Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsSecuritymetrics Inc. › 17320808
Last updated: April 19, 2026
Application No. 17/320,808

NETWORK VULNERABILITY ASSESSMENT

Non-Final OA §103
Filed
May 14, 2021
Examiner
SHOLEMAN, ABU S
Art Unit
2496
Tech Center
2400 — Computer Networks
Assignee
Securitymetrics Inc.
OA Round
5 (Non-Final)
78%
Grant Probability
Favorable
5-6
OA Rounds
3y 2m
To Grant
99%
With Interview

Interview Optional

+26.8% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 778 resolved cases, 2023–2026

Examiner Intelligence

SHOLEMAN, ABU S View full profile →
Grants 78% — above average
78%
Career Allow Rate
611 granted / 778 resolved
+20.5% vs TC avg
Strong +27% interview lift
Without
With
+26.8%
Interview Lift
resolved cases with interview
Typical timeline
3y 2m
Avg Prosecution
43 currently pending
Career history
821
Total Applications
across all art units

Statute-Specific Performance

§101
15.5%
-24.5% vs TC avg
§103
50.2%
+10.2% vs TC avg
§102
3.9%
-36.1% vs TC avg
§112
18.1%
-21.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 778 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/10/2025 has been entered. Applicant argued in the remark that prior arts do not disclose performing, by the monitor system, one or more network vulnerability assessments on the one or more secondary devices on the second network via network communication. However, Ahrens et al US 8,230,505 discloses performing, by the monitor system, one or more network vulnerability assessments on the one or more secondary devices on the second network via network communication (col 5, lines 55-67 and col 6, lines 1-5 Network monitoring devices 156 collect and optionally analyze network-related information, typically at OSI layers 2-4, to identify attacks. The devices 156 may be any suitable module, with sniffers and scanners being typical. Sniffers operate in a promiscuous mode, examining traffic that passes through on the local network. Sniffers are placed at strategic points in the network, such as in front of the firewall 124, behind the firewall 124, in the network 108, and in front of a host. Sniffers use pattern matching to try to match a packet against a known attack which is expressed as an "attack signature". Scanners look at log files for signs of attacks, which may be detected by inspecting a collection of packets). The above Sniffer can be placed between in the front and behind of the firewall. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 12,14 and 19, 20,24-26 and 28-29 are rejected under 35 U.S.C. 103 as being unpatentable over Ishiyama US 2014/0126463 and Ahrens et al US 8,230,505. As per claim 12. Ishiyama US 2014/0126463 discloses a method comprising: communicating, by a monitor system, with a first device via a first network (0019 a communication device, i.e. monitor, is communicating with the first relay device, i.e. a first device); communicating, by the first device, with one or more secondary devices on a second network(par 0019, the first relay device is receiving the communication from the second relay device, i.e. secondary device ), both the first device and the one or more secondary devices being behind and separate from a firewall attached to the second network (par 0019, the first relay device located outside of a firewall and the second relay device located within the firewall, wherein the first relay device is separated from the firewall and the second relay device behind the firewall), and the first device is communicating via the first network with the monitor system at the same time the first device is behind the firewall and communicating with the one or more secondary devices on the second network ( 0019 The second relay device includes a second receiving unit configured to receive the acquisition request transmitted from the first relay device and the first relay device is communicating with the communication device to receive a request for acquiring information, and transmit the information received from the second relay device to the communication device, i.e. the monitor system ); and performing, by the monitor system, a transmission, on the one or more secondary devices on the second network via network communication(0107 estimating unit 606 may statistically analyze a pattern of transmission of RQs such as distribution of 95% in a with of 60 seconds with the center at five past the hour, and estimate the transmission interval (one hour, for example) or the transmission time (five past the hour, for example) of the RQs on the basis of the analysis result). the network communications passing between the first device and the monitor system on the first network and between the first device and the one or more secondary devices on the second network behind the firewall, the network communications between the first device and the monitor system that occur via the first network not passing through the firewall of the second network ( 0019 a communication system includes a first relay device located outside of a firewall; and a second relay device located within the firewall. The first relay device includes a first receiving unit configured to receive a request for acquiring information on an information processing device within the firewall from a communication device and receive the information acquired from the information processing device from the second relay device; a storage unit configured to store therein the acquisition request; and a first transmitting unit configured to transmit the acquisition request stored in the storage unit to the second relay device and transmit the information received from the second relay device to the communication device. The second relay device includes a second receiving unit configured to receive the acquisition request transmitted from the first relay device; an acquiring unit configured to acquire information requested by the acquisition request from the information processing device; and a second transmitting unit configured to transmit the acquired information to the first relay device). Ishiyama does not disclose performing, by the monitor system, one or more network vulnerability assessments on the one or more secondary devices on the second network via network communication. However, Ahrens discloses performing, by the monitor system, one or more network vulnerability assessments on the one or more secondary devices on the second network via network communication (col 5, lines 55-67 and col 6, lines 1-5 Network monitoring devices 156 collect and optionally analyze network-related information, typically at OSI layers 2-4, to identify attacks. The devices 156 may be any suitable module, with sniffers and scanners being typical. Sniffers operate in a promiscuous mode, examining traffic that passes through on the local network. Sniffers are placed at strategic points in the network, such as in front of the firewall 124, behind the firewall 124, in the network 108, and in front of a host. Sniffers use pattern matching to try to match a packet against a known attack which is expressed as an "attack signature". Scanners look at log files for signs of attacks, which may be detected by inspecting a collection of packets). Ishiyama and Ahrens are both considered to be analogous to the claimed invention because they are in the same field of network protection by the firewall. