In this talk, we will describe new and ongoing research in the Secure Systems Lab. Our research targets every stage in the software life-cycle. At the development stage, we describe WebSheets, a new language and framework that simplifies the coding of privacy-centric web applications organized around tabular data. It empowers data owners to control the use of their data during its entire lifetime, while neutralizing most common web application attacks. Next, we describe instrumentation techniques to protect or monitor software during its operational phase. We will describe ongoing work on (a) binary instrumentation techniques that are secure, efficient, and scalable, and (b) operating system instrumentation using the new Linux eBPF framework. The eBPF framework is very promising because it addresses many challenges that have frustrated OS-based security techniques such as the difficulty of debugging and keeping up with the pace of evolution of the Linux kernel. Finally, we will describe our research on detecting advanced and stealthy attack campaigns (APTs). Our system can sift through millions of events in a second and construct a compact visual summary that connects together all the steps of an ongoing attack campaign.