diff --git a/src/main/java/com/hcl/appscan/sdk/scanners/sast/xml/ModelWriter.java b/src/main/java/com/hcl/appscan/sdk/scanners/sast/xml/ModelWriter.java
index 8c658f99..e7e49e19 100644
--- a/src/main/java/com/hcl/appscan/sdk/scanners/sast/xml/ModelWriter.java
+++ b/src/main/java/com/hcl/appscan/sdk/scanners/sast/xml/ModelWriter.java
@@ -9,6 +9,7 @@
 import java.io.File;
 import java.io.IOException;
 import java.util.List;
+import javax.xml.XMLConstants;
 
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
@@ -87,6 +88,7 @@ protected void configureTransformer() {
 	 */
 	private void initTransformer() throws TransformerConfigurationException {
 		TransformerFactory factory = TransformerFactory.newInstance();
+		factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
 		configureTransformerFactory(factory);
 		m_transformer = factory.newTransformer();
 		configureTransformer();
@@ -97,6 +99,8 @@ private void initTransformer() throws TransformerConfigurationException {
 	 */
 	private void initDocumentBuilder() throws ParserConfigurationException {
 		DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+		factory.setFeature("http://xml.org/sax/features/external-general-entities", false);
+		factory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
 		configureDocumentBuilderFactory(factory);
 		m_builder = factory.newDocumentBuilder();
 	}