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Ishiyama to incorporate the teachings of Ahrens and provide a threat analysis system. Doing so would provide about the prediction of the threat bypass the firewall, thereby increasing protection for the network. As per claim 14. Ishiyama and Ahrens discloses the method of claim 12, Ahrens discloses wherein the first device accesses the second network by being authenticated by the second network such that the first device is an authenticated device that is coupled to the second network from behind the firewall attached to the second network (col 4, lines 19-32 FIG. 1. A network architecture is provided that includes first and second enterprise networks 100 and 104 that have a federated relationship with one another. As will be appreciated, "federation" refers to two or more independent or autonomous administrator domains having some kind of an agreement or mutual policy governing how each domain will handle communications with one another. The domains may be associated with different entities, with an exemplary entity being a company, government, individual, service provider, and the like. Federated entities typically have a trusted relationship with one another. For example, two nodes in separate federated entities commonly use digital signature- or key-based validation techniques (e.g., a digital certificate) to implement the web-of-trust). As per claim 19. Ishiyama and Ahrens discloses the method of claim 12, Ishiyama discloses wherein the firewall separates the second network from external networks (0019 a communication system includes a first relay device located outside of a firewall; and a second relay device located within the firewall. The first relay device includes a first receiving unit configured to receive a request for acquiring information on an information processing device within the firewall from a communication device and receive the information acquired from the information processing device from the second relay device; a storage unit configured to store therein the acquisition request; and a first transmitting unit configured to transmit the acquisition request stored in the storage unit to the second relay device and transmit the information received from the second relay device to the communication device. The second relay device includes a second receiving unit configured to receive the acquisition request transmitted from the first relay device; an acquiring unit configured to acquire information requested by the acquisition request from the information processing device; and a second transmitting unit configured to transmit the acquired information to the first relay device) and the monitor system is located in front of the firewall attached to the second network ( Ahrens col 5, lines 55-67 and col 6, lines 1-5 Network monitoring devices 156 collect and optionally analyze network-related information, typically at OSI layers 2-4, to identify attacks. The devices 156 may be any suitable module, with sniffers and scanners being typical. Sniffers operate in a promiscuous mode, examining traffic that passes through on the local network. Sniffers are placed at strategic points in the network, such as in front of the firewall 124, behind the firewall 124, in the network 108, and in front of a host. Sniffers use pattern matching to try to match a packet against a known attack which is expressed as an "attack signature". Scanners look at log files for signs of attacks, which may be detected by inspecting a collection of packets). As per claims 20,24 and 25, those claims are rejected based on the same rational set forth in the claims 12,14 and 19 respectively. As per claims 26,28 and 29, those claims are rejected based on the same rational set forth in the claims 12,14 and 19 respectively. Claim(s) 13,15-16, 23, 27, and 31 are rejected under 35 U.S.C. 103 as being unpatentable over Ishiyama US 2014/0126463 and Ahrens et al US 8,230,505 and El Mghazli et al US 2007/0178905. As per claim 13. Ishiyama and Ahrens discloses the method of claim 12, the combination does not disclose wherein the first device is a mobile device wirelessly introduced into the second network. However, El Mghazli discloses wherein the first device is a mobile device wirelessly introduced into the second network( 0011 when a call has been set up between a mobile communication terminal and the core network via a first secure tunnel set up within the first wireless local area network between the mobile terminal and the first secure gateway and associated with authentication and security data, and if the mobile terminal enters an area of intersection between the radio coverage areas of the first and second wireless local area networks: [0012] effecting a procedure of pre-authentication of the mobile terminal, at the level of the IP layer, vis a vis the second security gateway, via the first secure tunnel, and using the same authentication and security data, [0013] then setting up a second secure tunnel between the mobile terminal and the second security gateway, [0014] then effecting an updating of mobility management information via the second secure tunnel, [0015] then proceeding to the transfer (or handover) between wireless local area networks by sending the second security gateway, via the second secure tunnel, a peer address updating message in respect of the mobile terminal, and [0016] authorizing between the mobile terminal and the core network the call to continue via the second secure tunnel.). Ishiyama and Ahrens and El Mghazli are considered to be analogous to the claimed invention because they are in the same field of network protection by the firewall. