Damage assessment plays a very important role in securing enterprise networks and systems. Gaining good awareness about the effects and impact of cyber attack actions would enable security officers to make the right cyber defense decisions and take the right cyber defense actions. A good number of damage assessment techniques have been proposed in the literature, but they typically focus on a single abstraction level (of the software system in concern). As a result, existing damage assessment techniques and tools are still very limited in satisfying the needs of comprehensive damage assessment which should not result in any "blind spots". This chapter presents a generic multi-level damage assessment framework, which captures several fundamental characteristics of the damage assessment problem, points out the necessity and importance of cross-layer damage assessment, and identifies the key component techniques of a systematic damage assessment solution. To demonstrate the feasibility, merits and applicability of this framework, we propose a concrete virtual machine (VM) approach to do damage assessment across two fundamental abstraction levels: instruction level and OS level. This approach will integrate the damage assessment operations at the instruction level and the OS process level. This approach leads to a novel production-environment damage assessment architecture. Although this approach does not cover all of the abstraction levels, it shows that across-level damage assessment could be done in complex software systems.