diff --git a/src/main/java/nl/knaw/dans/ingest/core/ImportArea.java b/src/main/java/nl/knaw/dans/ingest/core/ImportArea.java
index ef5591d8..33ad3c2b 100644
--- a/src/main/java/nl/knaw/dans/ingest/core/ImportArea.java
+++ b/src/main/java/nl/knaw/dans/ingest/core/ImportArea.java
@@ -30,7 +30,6 @@
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.List;
-import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 public class ImportArea extends AbstractIngestArea {
@@ -86,7 +85,7 @@ public String startImport(Path inputPath, boolean isBatch, boolean continuePrevi
     private void validateBatchDirectory(Path input) {
         if (Files.isDirectory(input)) {
             try (Stream<Path> subPaths = Files.list(input)) {
-                List<Path> paths = subPaths.collect(Collectors.toList());
+                List<Path> paths = subPaths.toList();
                 for (Path f : paths) {
                     validateDepositDirectory(f);
                 }
@@ -108,4 +107,12 @@ private void validateDepositDirectory(Path input) {
             throw new IllegalArgumentException(String.format("Directory %s does not contain file deposit.properties. Not a valid deposit directory", input));
         }
     }
+
+    public Path getSecurePath(Path path) throws RuntimeException {
+        Path normalizedPath = path.normalize().toAbsolutePath();
+        if (!normalizedPath.startsWith(this.inboxDir)) {
+            throw new IllegalArgumentException(String.format("InsecurePath %s", normalizedPath));
+        }
+        return normalizedPath;
+    }
 }
diff --git a/src/main/java/nl/knaw/dans/ingest/resources/ImportsResource.java b/src/main/java/nl/knaw/dans/ingest/resources/ImportsResource.java
index ee09587e..074e3827 100644
--- a/src/main/java/nl/knaw/dans/ingest/resources/ImportsResource.java
+++ b/src/main/java/nl/knaw/dans/ingest/resources/ImportsResource.java
@@ -47,7 +47,8 @@ public Response startImport(StartImport start) {
         log.debug("Received command = {}", start);
         String batchName;
         try {
-            batchName = importArea.startImport(start.getInputPath(), start.isBatch(), start.isContinue());
+            var securePath = importArea.getSecurePath(start.getInputPath());
+            batchName = importArea.startImport(securePath, start.isBatch(), start.isContinue());
         }
         catch (IllegalArgumentException e) {
             throw new BadRequestException(e.getMessage());
diff --git a/src/main/java/nl/knaw/dans/ingest/resources/MigrationsResource.java b/src/main/java/nl/knaw/dans/ingest/resources/MigrationsResource.java
index 3ffe3f57..341286e9 100644
--- a/src/main/java/nl/knaw/dans/ingest/resources/MigrationsResource.java
+++ b/src/main/java/nl/knaw/dans/ingest/resources/MigrationsResource.java
@@ -47,7 +47,8 @@ public Response startImport(StartImport start) {
         log.info("Received command = {}", start);
         String taskName;
         try {
-            taskName = migrationArea.startImport(start.getInputPath(), start.isBatch(), start.isContinue());
+            var securePath = migrationArea.getSecurePath(start.getInputPath());
+            taskName = migrationArea.startImport(securePath, start.isBatch(), start.isContinue());
         }
         catch (IllegalArgumentException e) {
             throw new BadRequestException(e.getMessage());