Malware enters a software system along three avenues: it is hidden surreptitiously within applications by a malicious developer; it is inserted into the system due to an accidental or a deliberate misconfiguration of the deployment environment; and it is injected into a running application by a malicious user by exploiting a programming flaw in the application logic. This chapter describes three tools developed at Telcordia for blocking all these avenues: Software Visualization and Analysis Toolsuite (TSVAT) system, ConfigAssure system, and Runtime Monitoring. TSVAT helps application testers conserve testing resources by guiding them to hidden code. ConfigAssure helps system administrators in creating vulnerability-free distributed application configuration. Runtime Monitoring protects against the exploitation of vulnerabilities not caught by any other technique. These tools have been trialed or are being deployed in real enterprises. Together, they offer a comprehensive defense against attacks on software systems throughout their lifecycle.