Many security mitigation techniques rely on program analysis. Languages such as C/C++ support the use of pointers for indirect memory accesses. For applications written in these languages, the accuracy of program analysis, and thus the effectiveness of security mitigation, depends on the precision of the underlying pointer analysis techniques. However, despite decades of research into pointer analysis, achieving precise and scalable pointer analysis remains an open problem. In this talk, I will describe my research on improving the scalability and precision of pointer analysis algorithms for software security. I will first present the Invariant-Guided Pointer Analysis technique that improves the precision of Control Flow Integrity techniques by 59%. Then, I will introduce Sensitive Data Encryption, a mechanism to protect sensitive data against data-only attacks, and discuss how we augmented static pointer analysis with information available at runtime to reduce overhead and improve scalability. Finally, I will present my vision for future research.