diff --git a/digid_eherkenning/_xml.py b/digid_eherkenning/_xml.py
new file mode 100644
index 0000000..45bda52
--- /dev/null
+++ b/digid_eherkenning/_xml.py
@@ -0,0 +1,18 @@
+"""
+XML parsing with DTD/Entities blocking.
+
+Inspired by https://github.com/mvantellingen/python-zeep/pull/1179/ as their solution
+for the deprecated defusedxml.lxml module and the defaults applied in defusedxml.lxml.
+"""
+
+from lxml.etree import XMLParser, parse as _parse
+
+
+def parse(source):
+    """
+    Parse an LXML etree from source without resolving entities.
+
+    Resolving entities is a security risk, which is why we disable it.
+    """
+    parser = XMLParser(resolve_entities=False)
+    return _parse(source, parser)
diff --git a/digid_eherkenning/saml2/eherkenning.py b/digid_eherkenning/saml2/eherkenning.py
index 5051e62..01ca00f 100644
--- a/digid_eherkenning/saml2/eherkenning.py
+++ b/digid_eherkenning/saml2/eherkenning.py
@@ -7,10 +7,9 @@
 from django.urls import reverse
 from django.utils import timezone
 
-from defusedxml.lxml import tostring
 from furl.furl import furl
 from lxml.builder import ElementMaker
-from lxml.etree import Element
+from lxml.etree import Element, tostring
 from OpenSSL import crypto
 
 from ..choices import AssuranceLevels
diff --git a/digid_eherkenning/utils.py b/digid_eherkenning/utils.py
index a86c191..abe02e0 100644
--- a/digid_eherkenning/utils.py
+++ b/digid_eherkenning/utils.py
@@ -2,9 +2,10 @@
 
 from django.conf import settings
 
-from defusedxml.lxml import parse
 from lxml import etree
 
+from ._xml import parse
+
 
 def get_client_ip(request):
     x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
diff --git a/setup.cfg b/setup.cfg
index e0934bd..4b815f0 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -38,10 +38,9 @@ install_requires =
     django-sessionprofile
     django-simple-certmanager
     django-solo
-    lxml
-    defusedxml>=0.7.0
+    lxml >= 4.7.1
     furl
-    maykin-python3-saml
+    maykin-python3-saml >= 1.16.0
 tests_require =
     django-test-migrations
     freezegun
diff --git a/tests/mixins.py b/tests/mixins.py
index e8bd554..6103565 100644
--- a/tests/mixins.py
+++ b/tests/mixins.py
@@ -1,6 +1,7 @@
 """
 TODO: replace with pytest fixtures?
 """
+
 from digid_eherkenning.models import DigidConfiguration, EherkenningConfiguration