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Ishiyama to incorporate the teachings of Ahrens , including the teaching of El Mghazli and provide a threat analysis system. Doing so would provide about the prediction of the threat bypass the firewall, thereby increasing protection for the network. As per claim 15. Ishiyama and Ahrens discloses the method of claim 12, the combination does not explicitly disclose wherein the first network is a wireless network that is separate from the second network. However, El Mghazli discloses wherein the first network is a wireless network that is separate from the second network( 0011 when a call has been set up between a mobile communication terminal and the core network via a first secure tunnel set up within the first wireless local area network between the mobile terminal and the first secure gateway and associated with authentication and security data, and if the mobile terminal enters an area of intersection between the radio coverage areas of the first and second wireless local area networks: [0012] effecting a procedure of pre-authentication of the mobile terminal, at the level of the IP layer, vis a vis the second security gateway, via the first secure tunnel, and using the same authentication and security data, [0013] then setting up a second secure tunnel between the mobile terminal and the second security gateway, [0014] then effecting an updating of mobility management information via the second secure tunnel, [0015] then proceeding to the transfer (or handover) between wireless local area networks by sending the second security gateway, via the second secure tunnel, a peer address updating message in respect of the mobile terminal, and [0016] authorizing between the mobile terminal and the core network the call to continue via the second secure tunnel.). Ishiyama and Ahrens and El Mghazli are considered to be analogous to the claimed invention because they are in the same field of network protection by the firewall. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Ishiyama to incorporate the teachings of Ahrens, including the teaching of El Mghazli and provide a threat analysis system. Doing so would provide about the prediction of the threat bypass the firewall, thereby increasing protection for the network. As per claim 16. Ishiyama and Ahrens discloses the method of claim 12, Ahrens discloses further comprising establishing a secure network tunnel between the monitor system and the first device over the first network, wherein the network communications of the one or more network vulnerability assessments pass through the secure network tunnel between the monitor system and the first device(col 5, lines 55-67 and col 6, lines 1-5 Network monitoring devices 156 collect and optionally analyze network-related information, typically at OSI layers 2-4, to identify attacks. The devices 156 may be any suitable module, with sniffers and scanners being typical. Sniffers operate in a promiscuous mode, examining traffic that passes through on the local network. Sniffers are placed at strategic points in the network, such as in front of the firewall 124, behind the firewall 124, in the network 108, and in front of a host. Sniffers use pattern matching to try to match a packet against a known attack which is expressed as an "attack signature". Scanners look at log files for signs of attacks, which may be detected by inspecting a collection of packets). The combination does not disclose the tunneling in the wireless network. However, El Mghazli discloses the tunneling in the wireless network([0011] This method consists in, when a call has been set up between a mobile communication terminal and the core network via a first secure tunnel set up within the first wireless local area network between the mobile terminal and the first secure gateway and associated with authentication and security data, and if the mobile terminal enters an area of intersection between the radio coverage areas of the first and second wireless local area networks: [0012] effecting a procedure of pre-authentication of the mobile terminal, at the level of the IP layer, vis a vis the second security gateway, via the first secure tunnel, and using the same authentication and security data ). Ishiyama and Ahrens and El Mghazli are considered to be analogous to the claimed invention because they are in the same field of network protection by the firewall. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Ishiyama to incorporate the teachings of Ahrens, including the teaching of El Mghazli and provide a threat analysis system. Doing so would provide about the prediction of the threat bypass the firewall, thereby increasing protection for the network. As per claims 27,23 and 31, those claims are rejected based on the same rational set forth in the claims 13, 16, and 16 respectively. Claim(s) 18 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Ishiyama US 2014/0126463 in view of Ahrens et al US 8,230,505 in view of Kamdar et al US 2014/0112160. As per claim 18. Ishiyama and Ahrens discloses the method of claim 12, Ahrens discloses wherein during performing the one or more network vulnerability assessments, the method further comprises: modifying the one or more network vulnerability assessments based on the monitored network latency (col 5, lines 55-67 and col 6, lines 1-5 Network monitoring devices 156 collect and optionally analyze network-related information, typically at OSI layers 2-4, to identify attacks. The devices 156 may be any suitable module, with sniffers and scanners being typical. Sniffers operate in a promiscuous mode, examining traffic that passes through on the local network. Sniffers are placed at strategic points in the network, such as in front of the firewall 124, behind the firewall 124, in the network 108, and in front of a host. Sniffers use pattern matching to try to match a packet against a known attack which is expressed as an "attack signature". Scanners look at log files for signs of attacks, which may be detected by inspecting a collection of packets). The combination fails to disclose monitoring a network latency between the first device and the monitor system across the first network. However, Kamdar discloses monitoring a network latency between the first device and the monitor system across the first network (0070 analysis server 230 may monitor network activity associated with a wireless band when user device 210 connects to a network associated with the wireless band. In some implementations, analysis server 230 may monitor network performance, such as bandwidth, latency, jitter, and/or some other information regarding network performance at intervals (e.g., 1 second, 5 second, 15 second, 30 second or some other interval) by tracking network activity between user device 210 and the network associated with the wireless band when user device 210 connects to the network via the wireless band to perform some task via an application of user device 210.). Ishiyama and Ahrens and Kamdar are considered to be analogous to the claimed invention because they are in the same field of network protection by the firewall. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Ishiyama to incorporate the teachings of Ahrens, including the teaching of Kamdar and provide a threat analysis system. Doing so would provide about the prediction of the threat bypass the firewall, thereby increasing protection for the network. As per claims 21, those claims are rejected based on the same rational set forth in the claims 18 respectively. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314. The examiner can normally be reached EST: 9am-5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JORGE ORTIZ CRIADO can be reached at 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ABU S SHOLEMAN/Primary Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

