<XmlElement>())
+			{
+				SupplementalPolicySigner sps = new();
+				if (spsElem.HasAttribute("SignerId"))
+					sps.SignerId = spsElem.GetAttribute("SignerId");
+				spsList.Add(sps);
+			}
+			policy.SupplementalPolicySigners = [.. spsList];
+		}
+
+		// Deserialize AppSettings
+		XmlElement? appSettingsElem = root["AppSettings", GlobalVars.SiPolicyNamespace];
+		if (appSettingsElem is not null)
+		{
+			AppSettingRegion appSettingRegion = new();
+			List<AppRoot> apps = [];
+			foreach (XmlElement appElem in appSettingsElem.ChildNodes.OfType<XmlElement>())
+			{
+				apps.Add(DeserializeAppRoot(appElem));
+			}
+			appSettingRegion.App = [.. apps];
+			policy.AppSettings = appSettingRegion;
+		}
+
+		return policy;
+	}
+
+	// Helper to get the inner text of an element.
+	private static string GetElementText(XmlElement parent, string localName)
+	{
+		XmlElement? elem = parent[localName, GlobalVars.SiPolicyNamespace];
+		return elem is not null ? elem.InnerText : string.Empty;
+	}
+
+	// Convert a hex string (without delimiters) to a byte array.
+	private static byte[] ConvertHexStringToByteArray(string hex)
+	{
+		if (string.IsNullOrEmpty(hex))
+			return [];
+		int length = hex.Length;
+		byte[] bytes = new byte[length / 2];
+		for (int i = 0; i < length; i += 2)
+			bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
+		return bytes;
+	}
+
+	// Conversion methods for enums.
+	private static OptionType ConvertStringToOptionType(string s)
+	{
+		return s switch
+		{
+			"Enabled:UMCI" => OptionType.EnabledUMCI,
+			"Enabled:Boot Menu Protection" => OptionType.EnabledBootMenuProtection,
+			"Enabled:Intelligent Security Graph Authorization" => OptionType.EnabledIntelligentSecurityGraphAuthorization,
+			"Enabled:Invalidate EAs on Reboot" => OptionType.EnabledInvalidateEAsonReboot,
+			"Required:WHQL" => OptionType.RequiredWHQL,
+			"Enabled:Developer Mode Dynamic Code Trust" => OptionType.EnabledDeveloperModeDynamicCodeTrust,
+			"Enabled:Allow Supplemental Policies" => OptionType.EnabledAllowSupplementalPolicies,
+			"Disabled:Runtime FilePath Rule Protection" => OptionType.DisabledRuntimeFilePathRuleProtection,
+			"Enabled:Revoked Expired As Unsigned" => OptionType.EnabledRevokedExpiredAsUnsigned,
+			"Enabled:Audit Mode" => OptionType.EnabledAuditMode,
+			"Disabled:Flight Signing" => OptionType.DisabledFlightSigning,
+			"Enabled:Inherit Default Policy" => OptionType.EnabledInheritDefaultPolicy,
+			"Enabled:Unsigned System Integrity Policy" => OptionType.EnabledUnsignedSystemIntegrityPolicy,
+			"Enabled:Dynamic Code Security" => OptionType.EnabledDynamicCodeSecurity,
+			"Required:EV Signers" => OptionType.RequiredEVSigners,
+			"Enabled:Boot Audit On Failure" => OptionType.EnabledBootAuditOnFailure,
+			"Enabled:Advanced Boot Options Menu" => OptionType.EnabledAdvancedBootOptionsMenu,
+			"Disabled:Script Enforcement" => OptionType.DisabledScriptEnforcement,
+			"Required:Enforce Store Applications" => OptionType.RequiredEnforceStoreApplications,
+			"Enabled:Secure Setting Policy" => OptionType.EnabledSecureSettingPolicy,
+			"Enabled:Managed Installer" => OptionType.EnabledManagedInstaller,
+			"Enabled:Update Policy No Reboot" => OptionType.EnabledUpdatePolicyNoReboot,
+			"Enabled:Conditional Windows Lockdown Policy" => OptionType.EnabledConditionalWindowsLockdownPolicy,
+			_ => throw new InvalidOperationException("Unknown OptionType: " + s)
+		};
+	}
+
+	private static PolicyType ConvertStringToPolicyType(string s)
+	{
+		return s switch
+		{
+			"Base Policy" => PolicyType.BasePolicy,
+			"Supplemental Policy" => PolicyType.SupplementalPolicy,
+			"AppID Tagging Policy" => PolicyType.AppIDTaggingPolicy,
+			_ => throw new InvalidOperationException("Unknown PolicyType: " + s)
+		};
+	}
+
+	private static CertEnumType ConvertStringToCertEnumType(string s)
+	{
+		return s switch
+		{
+			"TBS" => CertEnumType.TBS,
+			"Wellknown" => CertEnumType.Wellknown,
+			_ => throw new InvalidOperationException("Unknown CertEnumType: " + s)
+		};
+	}
+
+	private static RuleTypeType ConvertStringToRuleTypeType(string s)
+	{
+		return s switch
+		{
+			"Match" => RuleTypeType.Match,
+			"Exclude" => RuleTypeType.Exclude,
+			"Attribute" => RuleTypeType.Attribute,
+			_ => throw new InvalidOperationException("Unknown RuleTypeType: " + s)
+		};
+	}
+
+	// Deserialization methods for nested types
+
+	private static Allow DeserializeAllow(XmlElement elem)
+	{
+		Allow allow = new();
+		if (elem.HasAttribute("ID"))
+			allow.ID = elem.GetAttribute("ID");
+		if (elem.HasAttribute("FriendlyName"))
+			allow.FriendlyName = elem.GetAttribute("FriendlyName");
+		if (elem.HasAttribute("FileName"))
+			allow.FileName = elem.GetAttribute("FileName");
+		if (elem.HasAttribute("InternalName"))
+			allow.InternalName = elem.GetAttribute("InternalName");
+		if (elem.HasAttribute("FileDescription"))
+			allow.FileDescription = elem.GetAttribute("FileDescription");
+		if (elem.HasAttribute("ProductName"))
+			allow.ProductName = elem.GetAttribute("ProductName");
+		if (elem.HasAttribute("PackageFamilyName"))
+			allow.PackageFamilyName = elem.GetAttribute("PackageFamilyName");
+		if (elem.HasAttribute("PackageVersion"))
+			allow.PackageVersion = elem.GetAttribute("PackageVersion");
+		if (elem.HasAttribute("MinimumFileVersion"))
+			allow.MinimumFileVersion = elem.GetAttribute("MinimumFileVersion");
+		if (elem.HasAttribute("MaximumFileVersion"))
+			allow.MaximumFileVersion = elem.GetAttribute("MaximumFileVersion");
+		if (elem.HasAttribute("Hash"))
+			allow.Hash = ConvertHexStringToByteArray(elem.GetAttribute("Hash"));
+		if (elem.HasAttribute("AppIDs"))
+			allow.AppIDs = elem.GetAttribute("AppIDs");
+		if (elem.HasAttribute("FilePath"))
+			allow.FilePath = elem.GetAttribute("FilePath");
+		return allow;
+	}
+
+	private static Deny DeserializeDeny(XmlElement elem)
+	{
+		Deny deny = new();
+		if (elem.HasAttribute("ID"))
+			deny.ID = elem.GetAttribute("ID");
+		if (elem.HasAttribute("FriendlyName"))
+			deny.FriendlyName = elem.GetAttribute("FriendlyName");
+		if (elem.HasAttribute("FileName"))
+			deny.FileName = elem.GetAttribute("FileName");
+		if (elem.HasAttribute("InternalName"))
+			deny.InternalName = elem.GetAttribute("InternalName");
+		if (elem.HasAttribute("FileDescription"))
+			deny.FileDescription = elem.GetAttribute("FileDescription");
+		if (elem.HasAttribute("ProductName"))
+			deny.ProductName = elem.GetAttribute("ProductName");
+		if (elem.HasAttribute("PackageFamilyName"))
+			deny.PackageFamilyName = elem.GetAttribute("PackageFamilyName");
+		if (elem.HasAttribute("PackageVersion"))
+			deny.PackageVersion = elem.GetAttribute("PackageVersion");
+		if (elem.HasAttribute("MinimumFileVersion"))
+			deny.MinimumFileVersion = elem.GetAttribute("MinimumFileVersion");
+		if (elem.HasAttribute("MaximumFileVersion"))
+			deny.MaximumFileVersion = elem.GetAttribute("MaximumFileVersion");
+		if (elem.HasAttribute("Hash"))
+			deny.Hash = ConvertHexStringToByteArray(elem.GetAttribute("Hash"));
+		if (elem.HasAttribute("AppIDs"))
+			deny.AppIDs = elem.GetAttribute("AppIDs");
+		if (elem.HasAttribute("FilePath"))
+			deny.FilePath = elem.GetAttribute("FilePath");
+		return deny;
+	}
+
+	private static FileAttrib DeserializeFileAttrib(XmlElement elem)
+	{
+		FileAttrib fa = new();
+		if (elem.HasAttribute("ID"))
+			fa.ID = elem.GetAttribute("ID");
+		if (elem.HasAttribute("FriendlyName"))
+			fa.FriendlyName = elem.GetAttribute("FriendlyName");
+		if (elem.HasAttribute("FileName"))
+			fa.FileName = elem.GetAttribute("FileName");
+		if (elem.HasAttribute("InternalName"))
+			fa.InternalName = elem.GetAttribute("InternalName");
+		if (elem.HasAttribute("FileDescription"))
+			fa.FileDescription = elem.GetAttribute("FileDescription");
+		if (elem.HasAttribute("ProductName"))
+			fa.ProductName = elem.GetAttribute("ProductName");
+		if (elem.HasAttribute("PackageFamilyName"))
+			fa.PackageFamilyName = elem.GetAttribute("PackageFamilyName");
+		if (elem.HasAttribute("PackageVersion"))
+			fa.PackageVersion = elem.GetAttribute("PackageVersion");
+		if (elem.HasAttribute("MinimumFileVersion"))
+			fa.MinimumFileVersion = elem.GetAttribute("MinimumFileVersion");
+		if (elem.HasAttribute("MaximumFileVersion"))
+			fa.MaximumFileVersion = elem.GetAttribute("MaximumFileVersion");
+		if (elem.HasAttribute("Hash"))
+			fa.Hash = ConvertHexStringToByteArray(elem.GetAttribute("Hash"));
+		if (elem.HasAttribute("AppIDs"))
+			fa.AppIDs = elem.GetAttribute("AppIDs");
+		if (elem.HasAttribute("FilePath"))
+			fa.FilePath = elem.GetAttribute("FilePath");
+		return fa;
+	}
+
+	private static FileRule DeserializeFileRule(XmlElement elem)
+	{
+		FileRule fr = new();
+		if (elem.HasAttribute("ID"))
+			fr.ID = elem.GetAttribute("ID");
+		if (elem.HasAttribute("FriendlyName"))
+			fr.FriendlyName = elem.GetAttribute("FriendlyName");
+		if (elem.HasAttribute("FileName"))
+			fr.FileName = elem.GetAttribute("FileName");
+		if (elem.HasAttribute("InternalName"))
+			fr.InternalName = elem.GetAttribute("InternalName");
+		if (elem.HasAttribute("FileDescription"))
+			fr.FileDescription = elem.GetAttribute("FileDescription");
+		if (elem.HasAttribute("ProductName"))
+			fr.ProductName = elem.GetAttribute("ProductName");
+		if (elem.HasAttribute("PackageFamilyName"))
+			fr.PackageFamilyName = elem.GetAttribute("PackageFamilyName");
+		if (elem.HasAttribute("PackageVersion"))
+			fr.PackageVersion = elem.GetAttribute("PackageVersion");
+		if (elem.HasAttribute("MinimumFileVersion"))
+			fr.MinimumFileVersion = elem.GetAttribute("MinimumFileVersion");
+		if (elem.HasAttribute("MaximumFileVersion"))
+			fr.MaximumFileVersion = elem.GetAttribute("MaximumFileVersion");
+		if (elem.HasAttribute("Hash"))
+			fr.Hash = ConvertHexStringToByteArray(elem.GetAttribute("Hash"));
+		if (elem.HasAttribute("AppIDs"))
+			fr.AppIDs = elem.GetAttribute("AppIDs");
+		if (elem.HasAttribute("FilePath"))
+			fr.FilePath = elem.GetAttribute("FilePath");
+		if (elem.HasAttribute("Type"))
+			fr.Type = ConvertStringToRuleTypeType(elem.GetAttribute("Type"));
+		return fr;
+	}
+
+	private static Signer DeserializeSigner(XmlElement elem)
+	{
+		Signer signer = new();
+		if (elem.HasAttribute("ID"))
+			signer.ID = elem.GetAttribute("ID");
+		if (elem.HasAttribute("Name"))
+			signer.Name = elem.GetAttribute("Name");
+		if (elem.HasAttribute("SignTimeAfter"))
+		{
+			signer.SignTimeAfter = DateTime.Parse(elem.GetAttribute("SignTimeAfter"), null, DateTimeStyles.RoundtripKind);
+			signer.SignTimeAfterSpecified = true;
+		}
+		XmlElement? certRootElem = elem["CertRoot", GlobalVars.SiPolicyNamespace];
+		if (certRootElem is not null)
+		{
+			CertRoot cr = new();
+			if (certRootElem.HasAttribute("Type"))
+				cr.Type = ConvertStringToCertEnumType(certRootElem.GetAttribute("Type"));
+			if (certRootElem.HasAttribute("Value"))
+				cr.Value = ConvertHexStringToByteArray(certRootElem.GetAttribute("Value"));
+			signer.CertRoot = cr;
+		}
+		XmlNodeList certEkuNodes = elem.GetElementsByTagName("CertEKU", GlobalVars.SiPolicyNamespace);
+		if (certEkuNodes.Count > 0)
+		{
+			List<CertEKU> ekus = [];
+			foreach (XmlElement ekuElem in certEkuNodes.OfType<XmlElement>())
+			{
+				CertEKU certEku = new();
+				if (ekuElem.HasAttribute("ID"))
+					certEku.ID = ekuElem.GetAttribute("ID");
+				ekus.Add(certEku);
+			}
+			signer.CertEKU = [.. ekus];
+		}
+		XmlElement? certIssuerElem = elem["CertIssuer", GlobalVars.SiPolicyNamespace];
+		if (certIssuerElem is not null)
+		{
+			CertIssuer ci = new();
+			if (certIssuerElem.HasAttribute("Value"))
+				ci.Value = certIssuerElem.GetAttribute("Value");
+			signer.CertIssuer = ci;
+		}
+		XmlElement? certPublisherElem = elem["CertPublisher", GlobalVars.SiPolicyNamespace];
+		if (certPublisherElem is not null)
+		{
+			CertPublisher cp = new();
+			if (certPublisherElem.HasAttribute("Value"))
+				cp.Value = certPublisherElem.GetAttribute("Value");
+			signer.CertPublisher = cp;
+		}
+		XmlElement? certOemIDElem = elem["CertOemID", GlobalVars.SiPolicyNamespace];
+		if (certOemIDElem is not null)
+		{
+			CertOemID co = new();
+			if (certOemIDElem.HasAttribute("Value"))
+				co.Value = certOemIDElem.GetAttribute("Value");
+			signer.CertOemID = co;
+		}
+		XmlNodeList farNodes = elem.GetElementsByTagName("FileAttribRef", GlobalVars.SiPolicyNamespace);
+		if (farNodes.Count > 0)
+		{
+			List<FileAttribRef> fars = [];
+			foreach (XmlElement farElem in farNodes.OfType<XmlElement>())
+			{
+				FileAttribRef far = new();
+				if (farElem.HasAttribute("RuleID"))
+					far.RuleID = farElem.GetAttribute("RuleID");
+				fars.Add(far);
+			}
+			signer.FileAttribRef = [.. fars];
+		}
+		return signer;
+	}
+
+	private static SigningScenario DeserializeSigningScenario(XmlElement elem)
+	{
+		SigningScenario scenario = new();
+		if (elem.HasAttribute("ID"))
+			scenario.ID = elem.GetAttribute("ID");
+		if (elem.HasAttribute("FriendlyName"))
+			scenario.FriendlyName = elem.GetAttribute("FriendlyName");
+		if (elem.HasAttribute("Value"))
+			scenario.Value = byte.Parse(elem.GetAttribute("Value"), CultureInfo.InvariantCulture);
+		if (elem.HasAttribute("InheritedScenarios"))
+			scenario.InheritedScenarios = elem.GetAttribute("InheritedScenarios");
+		if (elem.HasAttribute("MinimumHashAlgorithm"))
+		{
+			scenario.MinimumHashAlgorithm = ushort.Parse(elem.GetAttribute("MinimumHashAlgorithm"), CultureInfo.InvariantCulture);
+			scenario.MinimumHashAlgorithmSpecified = true;
+		}
+		XmlElement? prodSignersElem = elem["ProductSigners", GlobalVars.SiPolicyNamespace];
+		if (prodSignersElem is not null)
+			scenario.ProductSigners = DeserializeProductSigners(prodSignersElem);
+		XmlElement? testSignersElem = elem["TestSigners", GlobalVars.SiPolicyNamespace];
+		if (testSignersElem is not null)
+			scenario.TestSigners = DeserializeTestSigners(testSignersElem);
+		XmlElement? testSigningSignersElem = elem["TestSigningSigners", GlobalVars.SiPolicyNamespace];
+		if (testSigningSignersElem is not null)
+			scenario.TestSigningSigners = DeserializeTestSigningSigners(testSigningSignersElem);
+		XmlElement? appIDTagsElem = elem["AppIDTags", GlobalVars.SiPolicyNamespace];
+		if (appIDTagsElem is not null)
+			scenario.AppIDTags = DeserializeAppIDTags(appIDTagsElem);
+		return scenario;
+	}
+
+	private static ProductSigners DeserializeProductSigners(XmlElement elem)
+	{
+		ProductSigners ps = new();
+		XmlElement? allowedElem = elem["AllowedSigners", GlobalVars.SiPolicyNamespace];
+		if (allowedElem is not null)
+		{
+			AllowedSigners allowed = new();
+			if (allowedElem.HasAttribute("Workaround"))
+				allowed.Workaround = allowedElem.GetAttribute("Workaround");
+			List<AllowedSigner> asList = [];
+			foreach (XmlElement aSignerElem in allowedElem.GetElementsByTagName("AllowedSigner"))
