Traditional approaches to securing systems tend to be fixed and mostly non adaptive. The Policy that defines the security posture is in some sense "hardcoded". In this talk, we focus on approaches to securing systems using approaches that have declarative policies that factor in dynamically evolving context. The approach is grounded in W3C standard representation formats for knowledge and formal logic. We show instances of this approach in two different network settings -- mobile devices and intrusion detection.