diff --git a/pom.xml b/pom.xml
index 628f65b3..e870b470 100644
--- a/pom.xml
+++ b/pom.xml
@@ -58,7 +58,11 @@
   		<artifactId>wink-json4j</artifactId>
   		<version>1.4</version>
   	</dependency>
-  </dependencies>
+  <dependency>
+   <groupId>io.github.pixee</groupId>
+   <artifactId>java-security-toolkit</artifactId>
+  </dependency>
+ </dependencies>
   
   <profiles>
   	<profile> 
@@ -139,4 +143,16 @@
     <tag>HEAD</tag>
   </scm>
   
+ <dependencyManagement>
+  <dependencies>
+   <dependency>
+    <groupId>io.github.pixee</groupId>
+    <artifactId>java-security-toolkit</artifactId>
+    <version>${versions.java-security-toolkit}</version>
+   </dependency>
+  </dependencies>
+ </dependencyManagement>
+ <properties>
+  <versions.java-security-toolkit>1.2.0</versions.java-security-toolkit>
+ </properties>
 </project>
diff --git a/src/main/java/com/hcl/appscan/sdk/utils/ArchiveUtil.java b/src/main/java/com/hcl/appscan/sdk/utils/ArchiveUtil.java
index aad9f8c0..0eb0c7e0 100644
--- a/src/main/java/com/hcl/appscan/sdk/utils/ArchiveUtil.java
+++ b/src/main/java/com/hcl/appscan/sdk/utils/ArchiveUtil.java
@@ -6,6 +6,7 @@
 
 package com.hcl.appscan.sdk.utils;
 
+import io.github.pixee.security.ZipSecurity;
 import java.io.BufferedInputStream;
 import java.io.BufferedOutputStream;
 import java.io.File;
@@ -47,7 +48,7 @@ public class ArchiveUtil {
 	public static void unzip(File source, File destDir) throws IOException {
 		
 		FileInputStream input = new FileInputStream(source);
-		ZipInputStream zip = new ZipInputStream(new BufferedInputStream(input));
+		ZipInputStream zip = ZipSecurity.createHardenedInputStream(new BufferedInputStream(input));
 		destDir.mkdirs();
 		
 		ZipEntry entry = null;