+			{
+				AllowedSigner aSigner = new();
+				if (aSignerElem.HasAttribute("SignerId"))
+					aSigner.SignerId = aSignerElem.GetAttribute("SignerId");
+				XmlNodeList edrNodes = aSignerElem.GetElementsByTagName("ExceptDenyRule", GlobalVars.SiPolicyNamespace);
+				if (edrNodes.Count > 0)
+				{
+					List<ExceptDenyRule> rules = [];
+					foreach (XmlElement ruleElem in edrNodes.OfType<XmlElement>())
+					{
+						ExceptDenyRule rule = new();
+						if (ruleElem.HasAttribute("DenyRuleID"))
+							rule.DenyRuleID = ruleElem.GetAttribute("DenyRuleID");
+						rules.Add(rule);
+					}
+					aSigner.ExceptDenyRule = [.. rules];
+				}
+				asList.Add(aSigner);
+			}
+			allowed.AllowedSigner = [.. asList];
+			ps.AllowedSigners = allowed;
+		}
+		XmlElement? deniedElem = elem["DeniedSigners", GlobalVars.SiPolicyNamespace];
+		if (deniedElem is not null)
+		{
+			DeniedSigners denied = new();
+			if (deniedElem.HasAttribute("Workaround"))
+				denied.Workaround = deniedElem.GetAttribute("Workaround");
+			List<DeniedSigner> dsList = [];
+			foreach (XmlElement dSignerElem in deniedElem.GetElementsByTagName("DeniedSigner"))
+			{
+				DeniedSigner dSigner = new();
+				if (dSignerElem.HasAttribute("SignerId"))
+					dSigner.SignerId = dSignerElem.GetAttribute("SignerId");
+				XmlNodeList earNodes = dSignerElem.GetElementsByTagName("ExceptAllowRule", GlobalVars.SiPolicyNamespace);
+				if (earNodes.Count > 0)
+				{
+					List<ExceptAllowRule> rules = [];
+					foreach (XmlElement ruleElem in earNodes.OfType<XmlElement>())
+					{
+						ExceptAllowRule rule = new();
+						if (ruleElem.HasAttribute("AllowRuleID"))
+							rule.AllowRuleID = ruleElem.GetAttribute("AllowRuleID");
+						rules.Add(rule);
+					}
+					dSigner.ExceptAllowRule = [.. rules];
+				}
+				dsList.Add(dSigner);
+			}
+			denied.DeniedSigner = [.. dsList];
+			ps.DeniedSigners = denied;
+		}
+		XmlElement? fileRulesRefElem = elem["FileRulesRef", GlobalVars.SiPolicyNamespace];
+		if (fileRulesRefElem is not null)
+		{
+			FileRulesRef frr = new();
+			if (fileRulesRefElem.HasAttribute("Workaround"))
+				frr.Workaround = fileRulesRefElem.GetAttribute("Workaround");
+			List<FileRuleRef> frrList = [];
+			foreach (XmlElement frElem in fileRulesRefElem.GetElementsByTagName("FileRuleRef"))
+			{
+				FileRuleRef frRef = new();
+				if (frElem.HasAttribute("RuleID"))
+					frRef.RuleID = frElem.GetAttribute("RuleID");
+				frrList.Add(frRef);
+			}
+			frr.FileRuleRef = [.. frrList];
+			ps.FileRulesRef = frr;
+		}
+		return ps;
+	}
+
+	private static TestSigners DeserializeTestSigners(XmlElement elem)
+	{
+		TestSigners ts = new();
+		XmlElement? allowedElem = elem["AllowedSigners", GlobalVars.SiPolicyNamespace];
+		if (allowedElem is not null)
+		{
+			AllowedSigners allowed = new();
+			if (allowedElem.HasAttribute("Workaround"))
+				allowed.Workaround = allowedElem.GetAttribute("Workaround");
+			List<AllowedSigner> asList = [];
+			foreach (XmlElement aSignerElem in allowedElem.GetElementsByTagName("AllowedSigner"))
+			{
+				AllowedSigner aSigner = new();
+				if (aSignerElem.HasAttribute("SignerId"))
+					aSigner.SignerId = aSignerElem.GetAttribute("SignerId");
+				XmlNodeList edrNodes = aSignerElem.GetElementsByTagName("ExceptDenyRule", GlobalVars.SiPolicyNamespace);
+				if (edrNodes.Count > 0)
+				{
+					List<ExceptDenyRule> rules = [];
+					foreach (XmlElement ruleElem in edrNodes.OfType<XmlElement>())
+					{
+						ExceptDenyRule rule = new();
+						if (ruleElem.HasAttribute("DenyRuleID"))
+							rule.DenyRuleID = ruleElem.GetAttribute("DenyRuleID");
+						rules.Add(rule);
+					}
+					aSigner.ExceptDenyRule = [.. rules];
+				}
+				asList.Add(aSigner);
+			}
+			allowed.AllowedSigner = [.. asList];
+			ts.AllowedSigners = allowed;
+		}
+		XmlElement? deniedElem = elem["DeniedSigners", GlobalVars.SiPolicyNamespace];
+		if (deniedElem is not null)
+		{
+			DeniedSigners denied = new();
+			if (deniedElem.HasAttribute("Workaround"))
+				denied.Workaround = deniedElem.GetAttribute("Workaround");
+			List<DeniedSigner> dsList = [];
+			foreach (XmlElement dSignerElem in deniedElem.GetElementsByTagName("DeniedSigner"))
+			{
+				DeniedSigner dSigner = new();
+				if (dSignerElem.HasAttribute("SignerId"))
+					dSigner.SignerId = dSignerElem.GetAttribute("SignerId");
+				XmlNodeList earNodes = dSignerElem.GetElementsByTagName("ExceptAllowRule", GlobalVars.SiPolicyNamespace);
+				if (earNodes.Count > 0)
+				{
+					List<ExceptAllowRule> rules = [];
+					foreach (XmlElement ruleElem in earNodes.OfType<XmlElement>())
+					{
+						ExceptAllowRule rule = new();
+						if (ruleElem.HasAttribute("AllowRuleID"))
+							rule.AllowRuleID = ruleElem.GetAttribute("AllowRuleID");
+						rules.Add(rule);
+					}
+					dSigner.ExceptAllowRule = [.. rules];
+				}
+				dsList.Add(dSigner);
+			}
+			denied.DeniedSigner = [.. dsList];
+			ts.DeniedSigners = denied;
+		}
+		XmlElement? fileRulesRefElem = elem["FileRulesRef", GlobalVars.SiPolicyNamespace];
+		if (fileRulesRefElem is not null)
+		{
+			FileRulesRef frr = new();
+			if (fileRulesRefElem.HasAttribute("Workaround"))
+				frr.Workaround = fileRulesRefElem.GetAttribute("Workaround");
+			List<FileRuleRef> frrList = [];
+			foreach (XmlElement frElem in fileRulesRefElem.GetElementsByTagName("FileRuleRef"))
+			{
+				FileRuleRef frRef = new();
+				if (frElem.HasAttribute("RuleID"))
+					frRef.RuleID = frElem.GetAttribute("RuleID");
+				frrList.Add(frRef);
+			}
+			frr.FileRuleRef = [.. frrList];
+			ts.FileRulesRef = frr;
+		}
+		return ts;
+	}
+
+	private static TestSigningSigners DeserializeTestSigningSigners(XmlElement elem)
+	{
+		TestSigningSigners tss = new();
+		XmlElement? allowedElem = elem["AllowedSigners", GlobalVars.SiPolicyNamespace];
+		if (allowedElem is not null)
+		{
+			AllowedSigners allowed = new();
+			if (allowedElem.HasAttribute("Workaround"))
+				allowed.Workaround = allowedElem.GetAttribute("Workaround");
+			List<AllowedSigner> asList = [];
+			foreach (XmlElement aSignerElem in allowedElem.GetElementsByTagName("AllowedSigner"))
+			{
+				AllowedSigner aSigner = new();
+				if (aSignerElem.HasAttribute("SignerId"))
+					aSigner.SignerId = aSignerElem.GetAttribute("SignerId");
+				XmlNodeList edrNodes = aSignerElem.GetElementsByTagName("ExceptDenyRule", GlobalVars.SiPolicyNamespace);
+				if (edrNodes.Count > 0)
+				{
+					List<ExceptDenyRule> rules = [];
+					foreach (XmlElement ruleElem in edrNodes.OfType<XmlElement>())
+					{
+						ExceptDenyRule rule = new();
+						if (ruleElem.HasAttribute("DenyRuleID"))
+							rule.DenyRuleID = ruleElem.GetAttribute("DenyRuleID");
+						rules.Add(rule);
+					}
+					aSigner.ExceptDenyRule = [.. rules];
+				}
+				asList.Add(aSigner);
+			}
+			allowed.AllowedSigner = [.. asList];
+			tss.AllowedSigners = allowed;
+		}
+		XmlElement? deniedElem = elem["DeniedSigners", GlobalVars.SiPolicyNamespace];
+		if (deniedElem is not null)
+		{
+			DeniedSigners denied = new();
+			if (deniedElem.HasAttribute("Workaround"))
+				denied.Workaround = deniedElem.GetAttribute("Workaround");
+			List<DeniedSigner> dsList = [];
+			foreach (XmlElement dSignerElem in deniedElem.GetElementsByTagName("DeniedSigner"))
+			{
+				DeniedSigner dSigner = new();
+				if (dSignerElem.HasAttribute("SignerId"))
+					dSigner.SignerId = dSignerElem.GetAttribute("SignerId");
+				XmlNodeList earNodes = dSignerElem.GetElementsByTagName("ExceptAllowRule", GlobalVars.SiPolicyNamespace);
+				if (earNodes.Count > 0)
+				{
+					List<ExceptAllowRule> rules = [];
+					foreach (XmlElement ruleElem in earNodes.OfType<XmlElement>())
+					{
+						ExceptAllowRule rule = new();
+						if (ruleElem.HasAttribute("AllowRuleID"))
+							rule.AllowRuleID = ruleElem.GetAttribute("AllowRuleID");
+						rules.Add(rule);
+					}
+					dSigner.ExceptAllowRule = [.. rules];
+				}
+				dsList.Add(dSigner);
+			}
+			denied.DeniedSigner = [.. dsList];
+			tss.DeniedSigners = denied;
+		}
+		XmlElement? fileRulesRefElem = elem["FileRulesRef", GlobalVars.SiPolicyNamespace];
+		if (fileRulesRefElem is not null)
+		{
+			FileRulesRef frr = new();
+			if (fileRulesRefElem.HasAttribute("Workaround"))
+				frr.Workaround = fileRulesRefElem.GetAttribute("Workaround");
+			List<FileRuleRef> frrList = [];
+			foreach (XmlElement frElem in fileRulesRefElem.GetElementsByTagName("FileRuleRef"))
+			{
+				FileRuleRef frRef = new();
+				if (frElem.HasAttribute("RuleID"))
+					frRef.RuleID = frElem.GetAttribute("RuleID");
+				frrList.Add(frRef);
+			}
+			frr.FileRuleRef = [.. frrList];
+			tss.FileRulesRef = frr;
+		}
+		return tss;
+	}
+
+	private static AppRoot DeserializeAppRoot(XmlElement elem)
+	{
+		AppRoot app = new();
+		if (elem.HasAttribute("Manifest"))
+			app.Manifest = elem.GetAttribute("Manifest");
+		List<AppSetting> settings = [];
+		foreach (XmlElement settingElem in elem.ChildNodes.OfType<XmlElement>())
+		{
+			settings.Add(DeserializeAppSetting(settingElem));
+		}
+		app.Setting = [.. settings];
+		return app;
+	}
+
+	private static AppSetting DeserializeAppSetting(XmlElement elem)
+	{
+		AppSetting appSetting = new();
+		if (elem.HasAttribute("Name"))
+			appSetting.Name = elem.GetAttribute("Name");
+		List<string> values = [];
+		foreach (XmlElement valueElem in elem.GetElementsByTagName("Value"))
+		{
+			values.Add(valueElem.InnerText);
+		}
+		appSetting.Value = [.. values];
+		return appSetting;
+	}
+
+	private static Setting DeserializeSetting(XmlElement elem)
+	{
+		Setting setting = new();
+		if (elem.HasAttribute("Provider"))
+			setting.Provider = elem.GetAttribute("Provider");
+		if (elem.HasAttribute("Key"))
+			setting.Key = elem.GetAttribute("Key");
+		if (elem.HasAttribute("ValueName"))
+			setting.ValueName = elem.GetAttribute("ValueName");
+		XmlElement? valueElem = elem["Value", GlobalVars.SiPolicyNamespace];
+		if (valueElem is not null)
+		{
+			if (valueElem["Binary", GlobalVars.SiPolicyNamespace] is not null)
+			{
+				SettingValueType sv = new()
+				{
+					Item = ConvertHexStringToByteArray(GetElementText(valueElem, "Binary"))
+				};
+				setting.Value = sv;
+			}
+			else if (valueElem["Boolean", GlobalVars.SiPolicyNamespace] is not null)
+			{
+				SettingValueType sv = new()
+				{
+					Item = bool.Parse(GetElementText(valueElem, "Boolean"))
+				};
+				setting.Value = sv;
+			}
+			else if (valueElem["DWord", GlobalVars.SiPolicyNamespace] is not null)
+			{
+				SettingValueType sv = new()
+				{
+					Item = uint.Parse(GetElementText(valueElem, "DWord"), CultureInfo.InvariantCulture)
+				};
+				setting.Value = sv;
+			}
+			else if (valueElem["String", GlobalVars.SiPolicyNamespace] is not null)
+			{
+				SettingValueType sv = new()
+				{
+					Item = GetElementText(valueElem, "String")
+				};
+				setting.Value = sv;
+			}
+		}
+		return setting;
+	}
+
+
+	private static AppIDTags DeserializeAppIDTags(XmlElement elem)
+	{
+		AppIDTags appIDTags = new();
+
+		// Read the EnforceDLL attribute if present
+		if (elem.HasAttribute("EnforceDLL"))
+		{
+			string enforceDLLStr = elem.GetAttribute("EnforceDLL");
+			if (bool.TryParse(enforceDLLStr, out bool enforceDLL))
+			{
+				appIDTags.EnforceDLL = enforceDLL;
+				appIDTags.EnforceDLLSpecified = true;
+			}
+		}
+
+		// Parse the AppIDTag child elements
+		var appIDTagNodes = elem.GetElementsByTagName("AppIDTag");
+		var tags = new List<AppIDTag>();
+		foreach (XmlElement tagElem in appIDTagNodes)
+		{
+			AppIDTag tag = new();
+			if (tagElem.HasAttribute("Key"))
+				tag.Key = tagElem.GetAttribute("Key");
+			if (tagElem.HasAttribute("Value"))
+				tag.Value = tagElem.GetAttribute("Value");
+			tags.Add(tag);
+		}
+		appIDTags.AppIDTag = [.. tags];
+
+		return appIDTags;
+	}
+
+}
diff --git a/AppControl Manager/SiPolicy/CustomSerialization.cs b/AppControl Manager/SiPolicy/CustomSerialization.cs
new file mode 100644
index 000000000..2f495f452
--- /dev/null
+++ b/AppControl Manager/SiPolicy/CustomSerialization.cs	
@@ -0,0 +1,713 @@
+using System;
+using System.Linq;
+using System.Xml;
+using AppControlManager.Others;
+
+namespace AppControlManager.SiPolicy;
+
+internal static class CustomSerialization
+{
+	internal static XmlDocument CreateXmlFromSiPolicy(SiPolicy policy)
+	{
+		XmlDocument xmlDoc = new();
+		XmlDeclaration xmlDecl = xmlDoc.CreateXmlDeclaration("1.0", "utf-8", null);
+		_ = xmlDoc.AppendChild(xmlDecl);
+
+		// Create root element
+		XmlElement root = xmlDoc.CreateElement("SiPolicy", GlobalVars.SiPolicyNamespace);
+		_ = xmlDoc.AppendChild(root);
+
+		// Set attributes for the root element
+		if (!string.IsNullOrEmpty(policy.FriendlyName))
+			root.SetAttribute("FriendlyName", policy.FriendlyName);
+		if (policy.PolicyTypeSpecified)
+			root.SetAttribute("PolicyType", ConvertPolicyType(policy.PolicyType));
+
+		// VersionEx, PolicyID, BasePolicyID, PlatformID
+		AppendTextElement(xmlDoc, root, "VersionEx", policy.VersionEx);
+		AppendTextElement(xmlDoc, root, "PolicyID", policy.PolicyID);
+		AppendTextElement(xmlDoc, root, "BasePolicyID", policy.BasePolicyID);
+		AppendTextElement(xmlDoc, root, "PlatformID", policy.PlatformID);
+
+		// Rules
+		// Adding this first so if there are no rules, an empty Rules node will exist to satisfy the schema validation
+		XmlElement rulesElement = xmlDoc.CreateElement("Rules", GlobalVars.SiPolicyNamespace);
+		_ = root.AppendChild(rulesElement);
+
+		if (policy.Rules is { Length: > 0 })
+		{
+			foreach (RuleType rule in policy.Rules)
+			{
+				XmlElement ruleElement = xmlDoc.CreateElement("Rule", GlobalVars.SiPolicyNamespace);
+				AppendTextElement(xmlDoc, ruleElement, "Option", ConvertOptionType(rule.Item));
+				_ = rulesElement.AppendChild(ruleElement);
+			}
+		}
+
+		// EKUs
+		// Adding this first so if there are no EKUs, an empty EKUs node will exist to satisfy the schema validation
+		XmlElement ekusElement = xmlDoc.CreateElement("EKUs", GlobalVars.SiPolicyNamespace);
+		_ = root.AppendChild(ekusElement);
+
+		if (policy.EKUs is { Length: > 0 })
+		{
+			foreach (EKU eku in policy.EKUs)
+			{
+				XmlElement ekuElement = xmlDoc.CreateElement("EKU", GlobalVars.SiPolicyNamespace);
+				ekuElement.SetAttribute("ID", eku.ID);
+
+				if (!string.IsNullOrEmpty(eku.FriendlyName))
+					ekuElement.SetAttribute("FriendlyName", eku.FriendlyName);
+
+				ekuElement.SetAttribute("Value", ConvertByteArrayToHex(eku.Value));
+				_ = ekusElement.AppendChild(ekuElement);
+			}
+		}
+
+		// FileRules
+		XmlElement fileRulesElement = xmlDoc.CreateElement("FileRules", GlobalVars.SiPolicyNamespace);
+		_ = root.AppendChild(fileRulesElement);
+
+		if (policy.FileRules is { Length: > 0 })
+		{
+			// Detect the types of each FileRule
+			foreach (object fr in policy.FileRules)
+			{
