diff --git a/src/Microsoft.NetCore.Analyzers/UnitTests/Security/DoNotHardCodeEncryptionKeyTests.cs b/src/Microsoft.NetCore.Analyzers/UnitTests/Security/DoNotHardCodeEncryptionKeyTests.cs
index e0e47617ef..125e5a5e16 100644
--- a/src/Microsoft.NetCore.Analyzers/UnitTests/Security/DoNotHardCodeEncryptionKeyTests.cs
+++ b/src/Microsoft.NetCore.Analyzers/UnitTests/Security/DoNotHardCodeEncryptionKeyTests.cs
@@ -313,6 +313,96 @@ public void TestMethod(byte[] someOtherBytesForIV)
             GetCSharpResultAt(12, 9, 10, 26, "ICryptoTransform SymmetricAlgorithm.CreateEncryptor(byte[] rgbKey, byte[] rgbIV)", "void TestClass.TestMethod(byte[] someOtherBytesForIV)", "byte[,]", "void TestClass.TestMethod(byte[] someOtherBytesForIV)"));
         }
 
+        [Fact]
+        public void Test_HardcodedInJaggedArrayInitializer_CreateEncryptor_Diagnostic()
+        {
+            VerifyCSharpWithDependencies(@"
+using System;
+using System.Linq;
+using System.Security.Cryptography;
+
+class TestClass
+{
+    public void TestMethod(byte[] someOtherBytesForIV, byte unknownByte)
+    {
+        byte[][] rgbKey = new byte[3][]
+        {
+            new byte[] { 1, 2 },
+            new byte[] { 3, 4, 5 },
+            new byte[] { unknownByte }
+        };
+        SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
+        rijn.CreateEncryptor(rgbKey.Cast<byte>().ToArray(), someOtherBytesForIV);
+    }
+}",
+            GetCSharpResultAt(17, 9, 13, 13, "ICryptoTransform SymmetricAlgorithm.CreateEncryptor(byte[] rgbKey, byte[] rgbIV)", "void TestClass.TestMethod(byte[] someOtherBytesForIV, byte unknownByte)", "byte[]", "void TestClass.TestMethod(byte[] someOtherBytesForIV, byte unknownByte)"),
+            GetCSharpResultAt(17, 9, 12, 13, "ICryptoTransform SymmetricAlgorithm.CreateEncryptor(byte[] rgbKey, byte[] rgbIV)", "void TestClass.TestMethod(byte[] someOtherBytesForIV, byte unknownByte)", "byte[]", "void TestClass.TestMethod(byte[] someOtherBytesForIV, byte unknownByte)"));
+        }
+
+        [Fact]
+        public void Test_HardcodeByParamsBytesArray_CreateEncryptor_Diagnostic()
+        {
+            VerifyCSharpWithDependencies(@"
+using System;
+using System.Security.Cryptography;
+
+class TestClass
+{
+    public void TestMethod(byte[] someOtherBytesForIV)
+    {
+        byte[] rgbKey = GetArray(1, 2, 3);
+        SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
+        rijn.CreateEncryptor(rgbKey, someOtherBytesForIV);
+    }
+
+    public byte[] GetArray(params byte[] array)
+    {
+        return array;
+    }
+}",
+            GetCSharpResultAt(11, 9, 9, 25, "ICryptoTransform SymmetricAlgorithm.CreateEncryptor(byte[] rgbKey, byte[] rgbIV)", "void TestClass.TestMethod(byte[] someOtherBytesForIV)", "byte[]", "void TestClass.TestMethod(byte[] someOtherBytesForIV)"));
+        }
+
+        [Fact]
+        public void Test_ElementTypeIsTypeParameter_NoDiagnostic()
+        {
+            VerifyCSharpWithDependencies(@"
+using System;
+
+class TestClass<T1> where T1 : struct
+{
+    public void MethodWithArrayParameter<T2>(params T2[] arr) where T2 : struct
+    {
+    }
+
+    public void TestMethod(T1 t)
+    {
+        MethodWithArrayParameter(t);
+    }
+}");
+        }
+
+        [Fact]
+        public void Test_HardcodedInJaggedArray_CreateEncryptor_NoDiagnostic()
+        {
+            VerifyCSharpWithDependencies(@"
+using System;
+using System.Linq;
+using System.Security.Cryptography;
+
+class TestClass
+{
+    public void TestMethod(byte[] someOtherBytesForIV)
+    {
+        byte[][] rgbKey = new byte[2][];
+        rgbKey[0] = new byte[2] { 1, 2 };
+        rgbKey[1] = new byte[3] { 3, 4, 5 };
+        SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
+        rijn.CreateEncryptor(rgbKey.Cast<byte>().ToArray(), someOtherBytesForIV);
+    }
+}");
+        }
+
         [Fact]
         public void Test_NotHardcoded_CreateEncryptor_NoDiagnostic()
         {
diff --git a/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/TaintedDataAnalysis/TaintedDataSymbolMapExtensions.cs b/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/TaintedDataAnalysis/TaintedDataSymbolMapExtensions.cs
index aa7057c65a..acdd939ecc 100644
--- a/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/TaintedDataAnalysis/TaintedDataSymbolMapExtensions.cs
+++ b/src/Utilities/FlowAnalysis/FlowAnalysis/Analysis/TaintedDataAnalysis/TaintedDataSymbolMapExtensions.cs
@@ -82,11 +82,14 @@ public static bool IsSourceProperty(this TaintedDataSymbolMap<SourceInfo> source
         /// <returns></returns>
         public static bool IsSourceConstantArrayOfType(this TaintedDataSymbolMap<SourceInfo> sourceSymbolMap, IArrayTypeSymbol arrayTypeSymbol)
         {
-            foreach (SourceInfo sourceInfo in sourceSymbolMap.GetInfosForType(arrayTypeSymbol.ElementType as INamedTypeSymbol))
+            if (arrayTypeSymbol.ElementType is INamedTypeSymbol elementType)
             {
-                if (sourceInfo.TaintConstantArray)
+                foreach (SourceInfo sourceInfo in sourceSymbolMap.GetInfosForType(elementType))
                 {
-                    return true;
+                    if (sourceInfo.TaintConstantArray)
+                    {
+                        return true;
+                    }
                 }
             }