Software Supply Chain attacks are increasingly threatening the security of software systems, with the potential to compromise both build and runtime integrity. Build-time integrity ensures that the software artifact creation process, from source code to compiled binaries, remains untampered. Runtime integrity, on the other hand, guarantees that the executing application loads and runs only trusted code, preventing dynamic injection of malicious components. This paper explores solutions to safeguard Java application’s software supply chain at both stages. We propose techniques to detect malicious code injection through two main contributions: (1) novel algorithm for bytecode equivalence, and (2) detection and prevention of runtime code injection.