+				if (fr is Allow allow)
+				{
+					AppendAllow(xmlDoc, fileRulesElement, allow);
+				}
+				else if (fr is Deny deny)
+				{
+					AppendDeny(xmlDoc, fileRulesElement, deny);
+				}
+				else if (fr is FileAttrib fileAttrib)
+				{
+					AppendFileAttrib(xmlDoc, fileRulesElement, fileAttrib);
+				}
+				else if (fr is FileRule fileRule)
+				{
+					AppendFileRule(xmlDoc, fileRulesElement, fileRule);
+				}
+			}
+		}
+
+		// Signers
+		XmlElement signersElement = xmlDoc.CreateElement("Signers", GlobalVars.SiPolicyNamespace);
+		_ = root.AppendChild(signersElement);
+
+		if (policy.Signers is { Length: > 0 })
+		{
+			foreach (Signer signer in policy.Signers)
+			{
+				XmlElement signerElement = xmlDoc.CreateElement("Signer", GlobalVars.SiPolicyNamespace);
+				signerElement.SetAttribute("ID", signer.ID);
+				signerElement.SetAttribute("Name", signer.Name);
+				if (signer.SignTimeAfterSpecified)
+					signerElement.SetAttribute("SignTimeAfter", signer.SignTimeAfter.ToString("o"));
+
+				// CertRoot
+				if (signer.CertRoot is not null)
+				{
+					XmlElement certRootElement = xmlDoc.CreateElement("CertRoot", GlobalVars.SiPolicyNamespace);
+					certRootElement.SetAttribute("Type", signer.CertRoot.Type.ToString());
+					certRootElement.SetAttribute("Value", ConvertByteArrayToHex(signer.CertRoot.Value));
+					_ = signerElement.AppendChild(certRootElement);
+				}
+
+				// CertEKU(s)
+				if (signer.CertEKU is { Length: > 0 })
+				{
+					foreach (CertEKU certEku in signer.CertEKU)
+					{
+						XmlElement certEkuElement = xmlDoc.CreateElement("CertEKU", GlobalVars.SiPolicyNamespace);
+						certEkuElement.SetAttribute("ID", certEku.ID);
+						_ = signerElement.AppendChild(certEkuElement);
+					}
+				}
+
+				// CertIssuer, CertPublisher, CertOemID
+				if (signer.CertIssuer is not null)
+					AppendAttributeElement(xmlDoc, signerElement, "CertIssuer", "Value", signer.CertIssuer.Value);
+				if (signer.CertPublisher is not null)
+					AppendAttributeElement(xmlDoc, signerElement, "CertPublisher", "Value", signer.CertPublisher.Value);
+				if (signer.CertOemID is not null)
+					AppendAttributeElement(xmlDoc, signerElement, "CertOemID", "Value", signer.CertOemID.Value);
+
+				// FileAttribRef(s)
+				if (signer.FileAttribRef is { Length: > 0 })
+				{
+					foreach (FileAttribRef far in signer.FileAttribRef)
+					{
+						XmlElement farElement = xmlDoc.CreateElement("FileAttribRef", GlobalVars.SiPolicyNamespace);
+						farElement.SetAttribute("RuleID", far.RuleID);
+						_ = signerElement.AppendChild(farElement);
+					}
+				}
+				_ = signersElement.AppendChild(signerElement);
+			}
+		}
+
+		// SigningScenarios
+		if (policy.SigningScenarios is { Length: > 0 })
+		{
+			XmlElement signingScenariosElement = xmlDoc.CreateElement("SigningScenarios", GlobalVars.SiPolicyNamespace);
+			_ = root.AppendChild(signingScenariosElement);
+
+			foreach (SigningScenario scenario in policy.SigningScenarios)
+			{
+				XmlElement scenarioElement = xmlDoc.CreateElement("SigningScenario", GlobalVars.SiPolicyNamespace);
+				scenarioElement.SetAttribute("Value", scenario.Value.ToString());
+				scenarioElement.SetAttribute("ID", scenario.ID);
+
+				if (!string.IsNullOrEmpty(scenario.FriendlyName))
+					scenarioElement.SetAttribute("FriendlyName", scenario.FriendlyName);
+
+				if (!string.IsNullOrEmpty(scenario.InheritedScenarios))
+					scenarioElement.SetAttribute("InheritedScenarios", scenario.InheritedScenarios);
+
+				if (scenario.MinimumHashAlgorithmSpecified)
+					scenarioElement.SetAttribute("MinimumHashAlgorithm", scenario.MinimumHashAlgorithm.ToString());
+
+				// ProductSigners
+				if (scenario.ProductSigners is not null)
+				{
+					XmlElement prodSigners = xmlDoc.CreateElement("ProductSigners", GlobalVars.SiPolicyNamespace);
+					AppendProductSigners(xmlDoc, prodSigners, scenario.ProductSigners);
+					_ = scenarioElement.AppendChild(prodSigners);
+				}
+				// TestSigners
+				if (scenario.TestSigners is not null)
+				{
+					XmlElement testSigners = xmlDoc.CreateElement("TestSigners", GlobalVars.SiPolicyNamespace);
+					AppendTestSigners(xmlDoc, testSigners, scenario.TestSigners);
+					_ = scenarioElement.AppendChild(testSigners);
+				}
+				// TestSigningSigners
+				if (scenario.TestSigningSigners is not null)
+				{
+					XmlElement testSigningSigners = xmlDoc.CreateElement("TestSigningSigners", GlobalVars.SiPolicyNamespace);
+					AppendTestSigningSigners(xmlDoc, testSigningSigners, scenario.TestSigningSigners);
+					_ = scenarioElement.AppendChild(testSigningSigners);
+				}
+				// AppIDTags
+				if (scenario.AppIDTags is not null)
+				{
+					XmlElement appIDTagsElement = xmlDoc.CreateElement("AppIDTags", GlobalVars.SiPolicyNamespace);
+					if (scenario.AppIDTags.EnforceDLLSpecified)
+						appIDTagsElement.SetAttribute("EnforceDLL", scenario.AppIDTags.EnforceDLL.ToString().ToLowerInvariant()); // Only lowercase "true" is considered valid by the schema
+					if (scenario.AppIDTags.AppIDTag is not null)
+					{
+						foreach (AppIDTag tag in scenario.AppIDTags.AppIDTag)
+						{
+							XmlElement tagElement = xmlDoc.CreateElement("AppIDTag", GlobalVars.SiPolicyNamespace);
+							tagElement.SetAttribute("Key", tag.Key);
+							tagElement.SetAttribute("Value", tag.Value);
+							_ = appIDTagsElement.AppendChild(tagElement);
+						}
+					}
+					_ = scenarioElement.AppendChild(appIDTagsElement);
+				}
+				_ = signingScenariosElement.AppendChild(scenarioElement);
+			}
+		}
+
+		// UpdatePolicySigners
+		XmlElement upsElement = xmlDoc.CreateElement("UpdatePolicySigners", GlobalVars.SiPolicyNamespace);
+		_ = root.AppendChild(upsElement);
+
+		if (policy.UpdatePolicySigners is { Length: > 0 })
+		{
+			foreach (UpdatePolicySigner ups in policy.UpdatePolicySigners)
+			{
+				XmlElement upsChild = xmlDoc.CreateElement("UpdatePolicySigner", GlobalVars.SiPolicyNamespace);
+				upsChild.SetAttribute("SignerId", ups.SignerId);
+				_ = upsElement.AppendChild(upsChild);
+			}
+		}
+
+		// CiSigners
+		XmlElement ciElement = xmlDoc.CreateElement("CiSigners", GlobalVars.SiPolicyNamespace);
+		_ = root.AppendChild(ciElement);
+
+		if (policy.CiSigners is { Length: > 0 })
+		{
+			foreach (CiSigner ci in policy.CiSigners)
+			{
+				XmlElement ciSignerElement = xmlDoc.CreateElement("CiSigner", GlobalVars.SiPolicyNamespace);
+				ciSignerElement.SetAttribute("SignerId", ci.SignerId);
+				_ = ciElement.AppendChild(ciSignerElement);
+			}
+		}
+
+		// HvciOptions
+		if (policy.HvciOptionsSpecified)
+			AppendTextElement(xmlDoc, root, "HvciOptions", policy.HvciOptions.ToString());
+
+		// Settings
+		if (policy.Settings is { Length: > 0 })
+		{
+			XmlElement settingsElement = xmlDoc.CreateElement("Settings", GlobalVars.SiPolicyNamespace);
+			_ = root.AppendChild(settingsElement);
+
+			foreach (Setting setting in policy.Settings)
+			{
+				XmlElement settingElement = xmlDoc.CreateElement("Setting", GlobalVars.SiPolicyNamespace);
+				settingElement.SetAttribute("Provider", setting.Provider);
+				settingElement.SetAttribute("Key", setting.Key);
+				settingElement.SetAttribute("ValueName", setting.ValueName);
+
+				if (setting.Value is not null)
+				{
+					XmlElement valueElement = xmlDoc.CreateElement("Value", GlobalVars.SiPolicyNamespace);
+					if (setting.Value.Item is byte[] b)
+						AppendTextElement(xmlDoc, valueElement, "Binary", ConvertByteArrayToHex(b));
+					else if (setting.Value.Item is bool boolVal)
+						AppendTextElement(xmlDoc, valueElement, "Boolean", boolVal.ToString().ToLowerInvariant()); // Somehow the CIP conversion cmdlet doesn't like "True" but "true" is ok
+					else if (setting.Value.Item is uint uintVal)
+						AppendTextElement(xmlDoc, valueElement, "DWord", uintVal.ToString());
+					else if (setting.Value.Item is string s)
+						AppendTextElement(xmlDoc, valueElement, "String", s);
+					_ = settingElement.AppendChild(valueElement);
+				}
+				_ = settingsElement.AppendChild(settingElement);
+			}
+		}
+
+		// Macros
+		if (policy.Macros is { Length: > 0 })
+		{
+			XmlElement macrosElement = xmlDoc.CreateElement("Macros", GlobalVars.SiPolicyNamespace);
+			_ = root.AppendChild(macrosElement);
+			foreach (MacrosMacro macro in policy.Macros)
+			{
+				XmlElement macroElement = xmlDoc.CreateElement("Macro", GlobalVars.SiPolicyNamespace);
+				macroElement.SetAttribute("Id", macro.Id);
+				macroElement.SetAttribute("Value", macro.Value);
+				_ = macrosElement.AppendChild(macroElement);
+			}
+		}
+
+		// Supplemental policy signers
+		if (policy.SupplementalPolicySigners is { Length: > 0 })
+		{
+			XmlElement suppElement = xmlDoc.CreateElement("SupplementalPolicySigners", GlobalVars.SiPolicyNamespace);
+			_ = root.AppendChild(suppElement);
+			foreach (SupplementalPolicySigner sps in policy.SupplementalPolicySigners)
+			{
+				XmlElement spsElement = xmlDoc.CreateElement("SupplementalPolicySigner", GlobalVars.SiPolicyNamespace);
+				spsElement.SetAttribute("SignerId", sps.SignerId);
+				_ = suppElement.AppendChild(spsElement);
+			}
+		}
+
+		// AppSettings (AppSettingRegion)
+		if (policy.AppSettings is not null)
+		{
+			XmlElement appSettingsElement = xmlDoc.CreateElement("AppSettings", GlobalVars.SiPolicyNamespace);
+			_ = root.AppendChild(appSettingsElement);
+			if (policy.AppSettings.App is not null)
+			{
+				foreach (AppRoot app in policy.AppSettings.App)
+				{
+					XmlElement appElement = xmlDoc.CreateElement("App", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(app.Manifest))
+						appElement.SetAttribute("Manifest", app.Manifest);
+					if (app.Setting is { Length: > 0 })
+					{
+						foreach (AppSetting appSetting in app.Setting)
+						{
+							XmlElement settingElem = xmlDoc.CreateElement("Setting", GlobalVars.SiPolicyNamespace);
+							settingElem.SetAttribute("Name", appSetting.Name);
+							if (appSetting.Value is { Length: > 0 })
+							{
+								foreach (string val in appSetting.Value)
+								{
+									AppendTextElement(xmlDoc, settingElem, "Value", val);
+								}
+							}
+							_ = appElement.AppendChild(settingElem);
+						}
+					}
+					_ = appSettingsElement.AppendChild(appElement);
+				}
+			}
+		}
+
+		return xmlDoc;
+	}
+
+	// Helper for OptionType conversion
+	private static string ConvertOptionType(OptionType option)
+	{
+		return option switch
+		{
+			OptionType.EnabledUMCI => "Enabled:UMCI",
+			OptionType.EnabledBootMenuProtection => "Enabled:Boot Menu Protection",
+			OptionType.EnabledIntelligentSecurityGraphAuthorization => "Enabled:Intelligent Security Graph Authorization",
+			OptionType.EnabledInvalidateEAsonReboot => "Enabled:Invalidate EAs on Reboot",
+			OptionType.RequiredWHQL => "Required:WHQL",
+			OptionType.EnabledDeveloperModeDynamicCodeTrust => "Enabled:Developer Mode Dynamic Code Trust",
+			OptionType.EnabledAllowSupplementalPolicies => "Enabled:Allow Supplemental Policies",
+			OptionType.DisabledRuntimeFilePathRuleProtection => "Disabled:Runtime FilePath Rule Protection",
+			OptionType.EnabledRevokedExpiredAsUnsigned => "Enabled:Revoked Expired As Unsigned",
+			OptionType.EnabledAuditMode => "Enabled:Audit Mode",
+			OptionType.DisabledFlightSigning => "Disabled:Flight Signing",
+			OptionType.EnabledInheritDefaultPolicy => "Enabled:Inherit Default Policy",
+			OptionType.EnabledUnsignedSystemIntegrityPolicy => "Enabled:Unsigned System Integrity Policy",
+			OptionType.EnabledDynamicCodeSecurity => "Enabled:Dynamic Code Security",
+			OptionType.RequiredEVSigners => "Required:EV Signers",
+			OptionType.EnabledBootAuditOnFailure => "Enabled:Boot Audit On Failure",
+			OptionType.EnabledAdvancedBootOptionsMenu => "Enabled:Advanced Boot Options Menu",
+			OptionType.DisabledScriptEnforcement => "Disabled:Script Enforcement",
+			OptionType.RequiredEnforceStoreApplications => "Required:Enforce Store Applications",
+			OptionType.EnabledSecureSettingPolicy => "Enabled:Secure Setting Policy",
+			OptionType.EnabledManagedInstaller => "Enabled:Managed Installer",
+			OptionType.EnabledUpdatePolicyNoReboot => "Enabled:Update Policy No Reboot",
+			OptionType.EnabledConditionalWindowsLockdownPolicy => "Enabled:Conditional Windows Lockdown Policy",
+			_ => option.ToString(),
+		};
+	}
+
+	// Helper for PolicyType conversion
+	private static string ConvertPolicyType(PolicyType pt)
+	{
+		return pt switch
+		{
+			PolicyType.BasePolicy => "Base Policy",
+			PolicyType.SupplementalPolicy => "Supplemental Policy",
+			PolicyType.AppIDTaggingPolicy => "AppID Tagging Policy",
+			_ => throw new InvalidOperationException("Unknown PolicyType")
+		};
+	}
+
+	// FileRules Helpers
+	private static void AppendAllow(XmlDocument doc, XmlElement parent, Allow allow)
+	{
+		XmlElement element = doc.CreateElement("Allow", GlobalVars.SiPolicyNamespace);
+		if (!string.IsNullOrEmpty(allow.ID)) element.SetAttribute("ID", allow.ID);
+		if (!string.IsNullOrEmpty(allow.FriendlyName)) element.SetAttribute("FriendlyName", allow.FriendlyName);
+		if (!string.IsNullOrEmpty(allow.FileName)) element.SetAttribute("FileName", allow.FileName);
+		if (!string.IsNullOrEmpty(allow.InternalName)) element.SetAttribute("InternalName", allow.InternalName);
+		if (!string.IsNullOrEmpty(allow.FileDescription)) element.SetAttribute("FileDescription", allow.FileDescription);
+		if (!string.IsNullOrEmpty(allow.ProductName)) element.SetAttribute("ProductName", allow.ProductName);
+		if (!string.IsNullOrEmpty(allow.PackageFamilyName)) element.SetAttribute("PackageFamilyName", allow.PackageFamilyName);
+		if (!string.IsNullOrEmpty(allow.PackageVersion)) element.SetAttribute("PackageVersion", allow.PackageVersion);
+		if (!string.IsNullOrEmpty(allow.MinimumFileVersion)) element.SetAttribute("MinimumFileVersion", allow.MinimumFileVersion);
+		if (!string.IsNullOrEmpty(allow.MaximumFileVersion)) element.SetAttribute("MaximumFileVersion", allow.MaximumFileVersion);
+		if (allow.Hash is { Length: > 0 }) element.SetAttribute("Hash", ConvertByteArrayToHex(allow.Hash));
+		if (!string.IsNullOrEmpty(allow.AppIDs)) element.SetAttribute("AppIDs", allow.AppIDs);
+		if (!string.IsNullOrEmpty(allow.FilePath)) element.SetAttribute("FilePath", allow.FilePath);
+		_ = parent.AppendChild(element);
+	}
+
+	private static void AppendDeny(XmlDocument doc, XmlElement parent, Deny deny)
+	{
+		XmlElement element = doc.CreateElement("Deny", GlobalVars.SiPolicyNamespace);
+		if (!string.IsNullOrEmpty(deny.ID)) element.SetAttribute("ID", deny.ID);
+		if (!string.IsNullOrEmpty(deny.FriendlyName)) element.SetAttribute("FriendlyName", deny.FriendlyName);
+		if (!string.IsNullOrEmpty(deny.FileName)) element.SetAttribute("FileName", deny.FileName);
+		if (!string.IsNullOrEmpty(deny.InternalName)) element.SetAttribute("InternalName", deny.InternalName);
