diff --git a/dmn-core/src/main/java/com/gs/dmn/serialization/jackson/NSElementSerializer.java b/dmn-core/src/main/java/com/gs/dmn/serialization/jackson/NSElementSerializer.java
index f98690a7c..79fa10237 100644
--- a/dmn-core/src/main/java/com/gs/dmn/serialization/jackson/NSElementSerializer.java
+++ b/dmn-core/src/main/java/com/gs/dmn/serialization/jackson/NSElementSerializer.java
@@ -28,6 +28,7 @@ public void serialize(NSElement element, JsonGenerator gen, SerializerProvider s
     private static String toXml(Element element) {
         try {
             TransformerFactory factory = TransformerFactory.newInstance();
+            factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
             factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
             factory.setAttribute(XMLConstants.ACCESS_EXTERNAL_SCHEMA, "");
             StringWriter writer = new StringWriter();