Existing approaches to software security and reliability have proven inadequate in offering a good tradeoff between assurance, reliability, availability, and performance. We argue that reactive protection mechanisms need to be added to our panoply of defenses. Furthermore, we argue that such mechanisms need to be much more invasive than previously envisioned. We discuss our approach to such mechanisms by introducing the concept of self-healing software. We describe the principles behind self-healing software systems and showcase the concepts by giving an overview the Worm Vaccine architecture.