+		if (!string.IsNullOrEmpty(deny.FileDescription)) element.SetAttribute("FileDescription", deny.FileDescription);
+		if (!string.IsNullOrEmpty(deny.ProductName)) element.SetAttribute("ProductName", deny.ProductName);
+		if (!string.IsNullOrEmpty(deny.PackageFamilyName)) element.SetAttribute("PackageFamilyName", deny.PackageFamilyName);
+		if (!string.IsNullOrEmpty(deny.PackageVersion)) element.SetAttribute("PackageVersion", deny.PackageVersion);
+		if (!string.IsNullOrEmpty(deny.MinimumFileVersion)) element.SetAttribute("MinimumFileVersion", deny.MinimumFileVersion);
+		if (!string.IsNullOrEmpty(deny.MaximumFileVersion)) element.SetAttribute("MaximumFileVersion", deny.MaximumFileVersion);
+		if (deny.Hash is { Length: > 0 }) element.SetAttribute("Hash", ConvertByteArrayToHex(deny.Hash));
+		if (!string.IsNullOrEmpty(deny.AppIDs)) element.SetAttribute("AppIDs", deny.AppIDs);
+		if (!string.IsNullOrEmpty(deny.FilePath)) element.SetAttribute("FilePath", deny.FilePath);
+		_ = parent.AppendChild(element);
+	}
+
+	private static void AppendFileAttrib(XmlDocument doc, XmlElement parent, FileAttrib fileAttrib)
+	{
+		XmlElement element = doc.CreateElement("FileAttrib", GlobalVars.SiPolicyNamespace);
+		if (!string.IsNullOrEmpty(fileAttrib.ID)) element.SetAttribute("ID", fileAttrib.ID);
+		if (!string.IsNullOrEmpty(fileAttrib.FriendlyName)) element.SetAttribute("FriendlyName", fileAttrib.FriendlyName);
+		if (!string.IsNullOrEmpty(fileAttrib.FileName)) element.SetAttribute("FileName", fileAttrib.FileName);
+		if (!string.IsNullOrEmpty(fileAttrib.InternalName)) element.SetAttribute("InternalName", fileAttrib.InternalName);
+		if (!string.IsNullOrEmpty(fileAttrib.FileDescription)) element.SetAttribute("FileDescription", fileAttrib.FileDescription);
+		if (!string.IsNullOrEmpty(fileAttrib.ProductName)) element.SetAttribute("ProductName", fileAttrib.ProductName);
+		if (!string.IsNullOrEmpty(fileAttrib.PackageFamilyName)) element.SetAttribute("PackageFamilyName", fileAttrib.PackageFamilyName);
+		if (!string.IsNullOrEmpty(fileAttrib.PackageVersion)) element.SetAttribute("PackageVersion", fileAttrib.PackageVersion);
+		if (!string.IsNullOrEmpty(fileAttrib.MinimumFileVersion)) element.SetAttribute("MinimumFileVersion", fileAttrib.MinimumFileVersion);
+		if (!string.IsNullOrEmpty(fileAttrib.MaximumFileVersion)) element.SetAttribute("MaximumFileVersion", fileAttrib.MaximumFileVersion);
+		if (fileAttrib.Hash is { Length: > 0 }) element.SetAttribute("Hash", ConvertByteArrayToHex(fileAttrib.Hash));
+		if (!string.IsNullOrEmpty(fileAttrib.AppIDs)) element.SetAttribute("AppIDs", fileAttrib.AppIDs);
+		if (!string.IsNullOrEmpty(fileAttrib.FilePath)) element.SetAttribute("FilePath", fileAttrib.FilePath);
+		_ = parent.AppendChild(element);
+	}
+
+	private static void AppendFileRule(XmlDocument doc, XmlElement parent, FileRule fileRule)
+	{
+		XmlElement element = doc.CreateElement("FileRule", GlobalVars.SiPolicyNamespace);
+		if (!string.IsNullOrEmpty(fileRule.ID)) element.SetAttribute("ID", fileRule.ID);
+		if (!string.IsNullOrEmpty(fileRule.FriendlyName)) element.SetAttribute("FriendlyName", fileRule.FriendlyName);
+		if (!string.IsNullOrEmpty(fileRule.FileName)) element.SetAttribute("FileName", fileRule.FileName);
+		if (!string.IsNullOrEmpty(fileRule.InternalName)) element.SetAttribute("InternalName", fileRule.InternalName);
+		if (!string.IsNullOrEmpty(fileRule.FileDescription)) element.SetAttribute("FileDescription", fileRule.FileDescription);
+		if (!string.IsNullOrEmpty(fileRule.ProductName)) element.SetAttribute("ProductName", fileRule.ProductName);
+		if (!string.IsNullOrEmpty(fileRule.PackageFamilyName)) element.SetAttribute("PackageFamilyName", fileRule.PackageFamilyName);
+		if (!string.IsNullOrEmpty(fileRule.PackageVersion)) element.SetAttribute("PackageVersion", fileRule.PackageVersion);
+		if (!string.IsNullOrEmpty(fileRule.MinimumFileVersion)) element.SetAttribute("MinimumFileVersion", fileRule.MinimumFileVersion);
+		if (!string.IsNullOrEmpty(fileRule.MaximumFileVersion)) element.SetAttribute("MaximumFileVersion", fileRule.MaximumFileVersion);
+		if (fileRule.Hash is { Length: > 0 }) element.SetAttribute("Hash", ConvertByteArrayToHex(fileRule.Hash));
+		if (!string.IsNullOrEmpty(fileRule.AppIDs)) element.SetAttribute("AppIDs", fileRule.AppIDs);
+		if (!string.IsNullOrEmpty(fileRule.FilePath)) element.SetAttribute("FilePath", fileRule.FilePath);
+		element.SetAttribute("Type", fileRule.Type.ToString());
+		_ = parent.AppendChild(element);
+	}
+
+	// Signers Group Helpers
+	private static void AppendProductSigners(XmlDocument doc, XmlElement parent, ProductSigners ps)
+	{
+		if (ps.AllowedSigners is not null)
+		{
+			XmlElement allowedElement = doc.CreateElement("AllowedSigners", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(ps.AllowedSigners.Workaround))
+				allowedElement.SetAttribute("Workaround", ps.AllowedSigners.Workaround);
+			if (ps.AllowedSigners.AllowedSigner is not null)
+			{
+				foreach (AllowedSigner aSigner in ps.AllowedSigners.AllowedSigner)
+				{
+					XmlElement aSignerElement = doc.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(aSigner.SignerId))
+						aSignerElement.SetAttribute("SignerId", aSigner.SignerId);
+					if (aSigner.ExceptDenyRule is not null)
+					{
+						foreach (ExceptDenyRule rule in aSigner.ExceptDenyRule)
+						{
+							XmlElement ruleElem = doc.CreateElement("ExceptDenyRule", GlobalVars.SiPolicyNamespace);
+							if (!string.IsNullOrEmpty(rule.DenyRuleID))
+								ruleElem.SetAttribute("DenyRuleID", rule.DenyRuleID);
+							_ = aSignerElement.AppendChild(ruleElem);
+						}
+					}
+					_ = allowedElement.AppendChild(aSignerElement);
+				}
+			}
+			_ = parent.AppendChild(allowedElement);
+		}
+		if (ps.DeniedSigners is not null)
+		{
+			XmlElement deniedElement = doc.CreateElement("DeniedSigners", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(ps.DeniedSigners.Workaround))
+				deniedElement.SetAttribute("Workaround", ps.DeniedSigners.Workaround);
+			if (ps.DeniedSigners.DeniedSigner is not null)
+			{
+				foreach (DeniedSigner dSigner in ps.DeniedSigners.DeniedSigner)
+				{
+					XmlElement dSignerElement = doc.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(dSigner.SignerId))
+						dSignerElement.SetAttribute("SignerId", dSigner.SignerId);
+					if (dSigner.ExceptAllowRule is not null)
+					{
+						foreach (ExceptAllowRule rule in dSigner.ExceptAllowRule)
+						{
+							XmlElement ruleElem = doc.CreateElement("ExceptAllowRule", GlobalVars.SiPolicyNamespace);
+							if (!string.IsNullOrEmpty(rule.AllowRuleID))
+								ruleElem.SetAttribute("AllowRuleID", rule.AllowRuleID);
+							_ = dSignerElement.AppendChild(ruleElem);
+						}
+					}
+					_ = deniedElement.AppendChild(dSignerElement);
+				}
+			}
+			_ = parent.AppendChild(deniedElement);
+		}
+		if (ps.FileRulesRef is not null)
+		{
+			XmlElement fileRulesRefElement = doc.CreateElement("FileRulesRef", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(ps.FileRulesRef.Workaround))
+				fileRulesRefElement.SetAttribute("Workaround", ps.FileRulesRef.Workaround);
+			if (ps.FileRulesRef.FileRuleRef is not null)
+			{
+				foreach (FileRuleRef fr in ps.FileRulesRef.FileRuleRef)
+				{
+					XmlElement frElement = doc.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(fr.RuleID))
+						frElement.SetAttribute("RuleID", fr.RuleID);
+					_ = fileRulesRefElement.AppendChild(frElement);
+				}
+			}
+			_ = parent.AppendChild(fileRulesRefElement);
+		}
+	}
+
+	private static void AppendTestSigners(XmlDocument doc, XmlElement parent, TestSigners ts)
+	{
+		if (ts.AllowedSigners is not null)
+		{
+			XmlElement allowedElement = doc.CreateElement("AllowedSigners", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(ts.AllowedSigners.Workaround))
+				allowedElement.SetAttribute("Workaround", ts.AllowedSigners.Workaround);
+			if (ts.AllowedSigners.AllowedSigner is not null)
+			{
+				foreach (AllowedSigner aSigner in ts.AllowedSigners.AllowedSigner)
+				{
+					XmlElement aSignerElement = doc.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(aSigner.SignerId))
+						aSignerElement.SetAttribute("SignerId", aSigner.SignerId);
+					if (aSigner.ExceptDenyRule is not null)
+					{
+						foreach (ExceptDenyRule rule in aSigner.ExceptDenyRule)
+						{
+							XmlElement ruleElem = doc.CreateElement("ExceptDenyRule", GlobalVars.SiPolicyNamespace);
+							if (!string.IsNullOrEmpty(rule.DenyRuleID))
+								ruleElem.SetAttribute("DenyRuleID", rule.DenyRuleID);
+							_ = aSignerElement.AppendChild(ruleElem);
+						}
+					}
+					_ = allowedElement.AppendChild(aSignerElement);
+				}
+			}
+			_ = parent.AppendChild(allowedElement);
+		}
+		if (ts.DeniedSigners is not null)
+		{
+			XmlElement deniedElement = doc.CreateElement("DeniedSigners", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(ts.DeniedSigners.Workaround))
+				deniedElement.SetAttribute("Workaround", ts.DeniedSigners.Workaround);
+			if (ts.DeniedSigners.DeniedSigner is not null)
+			{
+				foreach (DeniedSigner dSigner in ts.DeniedSigners.DeniedSigner)
+				{
+					XmlElement dSignerElement = doc.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(dSigner.SignerId))
+						dSignerElement.SetAttribute("SignerId", dSigner.SignerId);
+					if (dSigner.ExceptAllowRule is not null)
+					{
+						foreach (ExceptAllowRule rule in dSigner.ExceptAllowRule)
+						{
+							XmlElement ruleElem = doc.CreateElement("ExceptAllowRule", GlobalVars.SiPolicyNamespace);
+							if (!string.IsNullOrEmpty(rule.AllowRuleID))
+								ruleElem.SetAttribute("AllowRuleID", rule.AllowRuleID);
+							_ = dSignerElement.AppendChild(ruleElem);
+						}
+					}
+					_ = deniedElement.AppendChild(dSignerElement);
+				}
+			}
+			_ = parent.AppendChild(deniedElement);
+		}
+		if (ts.FileRulesRef is not null)
+		{
+			XmlElement fileRulesRefElement = doc.CreateElement("FileRulesRef", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(ts.FileRulesRef.Workaround))
+				fileRulesRefElement.SetAttribute("Workaround", ts.FileRulesRef.Workaround);
+			if (ts.FileRulesRef.FileRuleRef is not null)
+			{
+				foreach (FileRuleRef fr in ts.FileRulesRef.FileRuleRef)
+				{
+					XmlElement frElement = doc.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(fr.RuleID))
+						frElement.SetAttribute("RuleID", fr.RuleID);
+					_ = fileRulesRefElement.AppendChild(frElement);
+				}
+			}
+			_ = parent.AppendChild(fileRulesRefElement);
+		}
+	}
+
+	private static void AppendTestSigningSigners(XmlDocument doc, XmlElement parent, TestSigningSigners tss)
+	{
+		if (tss.AllowedSigners is not null)
+		{
+			XmlElement allowedElement = doc.CreateElement("AllowedSigners", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(tss.AllowedSigners.Workaround))
+				allowedElement.SetAttribute("Workaround", tss.AllowedSigners.Workaround);
+			if (tss.AllowedSigners.AllowedSigner is not null)
+			{
+				foreach (AllowedSigner aSigner in tss.AllowedSigners.AllowedSigner)
+				{
+					XmlElement aSignerElement = doc.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(aSigner.SignerId))
+						aSignerElement.SetAttribute("SignerId", aSigner.SignerId);
+					if (aSigner.ExceptDenyRule is not null)
+					{
+						foreach (ExceptDenyRule rule in aSigner.ExceptDenyRule)
+						{
+							XmlElement ruleElem = doc.CreateElement("ExceptDenyRule", GlobalVars.SiPolicyNamespace);
+							if (!string.IsNullOrEmpty(rule.DenyRuleID))
+								ruleElem.SetAttribute("DenyRuleID", rule.DenyRuleID);
+							_ = aSignerElement.AppendChild(ruleElem);
+						}
+					}
+					_ = allowedElement.AppendChild(aSignerElement);
+				}
+			}
+			_ = parent.AppendChild(allowedElement);
+		}
+		if (tss.DeniedSigners is not null)
+		{
+			XmlElement deniedElement = doc.CreateElement("DeniedSigners", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(tss.DeniedSigners.Workaround))
+				deniedElement.SetAttribute("Workaround", tss.DeniedSigners.Workaround);
+			if (tss.DeniedSigners.DeniedSigner is not null)
+			{
+				foreach (DeniedSigner dSigner in tss.DeniedSigners.DeniedSigner)
+				{
+					XmlElement dSignerElement = doc.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(dSigner.SignerId))
+						dSignerElement.SetAttribute("SignerId", dSigner.SignerId);
+					if (dSigner.ExceptAllowRule is not null)
+					{
+						foreach (ExceptAllowRule rule in dSigner.ExceptAllowRule)
+						{
+							XmlElement ruleElem = doc.CreateElement("ExceptAllowRule", GlobalVars.SiPolicyNamespace);
+							if (!string.IsNullOrEmpty(rule.AllowRuleID))
+								ruleElem.SetAttribute("AllowRuleID", rule.AllowRuleID);
+							_ = dSignerElement.AppendChild(ruleElem);
+						}
+					}
+					_ = deniedElement.AppendChild(dSignerElement);
+				}
+			}
+			_ = parent.AppendChild(deniedElement);
+		}
+		if (tss.FileRulesRef is not null)
+		{
+			XmlElement fileRulesRefElement = doc.CreateElement("FileRulesRef", GlobalVars.SiPolicyNamespace);
+			if (!string.IsNullOrEmpty(tss.FileRulesRef.Workaround))
+				fileRulesRefElement.SetAttribute("Workaround", tss.FileRulesRef.Workaround);
+			if (tss.FileRulesRef.FileRuleRef is not null)
+			{
+				foreach (FileRuleRef fr in tss.FileRulesRef.FileRuleRef)
+				{
+					XmlElement frElement = doc.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
+					if (!string.IsNullOrEmpty(fr.RuleID))
+						frElement.SetAttribute("RuleID", fr.RuleID);
+					_ = fileRulesRefElement.AppendChild(frElement);
+				}
+			}
+			_ = parent.AppendChild(fileRulesRefElement);
+		}
+	}
+
+	// Utility Helpers
+	private static void AppendTextElement(XmlDocument doc, XmlElement parent, string name, string? value)
+	{
+		if (!string.IsNullOrEmpty(value))
+		{
+			XmlElement element = doc.CreateElement(name, GlobalVars.SiPolicyNamespace);
+			element.InnerText = value;
+			_ = parent.AppendChild(element);
+		}
+	}
+
+	private static void AppendAttributeElement(XmlDocument doc, XmlElement parent, string name, string attribute, string? value)
+	{
+		if (!string.IsNullOrEmpty(value))
+		{
+			XmlElement element = doc.CreateElement(name, GlobalVars.SiPolicyNamespace);
+			element.SetAttribute(attribute, value);
+			_ = parent.AppendChild(element);
+		}
+	}
+
+	private static string ConvertByteArrayToHex(byte[]? data)
+	{
+		return data is not null ? string.Concat(data.Select(x => x.ToString("X2"))) : string.Empty;
+	}
+}
diff --git a/AppControl Manager/SiPolicy/Management.cs b/AppControl Manager/SiPolicy/Management.cs
index ef466114e..339c1f6fc 100644
--- a/AppControl Manager/SiPolicy/Management.cs	
+++ b/AppControl Manager/SiPolicy/Management.cs	
@@ -1,7 +1,7 @@
 using System;
 using System.Xml;
-using System.Xml.Serialization;
 using AppControlManager.Main;
+using AppControlManager.XMLOps;
 
