diff --git a/src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.Context.cs b/src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.Context.cs
index 9df90c91bfc..626210560ad 100644
--- a/src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.Context.cs
+++ b/src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.Context.cs
@@ -2,7 +2,6 @@
 // The .NET Foundation licenses this file to you under the MIT license.
 // See the LICENSE file in the project root for more information.
 
-using System;  
 using System.IO;
 using System.IO.Pipes;
 using System.Net.Security;
@@ -29,26 +28,34 @@ public partial class SslStreamTests
         [BenchmarkCategory(Categories.NoAOT)]
         public Task DefaultHandshakeContextIPv6Async() => DefaultContextHandshake(_clientIPv6, _serverIPv6);
 
-        private async Task DefaultContextHandshake(Stream client, Stream server)
+        [Benchmark]
+        [BenchmarkCategory(Categories.NoAOT)]
+        public Task DefaultMutualHandshakeContextIPv4Async() => DefaultContextHandshake(_clientIPv4, _serverIPv4, true);
+
+        [Benchmark]
+        [BenchmarkCategory(Categories.NoAOT)]
+        public Task DefaultMutualHandshakeContextIPv6Async() => DefaultContextHandshake(_clientIPv6, _serverIPv6, true);
+
+        private async Task DefaultContextHandshake(Stream client, Stream server, bool requireClientCert = false)
         {
             if (_context == null)
             {
                 _context = SslStreamCertificateContext.Create(_cert, null);
             }
-            
+
             SslServerAuthenticationOptions serverOptions = new SslServerAuthenticationOptions
             {
                 AllowRenegotiation = false,
                 EnabledSslProtocols = SslProtocols.None,
                 CertificateRevocationCheckMode = X509RevocationMode.NoCheck,
-                ServerCertificateContext  = _context,
+                ServerCertificateContext = _context,
             };
 
             using (var sslClient = new SslStream(client, leaveInnerStreamOpen: true, delegate { return true; }))
             using (var sslServer = new SslStream(server, leaveInnerStreamOpen: true, delegate { return true; }))
             {
                 await Task.WhenAll(
-                    sslClient.AuthenticateAsClientAsync("localhost", null, SslProtocols.None, checkCertificateRevocation: false),
+                    sslClient.AuthenticateAsClientAsync("localhost", requireClientCert ? new X509CertificateCollection() { _clientCert } : null, SslProtocols.None, checkCertificateRevocation: false),
                     sslServer.AuthenticateAsServerAsync(serverOptions, default));
 
                 // In Tls1.3 part of handshake happens with data exchange.