May 14, 2021
Application Filed
Nov 26, 2021
Response after Non-Final Action
Nov 11, 2022
Response after Non-Final Action
Oct 06, 2023
Non-Final Rejection — §103
Dec 04, 2023
Response Filed
Feb 16, 2024
Final Rejection — §103
May 10, 2024
Request for Continued Examination
May 21, 2024
Response after Non-Final Action
Jan 29, 2025
Non-Final Rejection — §103
Apr 17, 2025
Interview Requested
Apr 23, 2025
Response Filed
Apr 23, 2025
Applicant Interview (Telephonic)
Apr 23, 2025
Examiner Interview Summary
Jul 07, 2025
Final Rejection — §103
Oct 01, 2025
Response after Non-Final Action
Nov 10, 2025
Request for Continued Examination
Nov 13, 2025
Response after Non-Final Action
Mar 05, 2026
Non-Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/493,628
Patent 12591713
AUTOMATIC GENERATING ANALYTICS FROM BLOCKCHAIN DATA
2y 5m to grant Granted Mar 31, 2026
17/536,987
Patent 12574359
Reoccuring Keying System
2y 5m to grant Granted Mar 10, 2026
18/195,625
Patent 12561478
OBFUSCATED STORAGE AND TRANSMISSION OF PERSONAL IDENTIFIABLE INFORMATION
2y 5m to grant Granted Feb 24, 2026
18/242,264
Patent 12549361
CLOUD BASED WIFI NETWORK SETUP FOR MULTIPLE ACCESS POINTS
2y 5m to grant Granted Feb 10, 2026
18/676,116
Patent 12542656
AUTHENTICATION APPARATUS AND IMAGE-FORMING APPARATUS
2y 5m to grant Granted Feb 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

5-6
Expected OA Rounds
78%
Grant Probability
99%
With Interview (+26.8%)
3y 2m
Median Time to Grant
High
PTA Risk
Based on 778 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month