 namespace AppControlManager.SiPolicy;
 
@@ -11,6 +11,7 @@ internal static class Management
 	/// <summary>
 	/// This class uses the auto-generated code from the XSD schema to initialize the SiPolicy object
 	/// By accepting a string path to a valid XML file
+	/// Native AOT/Trimming compatible
 	///
 	/// Generated by the following command:
 	/// . "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\x64\xsd.exe" "C:\Windows\schemas\CodeIntegrity\cipolicy.xsd" /classes /namespace:AppControlManager.SiPolicy /language:CS
@@ -25,6 +26,7 @@ internal static SiPolicy Initialize(string xmlFilePath)
 			throw new InvalidOperationException($"The XML file '{xmlFilePath}' is not compliant with the CI policy schema");
 		}
 
+		/*
 
 		XmlSerializer serializer = new(typeof(SiPolicy));
 
@@ -45,60 +47,34 @@ internal static SiPolicy Initialize(string xmlFilePath)
 
 		return policy;
 
-	}
+		*/
 
+		return CustomDeserialization.DeserializeSiPolicy(xmlFilePath);
+	}
 
 
 	/// <summary>
-	/// An overload of the primary method, accepts XmlDocument instead of file path
+	/// Saves the SiPolicy object to a XML file.
+	/// Uses custom hand made serialization logic that is compatible with Native AOT compilation
 	/// </summary>
-	/// <param name="xmlDocument"></param>
-	/// <returns></returns>
-	/// <exception cref="InvalidOperationException"></exception>
-	internal static SiPolicy Initialize(XmlDocument xmlDocument)
+	/// <param name="policy"></param>
+	/// <param name="filePath"></param>
+	internal static void SavePolicyToFile(SiPolicy policy, string filePath)
 	{
 
-		// Create the XmlSerializer for the SiPolicy type
-		XmlSerializer serializer = new(typeof(SiPolicy));
-
-		// Configure XmlReaderSettings for secure processing
-		XmlReaderSettings settings = new()
-		{
-			DtdProcessing = DtdProcessing.Prohibit, // Disable DTD processing to avoid external entity attacks
-			XmlResolver = null,                     // Prevent external entity resolution
-			Async = true                            // Enable asynchronous reading
-		};
-
-
-		// Create an XmlReader from the XmlDocument to read it securely
-		using XmlNodeReader xml = new(xmlDocument);
-
-		using XmlReader reader = XmlReader.Create(xml, settings);
-
-		// Deserialize the XML data into an instance of SiPolicy
-		if (serializer.Deserialize(reader) is not SiPolicy policy)
-		{
-			throw new InvalidOperationException("Could not instantiate the SiPolicy from the provided XML document.");
-		}
+		XmlDocument xmlObj = CustomSerialization.CreateXmlFromSiPolicy(policy);
 
-		// Return the deserialized SiPolicy object
-		return policy;
-	}
+		xmlObj.Save(filePath);
 
+		CloseEmptyXmlNodesSemantic.Close(filePath);
 
+		/*
 
-	/// <summary>
-	/// Saves the SiPolicy object to a XML file
-	/// </summary>
-	/// <param name="policy"></param>
-	/// <param name="filePath"></param>
-	internal static void SavePolicyToFile(SiPolicy policy, string filePath)
-	{
 		XmlSerializer serializer = new(typeof(SiPolicy));
 
 		// Create XmlSerializerNamespaces to include only the desired namespace
 		XmlSerializerNamespaces namespaces = new();
-		namespaces.Add(string.Empty, "urn:schemas-microsoft-com:sipolicy"); // Default namespace without prefix
+		namespaces.Add(string.Empty, GlobalVars.SiPolicyNamespace); // Default namespace without prefix
 
 		XmlWriterSettings settings = new()
 		{
@@ -111,7 +87,14 @@ internal static void SavePolicyToFile(SiPolicy policy, string filePath)
 
 		using XmlWriter writer = XmlWriter.Create(filePath, settings);
 		serializer.Serialize(writer, policy, namespaces);
-	}
 
+		*/
+
+		if (!CiPolicyTest.TestCiPolicy(filePath))
+		{
+			throw new InvalidOperationException($"The XML file '{filePath}' created at the end is not compliant with the CI policy schema");
+		}
+
+	}
 
 }
diff --git a/AppControl Manager/SiPolicy/Merger.cs b/AppControl Manager/SiPolicy/Merger.cs
index 388c9fa63..29807d0c1 100644
--- a/AppControl Manager/SiPolicy/Merger.cs	
+++ b/AppControl Manager/SiPolicy/Merger.cs	
@@ -1,6 +1,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Xml.Linq;
+using AppControlManager.Others;
 using AppControlManager.SiPolicyIntel;
 using AppControlManager.XMLOps;
 
@@ -8,7 +9,7 @@ namespace AppControlManager.SiPolicy;
 
 
 /// <summary>
-/// !!!! EXTRA information regarding the overall merge operation and what needs to happen !!!!
+/// --- EXTRA information regarding the overall merge operation and what needs to happen ---
 ///
 /// The FilePublisher and Publisher Signers in an XML file must be based on their TBS, Name, and/or CertPublisher values.
 /// For each FilePublisher signer, if two signers are found with the same TBS, Name, and CertPublisher, only one of them shall be kept, and their FileAttribRefs shall be merged.
@@ -67,21 +68,21 @@ internal static void Merge(string mainXmlFilePath, HashSet<string> otherXmlFileP
 		SignerCollection signerCollection = Factory.CollectSignerRules(allPolicies);
 
 		// Get all of the EKUs from rule types that generate it
-		IEnumerable<EKU> ekusToUse = signerCollection.WHQLFilePublishers.SelectMany(x => x.Ekus).Concat(signerCollection.WHQLPublishers.SelectMany(x => x.Ekus));
+		IEnumerable<EKU> ekusToUse = signerCollection.WHQLFilePublishers.SelectMany(x => x.Ekus).Concat(signerCollection.WHQLPublishers.SelectMany(x => x.Ekus)).Where(x => x is not null);
 
 		// Get all FileRules that go to <FileRules>
 		IEnumerable<object> fileRules = allowRules.Select(x => x.AllowElement).Cast<object>().
 			Concat(denyRules.Select(x => x.DenyElement)).
 			Concat(signerCollection.FilePublisherSigners.SelectMany(x => x.FileAttribElements)).
-			Concat(signerCollection.WHQLFilePublishers.SelectMany(x => x.FileAttribElements));
+			Concat(signerCollection.WHQLFilePublishers.SelectMany(x => x.FileAttribElements)).Where(x => x is not null);
 
 		// Get all FileRuleRefs - User Mode - that go to <FileRulesRef> in ProductSigners
 		IEnumerable<FileRuleRef> userModeFileRulesRefs = allowRules.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.FileRuleRefElement).
-			Concat(denyRules.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.FileRuleRefElement));
+			Concat(denyRules.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.FileRuleRefElement)).Where(x => x is not null);
 
 		// Get all FileRuleRefs - Kernel Mode - that go to <FileRulesRef> in ProductSigners
 		IEnumerable<FileRuleRef> kernelModeFileRulesRefs = allowRules.Where(x => x.SigningScenario is SSType.KernelMode).Select(x => x.FileRuleRefElement).
-			Concat(denyRules.Where(x => x.SigningScenario is SSType.KernelMode).Select(x => x.FileRuleRefElement));
+			Concat(denyRules.Where(x => x.SigningScenario is SSType.KernelMode).Select(x => x.FileRuleRefElement)).Where(x => x is not null);
 
 		// Get all Signers
 		IEnumerable<Signer> signers = signerCollection.FilePublisherSigners.Select(x => x.SignerElement).
@@ -89,13 +90,13 @@ internal static void Merge(string mainXmlFilePath, HashSet<string> otherXmlFileP
 			Concat(signerCollection.WHQLPublishers.Select(x => x.SignerElement)).
 			Concat(signerCollection.SignerRules.Select(x => x.SignerElement)).
 			Concat(signerCollection.SupplementalPolicySigners.Select(x => x.SignerElement)).
-			Concat(signerCollection.UpdatePolicySigners.Select(x => x.SignerElement));
+			Concat(signerCollection.UpdatePolicySigners.Select(x => x.SignerElement)).Where(x => x is not null);
 
 		// Get all CiSigners
-		IEnumerable<CiSigner> ciSigners = signerCollection.WHQLPublishers.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement!).
-			Concat(signerCollection.WHQLFilePublishers.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement!).
-			Concat(signerCollection.SignerRules.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement!))).
-			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement!));
+		IEnumerable<CiSigner> ciSigners = signerCollection.WHQLPublishers.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement).
+			Concat(signerCollection.WHQLFilePublishers.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement).
+			Concat(signerCollection.SignerRules.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement))).
+			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.UserMode).Select(x => x.CiSignerElement)).Where(x => x is not null)!;
 
 
 		// Get any possible SigningScenario from XML1 (main)
@@ -111,30 +112,30 @@ internal static void Merge(string mainXmlFilePath, HashSet<string> otherXmlFileP
 		IEnumerable<AllowedSigner> userModeAllowedSigners = signerCollection.WHQLPublishers.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement).
 			Concat(signerCollection.WHQLFilePublishers.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement)).
 			Concat(signerCollection.SignerRules.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement)).
-			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement))!;
+			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement)).Where(x => x is not null)!;
 
 		// Get all of the DeniedSigners - User Mode
 		IEnumerable<DeniedSigner> userModeDeniedSigners = signerCollection.WHQLPublishers.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement).
 			Concat(signerCollection.WHQLFilePublishers.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement)).
 			Concat(signerCollection.SignerRules.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement)).
-			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement))!;
+			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.UserMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement)).Where(x => x is not null)!;
 
 		// Get all of the AllowedSigners - Kernel Mode
 		IEnumerable<AllowedSigner> kernelModeAllowedSigners = signerCollection.WHQLPublishers.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement).
 		  Concat(signerCollection.WHQLFilePublishers.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement)).
 		  Concat(signerCollection.SignerRules.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement)).
-		  Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement))!;
+		  Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Allow).Select(x => x.AllowedSignerElement)).Where(x => x is not null)!;
 
 		// Get all of the DeniedSigners - Kernel Mode
 		IEnumerable<DeniedSigner> kernelModeDeniedSigners = signerCollection.WHQLPublishers.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement).
 			Concat(signerCollection.WHQLFilePublishers.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement)).
 			Concat(signerCollection.SignerRules.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement)).
-			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement))!;
+			Concat(signerCollection.FilePublisherSigners.Where(x => x.SigningScenario is SSType.KernelMode && x.Auth is Authorization.Deny).Select(x => x.DeniedSignerElement)).Where(x => x is not null)!;
 
 
-		IEnumerable<SupplementalPolicySigner> supplementalPolicySignersCol = signerCollection.SupplementalPolicySigners.Where(x => x is not null).Select(x => x.SupplementalPolicySigner);
+		IEnumerable<SupplementalPolicySigner> supplementalPolicySignersCol = signerCollection.SupplementalPolicySigners.Where(x => x is not null).Select(x => x.SupplementalPolicySigner).Where(x => x is not null);
 
-		IEnumerable<UpdatePolicySigner> updatePolicySignersCol = signerCollection.UpdatePolicySigners.Where(x => x is not null).Select(x => x.UpdatePolicySigner);
+		IEnumerable<UpdatePolicySigner> updatePolicySignersCol = signerCollection.UpdatePolicySigners.Where(x => x is not null).Select(x => x.UpdatePolicySigner).Where(x => x is not null);
 
 
 		// Construct the User Mode Signing Scenario
@@ -168,8 +169,18 @@ internal static void Merge(string mainXmlFilePath, HashSet<string> otherXmlFileP
 			UMCISigningScenario.MinimumHashAlgorithm = mainXMLUserModeSigningScenario.MinimumHashAlgorithm;
 		}
 
-		UMCISigningScenario.InheritedScenarios = mainXMLUserModeSigningScenario?.InheritedScenarios;
-		UMCISigningScenario.AppIDTags = mainXMLUserModeSigningScenario?.AppIDTags;
+
+		if (mainXMLUserModeSigningScenario is { InheritedScenarios: not null })
+			UMCISigningScenario.InheritedScenarios = mainXMLUserModeSigningScenario.InheritedScenarios;
+
+		if (mainXMLUserModeSigningScenario is { AppIDTags: not null })
+			UMCISigningScenario.AppIDTags = mainXMLUserModeSigningScenario.AppIDTags;
+
+		if (mainXMLUserModeSigningScenario is { TestSigners: not null })
+			UMCISigningScenario.TestSigners = mainXMLUserModeSigningScenario.TestSigners;
+
+		if (mainXMLUserModeSigningScenario is { TestSigningSigners: not null })
+			UMCISigningScenario.TestSigningSigners = mainXMLUserModeSigningScenario.TestSigningSigners;
 
 
 		// Construct the Kernel Mode Signing Scenario
@@ -204,9 +215,17 @@ internal static void Merge(string mainXmlFilePath, HashSet<string> otherXmlFileP
 			KMCISigningScenario.MinimumHashAlgorithm = mainXMLKernelModeSigningScenario.MinimumHashAlgorithm;
 		}
 
-		KMCISigningScenario.InheritedScenarios = mainXMLKernelModeSigningScenario?.InheritedScenarios;
-		KMCISigningScenario.AppIDTags = mainXMLKernelModeSigningScenario?.AppIDTags;
+		if (mainXMLKernelModeSigningScenario is { InheritedScenarios: not null })
+			KMCISigningScenario.InheritedScenarios = mainXMLKernelModeSigningScenario.InheritedScenarios;
+
+		if (mainXMLKernelModeSigningScenario is { AppIDTags: not null })
+			KMCISigningScenario.AppIDTags = mainXMLKernelModeSigningScenario.AppIDTags;
+
+		if (mainXMLKernelModeSigningScenario is { TestSigners: not null })
+			KMCISigningScenario.TestSigners = mainXMLKernelModeSigningScenario.TestSigners;
 
+		if (mainXMLKernelModeSigningScenario is { TestSigningSigners: not null })
+			KMCISigningScenario.TestSigningSigners = mainXMLKernelModeSigningScenario.TestSigningSigners;
 
 
 		// Create the final policy data, it will replace the content in the main XML file
@@ -271,7 +290,7 @@ private static void EnsureUniqueEKUs(string xmlFilePath)
 	{
 		// Load the XML document
 		XDocument doc = XDocument.Load(xmlFilePath);
-		XNamespace ns = "urn:schemas-microsoft-com:sipolicy";
+		XNamespace ns = GlobalVars.SiPolicyNamespace;
 
 		// Get all EKU elements
 		List<XElement> ekuElements = [.. doc.Descendants(ns + "EKU")];
diff --git a/AppControl Manager/SimulationMethods/GetFileRuleOutput.cs b/AppControl Manager/SimulationMethods/GetFileRuleOutput.cs
index 808393cc0..fcd63d1d3 100644
--- a/AppControl Manager/SimulationMethods/GetFileRuleOutput.cs	
+++ b/AppControl Manager/SimulationMethods/GetFileRuleOutput.cs	
@@ -22,7 +22,7 @@ internal static HashSet<PolicyHashObj> Get(XmlDocument xml)
 
 		// Get the namespace manager
 		XmlNamespaceManager nsmgr = new(xml.NameTable);
-		nsmgr.AddNamespace("si", "urn:schemas-microsoft-com:sipolicy");
+		nsmgr.AddNamespace("si", GlobalVars.SiPolicyNamespace);
 
 		// Loop through each file rule in the XML file
 		XmlNodeList? fileRules = xml.SelectNodes("//si:FileRules/si:Allow", nsmgr);
diff --git a/AppControl Manager/XMLOps/NewCertificateSignerRules.cs b/AppControl Manager/XMLOps/NewCertificateSignerRules.cs
index 0826877ca..1f8771884 100644
--- a/AppControl Manager/XMLOps/NewCertificateSignerRules.cs	
+++ b/AppControl Manager/XMLOps/NewCertificateSignerRules.cs	
@@ -33,12 +33,12 @@ internal static void CreateAllow(string xmlFilePath, List<CertificateSignerCreat
 			string SignerID = $"ID_SIGNER_R_{guid}";
 
 			// Create the new Signer element
-			XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", GlobalVars.SiPolicyNamespace);
 			newSignerNode.SetAttribute("ID", SignerID);
 			newSignerNode.SetAttribute("Name", signer.SignerName);
 
 			// Create the CertRoot element and add it to the Signer element
-			XmlElement certRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement certRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", GlobalVars.SiPolicyNamespace);
 			certRootNode.SetAttribute("Type", "TBS");
 			certRootNode.SetAttribute("Value", signer.TBS);
 
@@ -52,13 +52,13 @@ internal static void CreateAllow(string xmlFilePath, List<CertificateSignerCreat
 			if (signer.SiSigningScenario is 1)
 			{
 				// Create Allowed Signers inside the <AllowedSigners> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement newAllowedSigner = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newAllowedSigner = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
 				newAllowedSigner.SetAttribute("SignerId", SignerID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_AllowedSigners_Node.AppendChild(newAllowedSigner);
 
 
 				// Create a CI Signer for the User Mode Signer
-				XmlElement newCiSigner = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newCiSigner = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", GlobalVars.SiPolicyNamespace);
 				newCiSigner.SetAttribute("SignerId", SignerID);
 				_ = codeIntegrityPolicy.CiSignersNode.AppendChild(newCiSigner);
 			}
@@ -67,7 +67,7 @@ internal static void CreateAllow(string xmlFilePath, List<CertificateSignerCreat
 			else if (signer.SiSigningScenario is 0)
 			{
 				// Create Allowed Signers inside the <AllowedSigners> -> <ProductSigners> -> <SigningScenario Value="131">
-				XmlElement newAllowedSigner = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newAllowedSigner = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
 				newAllowedSigner.SetAttribute("SignerId", SignerID);
 				_ = codeIntegrityPolicy.KMCI_ProductSigners_AllowedSigners_Node.AppendChild(newAllowedSigner);
 
diff --git a/AppControl Manager/XMLOps/NewFilePathRules.cs b/AppControl Manager/XMLOps/NewFilePathRules.cs
index fe9899cef..721d5089f 100644
--- a/AppControl Manager/XMLOps/NewFilePathRules.cs	
+++ b/AppControl Manager/XMLOps/NewFilePathRules.cs	
@@ -38,7 +38,7 @@ internal static void CreateAllow(string xmlFilePath, List<FilePathCreator> data)
 			string allowRuleID = $"ID_ALLOW_A_{guid}";
 
 			// Create a new Allow FilePath rule
-			XmlElement newFileRule = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newFileRule = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", GlobalVars.SiPolicyNamespace);
 			newFileRule.SetAttribute("ID", allowRuleID);
 			newFileRule.SetAttribute("FriendlyName", "File Path Rule");
 			newFileRule.SetAttribute("MinimumFileVersion", item.MinimumFileVersion);
@@ -50,7 +50,7 @@ internal static void CreateAllow(string xmlFilePath, List<FilePathCreator> data)
 			if (item.SiSigningScenario is 1)
 			{
 				// Create FileRuleRef inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement NewUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewUMCIFileRuleRefNode.SetAttribute("RuleID", allowRuleID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewUMCIFileRuleRefNode);
 			}
@@ -94,7 +94,7 @@ internal static void CreateDeny(string xmlFilePath, List<FilePathCreator> data)
 			string denyRuleID = $"ID_DENY_A_{guid}";
 
 			// Create a new Deny FilePath rule
-			XmlElement newFileRule = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newFileRule = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", GlobalVars.SiPolicyNamespace);
 			newFileRule.SetAttribute("ID", denyRuleID);
 			newFileRule.SetAttribute("FriendlyName", "File Path Rule");
 			newFileRule.SetAttribute("FilePath", item.FilePath);
@@ -105,7 +105,7 @@ internal static void CreateDeny(string xmlFilePath, List<FilePathCreator> data)
 			if (item.SiSigningScenario is 1)
 			{
 				// Create FileRuleRef inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement NewUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewUMCIFileRuleRefNode.SetAttribute("RuleID", denyRuleID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewUMCIFileRuleRefNode);
 			}
diff --git a/AppControl Manager/XMLOps/NewFilePublisherLevelRules.cs b/AppControl Manager/XMLOps/NewFilePublisherLevelRules.cs
index 52623326b..2dbea7821 100644
--- a/AppControl Manager/XMLOps/NewFilePublisherLevelRules.cs	
+++ b/AppControl Manager/XMLOps/NewFilePublisherLevelRules.cs	
@@ -38,7 +38,7 @@ internal static void CreateAllow(string xmlFilePath, List<FilePublisherSignerCre
 
 			#region Creating File <FileAttrib> node
 
-			XmlElement newFileAttribNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttrib", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newFileAttribNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttrib", GlobalVars.SiPolicyNamespace);
 			newFileAttribNode.SetAttribute("ID", FileAttribID);
 			newFileAttribNode.SetAttribute("FriendlyName", filePublisherData.FileName);
 
@@ -87,23 +87,23 @@ internal static void CreateAllow(string xmlFilePath, List<FilePublisherSignerCre
 				string signerID = $"ID_SIGNER_A_{guid2}";
 
 				// Create the new Signer element
-				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", GlobalVars.SiPolicyNamespace);
 				newSignerNode.SetAttribute("ID", signerID);
 				newSignerNode.SetAttribute("Name", signerData.IntermediateCertName);
 
 				// Create the CertRoot element and add it to the Signer element
-				XmlElement newCertRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newCertRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", GlobalVars.SiPolicyNamespace);
 				newCertRootNode.SetAttribute("Type", "TBS");
 				newCertRootNode.SetAttribute("Value", signerData.IntermediateCertTBS);
 				_ = newSignerNode.AppendChild(newCertRootNode);
 
 				// Create the CertPublisher element and add it to the Signer element
-				XmlElement newCertPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newCertPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", GlobalVars.SiPolicyNamespace);
 				newCertPublisherNode.SetAttribute("Value", signerData.LeafCertName);
 				_ = newSignerNode.AppendChild(newCertPublisherNode);
 
 				// Create the FileAttribRef element and add it to the Signer element
-				XmlElement newFileAttribRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttribRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newFileAttribRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttribRef", GlobalVars.SiPolicyNamespace);
 				newFileAttribRefNode.SetAttribute("RuleID", FileAttribID);
 				_ = newSignerNode.AppendChild(newFileAttribRefNode);
 
@@ -118,12 +118,12 @@ internal static void CreateAllow(string xmlFilePath, List<FilePublisherSignerCre
 				{
 
 					// Create Allowed Signers inside the <AllowedSigners> -> <ProductSigners> -> <SigningScenario Value="12">
-					XmlElement newUMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newUMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
 					newUMCIAllowedSignerNode.SetAttribute("SignerId", signerID);
 					_ = codeIntegrityPolicy.UMCI_ProductSigners_AllowedSigners_Node.AppendChild(newUMCIAllowedSignerNode);
 
 					// Create a CI Signer for the User Mode Signer
-					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", GlobalVars.SiPolicyNamespace);
 					newCiSignerNode.SetAttribute("SignerId", signerID);
 					_ = codeIntegrityPolicy.CiSignersNode.AppendChild(newCiSignerNode);
 
@@ -134,7 +134,7 @@ internal static void CreateAllow(string xmlFilePath, List<FilePublisherSignerCre
 				{
 
 					// Create Allowed Signers inside the <AllowedSigners> -> <ProductSigners> -> <SigningScenario Value="131">
-					XmlElement newKMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newKMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
 					newKMCIAllowedSignerNode.SetAttribute("SignerId", signerID);
 					_ = codeIntegrityPolicy.KMCI_ProductSigners_AllowedSigners_Node.AppendChild(newKMCIAllowedSignerNode);
 
@@ -181,7 +181,7 @@ internal static void CreateDeny(string xmlFilePath, List<FilePublisherSignerCrea
 
 			#region Creating File <FileAttrib> node
 
-			XmlElement newFileAttribNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttrib", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newFileAttribNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttrib", GlobalVars.SiPolicyNamespace);
 			newFileAttribNode.SetAttribute("ID", FileAttribID);
 			newFileAttribNode.SetAttribute("FriendlyName", filePublisherData.FileName);
 
@@ -230,23 +230,23 @@ internal static void CreateDeny(string xmlFilePath, List<FilePublisherSignerCrea
 				string signerID = $"ID_SIGNER_A_{guid2}";
 
 				// Create the new Signer element
-				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", GlobalVars.SiPolicyNamespace);
 				newSignerNode.SetAttribute("ID", signerID);
 				newSignerNode.SetAttribute("Name", signerData.IntermediateCertName);
 
 				// Create the CertRoot element and add it to the Signer element
-				XmlElement newCertRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newCertRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", GlobalVars.SiPolicyNamespace);
 				newCertRootNode.SetAttribute("Type", "TBS");
 				newCertRootNode.SetAttribute("Value", signerData.IntermediateCertTBS);
 				_ = newSignerNode.AppendChild(newCertRootNode);
 
 				// Create the CertPublisher element and add it to the Signer element
-				XmlElement newCertPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newCertPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", GlobalVars.SiPolicyNamespace);
 				newCertPublisherNode.SetAttribute("Value", signerData.LeafCertName);
 				_ = newSignerNode.AppendChild(newCertPublisherNode);
 
 				// Create the FileAttribRef element and add it to the Signer element
-				XmlElement newFileAttribRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttribRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newFileAttribRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileAttribRef", GlobalVars.SiPolicyNamespace);
 				newFileAttribRefNode.SetAttribute("RuleID", FileAttribID);
 				_ = newSignerNode.AppendChild(newFileAttribRefNode);
 
@@ -261,12 +261,12 @@ internal static void CreateDeny(string xmlFilePath, List<FilePublisherSignerCrea
 				{
 
 					// Create Denied Signers inside the <DeniedSigners> -> <ProductSigners> -> <SigningScenario Value="12">
-					XmlElement newUMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newUMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
 					newUMCIDeniedSignerNode.SetAttribute("SignerId", signerID);
 					_ = codeIntegrityPolicy.UMCI_ProductSigners_DeniedSigners_Node.AppendChild(newUMCIDeniedSignerNode);
 
 					// Create a CI Signer for the User Mode Signer
-					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", GlobalVars.SiPolicyNamespace);
 					newCiSignerNode.SetAttribute("SignerId", signerID);
 					_ = codeIntegrityPolicy.CiSignersNode.AppendChild(newCiSignerNode);
 
@@ -277,7 +277,7 @@ internal static void CreateDeny(string xmlFilePath, List<FilePublisherSignerCrea
 				{
 
 					// Create Denied Signers inside the <DeniedSigners> -> <ProductSigners> -> <SigningScenario Value="131">
-					XmlElement newKMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newKMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
 					newKMCIDeniedSignerNode.SetAttribute("SignerId", signerID);
 					_ = codeIntegrityPolicy.KMCI_ProductSigners_DeniedSigners_Node.AppendChild(newKMCIDeniedSignerNode);
 
diff --git a/AppControl Manager/XMLOps/NewHashLevelRules.cs b/AppControl Manager/XMLOps/NewHashLevelRules.cs
index 97862d2e2..2751ae347 100644
--- a/AppControl Manager/XMLOps/NewHashLevelRules.cs	
+++ b/AppControl Manager/XMLOps/NewHashLevelRules.cs	
@@ -39,7 +39,7 @@ internal static void CreateAllow(string xmlFilePath, List<HashCreator> hashes)
 			string HashSHA1RuleID = $"ID_ALLOW_B_{guid}";
 
 			// Create new Allow Hash rule for Authenticode SHA256
-			XmlElement newAuth256HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newAuth256HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", GlobalVars.SiPolicyNamespace);
 			newAuth256HashNode.SetAttribute("ID", HashSHA256RuleID);
 			newAuth256HashNode.SetAttribute("FriendlyName", $"{hash.FileName} Hash Sha256");
 			newAuth256HashNode.SetAttribute("Hash", hash.AuthenticodeSHA256);
@@ -47,7 +47,7 @@ internal static void CreateAllow(string xmlFilePath, List<HashCreator> hashes)
 			_ = codeIntegrityPolicy.FileRulesNode.AppendChild(newAuth256HashNode);
 
 			// Create new Allow Hash rule for Authenticode SHA1
-			XmlElement newAuth1HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newAuth1HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", GlobalVars.SiPolicyNamespace);
 			newAuth1HashNode.SetAttribute("ID", HashSHA1RuleID);
 			newAuth1HashNode.SetAttribute("FriendlyName", $"{hash.FileName} Hash Sha1");
 			newAuth1HashNode.SetAttribute("Hash", hash.AuthenticodeSHA1);
@@ -58,12 +58,12 @@ internal static void CreateAllow(string xmlFilePath, List<HashCreator> hashes)
 			if (hash.SiSigningScenario is 1)
 			{
 				// Create FileRuleRef for Authenticode SHA256 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement NewUMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewUMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewUMCIFileRuleRefNodeFor256.SetAttribute("RuleID", HashSHA256RuleID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewUMCIFileRuleRefNodeFor256);
 
 				// Create FileRuleRef for Authenticode SHA1 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement NewUMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewUMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewUMCIFileRuleRefNodeFor1.SetAttribute("RuleID", HashSHA1RuleID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewUMCIFileRuleRefNodeFor1);
 			}
@@ -80,12 +80,12 @@ internal static void CreateAllow(string xmlFilePath, List<HashCreator> hashes)
 				}
 
 				// Create FileRuleRef for Authenticode SHA256 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="131">
-				XmlElement NewKMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewKMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewKMCIFileRuleRefNodeFor256.SetAttribute("RuleID", HashSHA256RuleID);
 				_ = codeIntegrityPolicy.KMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewKMCIFileRuleRefNodeFor256);
 
 				// Create FileRuleRef for Authenticode SHA1 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="131">
-				XmlElement NewKMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewKMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewKMCIFileRuleRefNodeFor1.SetAttribute("RuleID", HashSHA1RuleID);
 				_ = codeIntegrityPolicy.KMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewKMCIFileRuleRefNodeFor1);
 			}
@@ -128,7 +128,7 @@ internal static void CreateDeny(string xmlFilePath, List<HashCreator> hashes)
 			string HashSHA1RuleID = $"ID_DENY_B_{guid}";
 
 			// Create new Deny Hash rule for Authenticode SHA256
-			XmlElement newAuth256HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newAuth256HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", GlobalVars.SiPolicyNamespace);
 			newAuth256HashNode.SetAttribute("ID", HashSHA256RuleID);
 			newAuth256HashNode.SetAttribute("FriendlyName", $"{hash.FileName} Hash Sha256");
 			newAuth256HashNode.SetAttribute("Hash", hash.AuthenticodeSHA256);
@@ -136,7 +136,7 @@ internal static void CreateDeny(string xmlFilePath, List<HashCreator> hashes)
 			_ = codeIntegrityPolicy.FileRulesNode.AppendChild(newAuth256HashNode);
 
 			// Create new Deny Hash rule for Authenticode SHA1
-			XmlElement newAuth1HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newAuth1HashNode = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", GlobalVars.SiPolicyNamespace);
 			newAuth1HashNode.SetAttribute("ID", HashSHA1RuleID);
 			newAuth1HashNode.SetAttribute("FriendlyName", $"{hash.FileName} Hash Sha1");
 			newAuth1HashNode.SetAttribute("Hash", hash.AuthenticodeSHA1);
@@ -147,12 +147,12 @@ internal static void CreateDeny(string xmlFilePath, List<HashCreator> hashes)
 			if (hash.SiSigningScenario == 1)
 			{
 				// Create FileRuleRef for Authenticode SHA256 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement NewUMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewUMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewUMCIFileRuleRefNodeFor256.SetAttribute("RuleID", HashSHA256RuleID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewUMCIFileRuleRefNodeFor256);
 
 				// Create FileRuleRef for Authenticode SHA1 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-				XmlElement NewUMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewUMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewUMCIFileRuleRefNodeFor1.SetAttribute("RuleID", HashSHA1RuleID);
 				_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewUMCIFileRuleRefNodeFor1);
 			}
@@ -169,12 +169,12 @@ internal static void CreateDeny(string xmlFilePath, List<HashCreator> hashes)
 				}
 
 				// Create FileRuleRef for Authenticode SHA256 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="131">
-				XmlElement NewKMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewKMCIFileRuleRefNodeFor256 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewKMCIFileRuleRefNodeFor256.SetAttribute("RuleID", HashSHA256RuleID);
 				_ = codeIntegrityPolicy.KMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewKMCIFileRuleRefNodeFor256);
 
 				// Create FileRuleRef for Authenticode SHA1 Hash inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="131">
-				XmlElement NewKMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement NewKMCIFileRuleRefNodeFor1 = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 				NewKMCIFileRuleRefNodeFor1.SetAttribute("RuleID", HashSHA1RuleID);
 				_ = codeIntegrityPolicy.KMCI_ProductSigners_FileRulesRef_Node.AppendChild(NewKMCIFileRuleRefNodeFor1);
 			}
diff --git a/AppControl Manager/XMLOps/NewPFNLevelRules.cs b/AppControl Manager/XMLOps/NewPFNLevelRules.cs
index d8656229c..4224ec237 100644
--- a/AppControl Manager/XMLOps/NewPFNLevelRules.cs	
+++ b/AppControl Manager/XMLOps/NewPFNLevelRules.cs	
@@ -32,7 +32,7 @@ internal static void CreateAllow(string xmlFilePath, List<PFNRuleCreator> PFNDat
 			string ID = $"ID_ALLOW_A_{guid}";
 
 			// Create new PackageFamilyName rule
-			XmlElement newPFNRule = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newPFNRule = codeIntegrityPolicy.XmlDocument.CreateElement("Allow", GlobalVars.SiPolicyNamespace);
 
 			// Fill it with the required attributes
 			newPFNRule.SetAttribute("ID", ID);
@@ -44,7 +44,7 @@ internal static void CreateAllow(string xmlFilePath, List<PFNRuleCreator> PFNDat
 			_ = codeIntegrityPolicy.FileRulesNode.AppendChild(newPFNRule);
 
 			// Create FileRuleRef for the PFN inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-			XmlElement newUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 			newUMCIFileRuleRefNode.SetAttribute("RuleID", ID);
 			_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(newUMCIFileRuleRefNode);
 		}
@@ -79,7 +79,7 @@ internal static void CreateDeny(string xmlFilePath, List<PFNRuleCreator> PFNData
 			string ID = $"ID_DENY_A_{guid}";
 
 			// Create new PackageFamilyName rule
-			XmlElement newPFNRule = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newPFNRule = codeIntegrityPolicy.XmlDocument.CreateElement("Deny", GlobalVars.SiPolicyNamespace);
 
 			// Fill it with the required attributes
 			newPFNRule.SetAttribute("ID", ID);
@@ -91,7 +91,7 @@ internal static void CreateDeny(string xmlFilePath, List<PFNRuleCreator> PFNData
 			_ = codeIntegrityPolicy.FileRulesNode.AppendChild(newPFNRule);
 
 			// Create FileRuleRef for the PFN inside the <FileRulesRef> -> <ProductSigners> -> <SigningScenario Value="12">
-			XmlElement newUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", codeIntegrityPolicy.NameSpaceURI);
+			XmlElement newUMCIFileRuleRefNode = codeIntegrityPolicy.XmlDocument.CreateElement("FileRuleRef", GlobalVars.SiPolicyNamespace);
 			newUMCIFileRuleRefNode.SetAttribute("RuleID", ID);
 			_ = codeIntegrityPolicy.UMCI_ProductSigners_FileRulesRef_Node.AppendChild(newUMCIFileRuleRefNode);
 		}
diff --git a/AppControl Manager/XMLOps/NewPublisherLevelRules.cs b/AppControl Manager/XMLOps/NewPublisherLevelRules.cs
index 790cf95f1..62ca937b4 100644
--- a/AppControl Manager/XMLOps/NewPublisherLevelRules.cs	
+++ b/AppControl Manager/XMLOps/NewPublisherLevelRules.cs	
@@ -44,19 +44,19 @@ internal static void CreateAllow(string xmlFilePath, List<PublisherSignerCreator
 				// Create the new Signer element
 
 				// Create a new Signer node
-				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", GlobalVars.SiPolicyNamespace);
 				// Set the attributes for the new Signer node
 				newSignerNode.SetAttribute("ID", SignerID);
 				newSignerNode.SetAttribute("Name", signerData.IntermediateCertName);
 
 				// Create the CertRoot element and add it to the Signer element
-				XmlElement certRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement certRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", GlobalVars.SiPolicyNamespace);
 				certRootNode.SetAttribute("Type", "TBS");
 				certRootNode.SetAttribute("Value", signerData.IntermediateCertTBS);
 				_ = newSignerNode.AppendChild(certRootNode);
 
 				// Create the CertPublisher element and add it to the Signer element
-				XmlElement certPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement certPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", GlobalVars.SiPolicyNamespace);
 				certPublisherNode.SetAttribute("Value", signerData.LeafCertName);
 				_ = newSignerNode.AppendChild(certPublisherNode);
 
@@ -70,13 +70,13 @@ internal static void CreateAllow(string xmlFilePath, List<PublisherSignerCreator
 				if (publisherData.SiSigningScenario is 1)
 				{
 					// Create AllowedSigner nodes inside the <AllowedSigners> -> <ProductSigners> -> <SigningScenario Value="12">
-					XmlElement newUMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newUMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
 					newUMCIAllowedSignerNode.SetAttribute("SignerId", SignerID);
 					_ = codeIntegrityPolicy.UMCI_ProductSigners_AllowedSigners_Node.AppendChild(newUMCIAllowedSignerNode);
 
 
 					// Create a CI Signer for the User Mode Signer
-					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", GlobalVars.SiPolicyNamespace);
 					newCiSignerNode.SetAttribute("SignerId", SignerID);
 					_ = codeIntegrityPolicy.CiSignersNode.AppendChild(newCiSignerNode);
 				}
@@ -85,7 +85,7 @@ internal static void CreateAllow(string xmlFilePath, List<PublisherSignerCreator
 				else if (publisherData.SiSigningScenario is 0)
 				{
 					// Create AllowedSigner nodes inside the <AllowedSigners> -> <ProductSigners> -> <SigningScenario Value="131">
-					XmlElement newKMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newKMCIAllowedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("AllowedSigner", GlobalVars.SiPolicyNamespace);
 					newKMCIAllowedSignerNode.SetAttribute("SignerId", SignerID);
 					_ = codeIntegrityPolicy.KMCI_ProductSigners_AllowedSigners_Node.AppendChild(newKMCIAllowedSignerNode);
 
@@ -137,19 +137,19 @@ internal static void CreateDeny(string xmlFilePath, List<PublisherSignerCreator>
 				// Create the new Signer element
 
 				// Create a new Signer node
-				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement newSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("Signer", GlobalVars.SiPolicyNamespace);
 				// Set the attributes for the new Signer node
 				newSignerNode.SetAttribute("ID", SignerID);
 				newSignerNode.SetAttribute("Name", signerData.IntermediateCertName);
 
 				// Create the CertRoot element and add it to the Signer element
-				XmlElement certRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement certRootNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertRoot", GlobalVars.SiPolicyNamespace);
 				certRootNode.SetAttribute("Type", "TBS");
 				certRootNode.SetAttribute("Value", signerData.IntermediateCertTBS);
 				_ = newSignerNode.AppendChild(certRootNode);
 
 				// Create the CertPublisher element and add it to the Signer element
-				XmlElement certPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", codeIntegrityPolicy.NameSpaceURI);
+				XmlElement certPublisherNode = codeIntegrityPolicy.XmlDocument.CreateElement("CertPublisher", GlobalVars.SiPolicyNamespace);
 				certPublisherNode.SetAttribute("Value", signerData.LeafCertName);
 				_ = newSignerNode.AppendChild(certPublisherNode);
 
@@ -163,13 +163,13 @@ internal static void CreateDeny(string xmlFilePath, List<PublisherSignerCreator>
 				if (publisherData.SiSigningScenario is 1)
 				{
 					// Create DeniedSigner nodes inside the <DeniedSigners> -> <ProductSigners> -> <SigningScenario Value="12">
-					XmlElement newUMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newUMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
 					newUMCIDeniedSignerNode.SetAttribute("SignerId", SignerID);
 					_ = codeIntegrityPolicy.UMCI_ProductSigners_DeniedSigners_Node.AppendChild(newUMCIDeniedSignerNode);
 
 
 					// Create a CI Signer for the User Mode Signer
-					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newCiSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("CiSigner", GlobalVars.SiPolicyNamespace);
 					newCiSignerNode.SetAttribute("SignerId", SignerID);
 					_ = codeIntegrityPolicy.CiSignersNode.AppendChild(newCiSignerNode);
 				}
@@ -178,7 +178,7 @@ internal static void CreateDeny(string xmlFilePath, List<PublisherSignerCreator>
 				else if (publisherData.SiSigningScenario is 0)
 				{
 					// Create DeniedSigner nodes inside the <DeniedSigners> -> <ProductSigners> -> <SigningScenario Value="131">
-					XmlElement newKMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", codeIntegrityPolicy.NameSpaceURI);
+					XmlElement newKMCIDeniedSignerNode = codeIntegrityPolicy.XmlDocument.CreateElement("DeniedSigner", GlobalVars.SiPolicyNamespace);
 					newKMCIDeniedSignerNode.SetAttribute("SignerId", SignerID);
 					_ = codeIntegrityPolicy.KMCI_ProductSigners_DeniedSigners_Node.AppendChild(newKMCIDeniedSignerNode);
 
diff --git a/AppControl Manager/XMLOps/SetCiPolicyInfo.cs b/AppControl Manager/XMLOps/SetCiPolicyInfo.cs
index 07b3da2f9..76bb4180b 100644
--- a/AppControl Manager/XMLOps/SetCiPolicyInfo.cs	
+++ b/AppControl Manager/XMLOps/SetCiPolicyInfo.cs	
@@ -53,7 +53,7 @@ internal static string Set(string filePath, bool? resetPolicyID, string? policyN
 		// Check if Settings node exists, if not, create it
 		if (SettingsNode is null)
 		{
-			SettingsNode = codeIntegrityPolicy.XmlDocument.CreateElement("Settings", codeIntegrityPolicy.NameSpaceURI);
+			SettingsNode = codeIntegrityPolicy.XmlDocument.CreateElement("Settings", GlobalVars.SiPolicyNamespace);
 			_ = codeIntegrityPolicy.SiPolicyNode.AppendChild(SettingsNode);
 		}
 
@@ -81,7 +81,7 @@ internal static string Set(string filePath, bool? resetPolicyID, string? policyN
 		// If the Setting node with ValueName="Name" does not exist, create it
 		if (nameSettingNode is null)
 		{
-			nameSettingNode = codeIntegrityPolicy.XmlDocument.CreateElement("Setting", codeIntegrityPolicy.NameSpaceURI);
+			nameSettingNode = codeIntegrityPolicy.XmlDocument.CreateElement("Setting", GlobalVars.SiPolicyNamespace);
 
 			XmlAttribute providerAttr = codeIntegrityPolicy.XmlDocument.CreateAttribute("Provider");
 			providerAttr.Value = "PolicyInfo";
@@ -105,8 +105,8 @@ internal static string Set(string filePath, bool? resetPolicyID, string? policyN
 		if (valueNode is null)
 		{
 			// Create Value node
-			XmlNode newValueNode = codeIntegrityPolicy.XmlDocument.CreateElement("Value", codeIntegrityPolicy.NameSpaceURI);
-			XmlNode newStringNode = codeIntegrityPolicy.XmlDocument.CreateElement("String", codeIntegrityPolicy.NameSpaceURI);
+			XmlNode newValueNode = codeIntegrityPolicy.XmlDocument.CreateElement("Value", GlobalVars.SiPolicyNamespace);
+			XmlNode newStringNode = codeIntegrityPolicy.XmlDocument.CreateElement("String", GlobalVars.SiPolicyNamespace);
 
 			_ = newValueNode.AppendChild(newStringNode);
 			_ = nameSettingNode.AppendChild(newValueNode);
@@ -179,7 +179,7 @@ internal static string Set(string filePath, bool? resetPolicyID, string? policyN
 
 			// Create namespace manager and add the default namespace with a prefix
 			XmlNamespaceManager namespaceManager2 = new(xmlDocument2.NameTable);
-			namespaceManager2.AddNamespace("ns", codeIntegrityPolicy.NameSpaceURI);
+			namespaceManager2.AddNamespace("ns", GlobalVars.SiPolicyNamespace);
 
 			// Get SiPolicy node
 			XmlNode siPolicyNode2 = xmlDocument2.SelectSingleNode("ns:SiPolicy", namespaceManager2)
diff --git a/AppControl Manager/XMLOps/UpdateHvciOptions.cs b/AppControl Manager/XMLOps/UpdateHvciOptions.cs
index 256380805..90a4866fd 100644
--- a/AppControl Manager/XMLOps/UpdateHvciOptions.cs	
+++ b/AppControl Manager/XMLOps/UpdateHvciOptions.cs	
@@ -34,7 +34,7 @@ internal static void Update(string filePath)
 		else
 		{
 			// Create the HvciOptions node if it doesn't exist
-			hvciOptionsNode = codeIntegrityPolicy.XmlDocument.CreateElement("HvciOptions", codeIntegrityPolicy.NameSpaceURI);
+			hvciOptionsNode = codeIntegrityPolicy.XmlDocument.CreateElement("HvciOptions", GlobalVars.SiPolicyNamespace);
 			hvciOptionsNode.InnerText = "2";
 
 			// Insert it after CiSigners node
diff --git a/AppControl Manager/app.manifest b/AppControl Manager/app.manifest
index 485fa5e3c..b6e53bfe1 100644
--- a/AppControl Manager/app.manifest	
+++ b/AppControl Manager/app.manifest	
@@ -2,7 +2,7 @@
 <!-- INFO: https://learn.microsoft.com/en-us/windows/win32/sbscs/application-manifests -->
 <!-- INFO (for legacy UWP but its info can be used for better understanding): https://learn.microsoft.com/en-us/uwp/schemas/appxpackage/uapmanifestschema/root-elements -->
 <assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1">
-  <assemblyIdentity version="1.8.9.0" name="AppControlManager"/>
+  <assemblyIdentity version="1.9.0.0" name="AppControlManager"/>
 
   <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
     <application>
diff --git a/AppControl Manager/global.json b/AppControl Manager/global.json
index d325929a3..506a09b26 100644
--- a/AppControl Manager/global.json	
+++ b/AppControl Manager/global.json	
@@ -1,6 +1,6 @@
 {
     "sdk": {
-        "version": "9.0.102",
+        "version": "9.0.200",
         "rollForward": "latestMajor",
         "allowPrerelease": true
     }
diff --git a/Wiki posts/App Control for Business/WDAC Notes.md b/Wiki posts/App Control for Business/WDAC Notes.md
index 1f07c61d7..da05df678 100644
--- a/Wiki posts/App Control for Business/WDAC Notes.md	
+++ b/Wiki posts/App Control for Business/WDAC Notes.md	
@@ -587,6 +587,16 @@ It doesn't matter how long or short the IDs are in the policy XML file, such as
 
 <br>
 
+## The Effect of Disabled:Flight Signing Policy Rule Option on Windows Insider Builds
+
+If you deploy an App Control policy that has the `Disabled:Flight Signing` rule option, the Windows Insider page in Windows Settings will not let you choose insider channels whose builds are signed with flight root certificates. For example, if you are on the Release Preview channel, you won't have the option to switch to any other channel and the channel selection can be unavailable in Windows Insider section. To make it appear again, you can re-deploy the policy with `Disabled:Flight Signing` rule option removed from it and then reboot the system. This is to ensure that the user won't accidentally/intentionally get himself/herself into a boot failure situation.
+
+<br>
+
+<img src="https://github.com/HotCakeX/Harden-Windows-Security/raw/main/images/Gifs/1pxRainbowLine.gif" width= "300000" alt="horizontal super thin rainbow RGB line">
+
+<br>
+
 ## <img width="65" src="https://raw.githubusercontent.com/HotCakeX/.github/main/Pictures/Gifs/arrow-pink.gif" alt="Continue Reading about BYOVD using App Control for Business"> [Continue reading about BYOVD protection with App Control for Business](#-continue-reading-about-byovd-protection-with-wdac)
 
 #### [App Control policy](https://github.com/HotCakeX/Harden-Windows-Security/wiki/WDAC-policy-for-BYOVD-Kernel-mode-only-protection) for BYOVD Kernel mode only protection
diff --git a/Wiki posts/AppControl Manager/AppControl Manager.md b/Wiki posts/AppControl Manager/AppControl Manager.md
index 5a9bf5fa5..7bb489325 100644
--- a/Wiki posts/AppControl Manager/AppControl Manager.md	
+++ b/Wiki posts/AppControl Manager/AppControl Manager.md	
@@ -193,19 +193,7 @@ Here is the complete list of all of the URLs the AppControl Manager application
 
 <br>
 
-## How To Install AppControl Manager Completely Offline? (Method 1)
-
-1. Download the latest MSIXBundle package of the AppControl Manager from the [GitHub releases](https://github.com/HotCakeX/Harden-Windows-Security/releases) or build it from [the source code](https://github.com/HotCakeX/Harden-Windows-Security/tree/main/AppControl%20Manager) yourself.
-
-2. Use the following PowerShell syntax to Install the AppControl Manager. ***No Admin privilege required***
-
-```powershell
-Add-AppxPackage -Path "Path To the MSIXBundle" -AllowUnsigned
-```
-
-<br>
-
-## How To Install AppControl Manager Completely Offline? (Method 2)
+## How To Install AppControl Manager Completely Offline?
 
 1. Download [this PowerShell script](https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Harden-Windows-Security.ps1).
 
@@ -309,7 +297,7 @@ if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed
 # https://learn.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-build-tools
 # https://learn.microsoft.com/en-us/visualstudio/install/use-command-line-parameters-to-install-visual-studio
 # https://learn.microsoft.com/en-us/visualstudio/install/workload-component-id-vs-community
-winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended'
+winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended'
 
 if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install Visual Studio Build Tools') }