DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office Action is responsive to the communications filed on 4 April 2026. Claims 1-20 are canceled. Claims 21-40 are pending.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 4 April 2026 has been entered.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 21-40 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Independent claim 21 recites “determining, based on the monitoring the account settings, a first security risk associated with a count of a plurality of user accounts experiencing the first security risk by incrementing, over time, a first counter associated with the first security risk for each user account detected as having an account setting corresponding to the first security risk, the first security risk labeled as a first risk severity in the look-up table" and “determining, based on the monitoring the network device settings, a second security risk associated with a count of network devices experiencing the second security risk by incrementing, over time, a second counter associated with the second security risk for each network device detected as having a device setting corresponding to the second security risk, the second security risk labeled as a second risk severity lower than the first risk severity in the look-up table”.
The limitations of “determining, based on the monitoring the account settings, a first security risk associated with a count of a plurality of user accounts experiencing the first security risk by incrementing, over time, a first counter associated with the first security risk for each user account detected as having an account setting corresponding to the first security risk, the first security risk labeled as a first risk severity in the look-up table"; “determining, based on the monitoring the network device settings, a second security risk associated with a count of network devices experiencing the second security risk by incrementing, over time, a second counter associated with the second security risk for each network device detected as having a device setting corresponding to the second security risk, the second security risk labeled as a second risk severity lower than the first risk severity in the look-up table”; and "implementing or updating the user interface to indicate a change in a setting of a user account experiencing the first security risk or a change in a network device within the BMS experiencing the second security risk based at
least in part on an input received from the user via the user interface or an automated response to the first security risk or the second security risk" , as drafted, are process that, under their broadest reasonable interpretation, cover performance of the limitations in the mind. Nothing in the claim element precludes the step from practically being performed in the mind. For example, the determining” in the context of this claim encompasses the user comparing monitored values with values in a table and tracking the number of accounts and network devices surpassing a threshold value. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
This judicial exception is not integrated into a practical application. In particular, the claim only recites one additional element – generating a user interface for presentation to a user on a user device identifying the first security risk and the count of user accounts experiencing the first security risk in a list of a plurality of account-related risks and device-related risks of the first risk severity and the second security risk and the count of network devices experiencing the second security risk in a list of a plurality of account-related risks and device-related risks of the second risk severity. This claim limitation merely describes displaying results. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.
For at least these reasons, Examiner submits that independent claim 21 is directed to an abstract idea. Independent claims 31 and 40 recite limitations similar to Claim 21 and are directed to an abstract idea for at least the same reasons as independent claim 21. Dependent claims 22-30 and 32-39 depend variously from independent Claims 21 and 31 and do not include elements that amount to significantly more than the abstract idea and are also rejected under the same rational.
In conclusion, Examiner submits that claims 21-40 are directed to an abstract idea without significantly more.
Response to Arguments
Rejections Under 35 U.S.C. § 101
Applicant's arguments filed 2 April 2025 have been fully considered but they are not persuasive.
Step 1: Statutory Category Test
On page 9, regarding the rejection under 35 U.S.C. § 101, the Applicant argues that “independent claims 21, 31, and 40 are not directed to an abstract idea.”
The Examiner disagrees with Applicant since the claims are directed the collection, analysis, and display of information workflow. This workflow has been held to be directed to an abstract idea (FairWarning – monitoring user accounts for anomalous behavior). The claims are directed to monitoring settings; mapping settings to risk severities; incrementing counters; displaying risks in the user interface; and updating the user interface based on user input or automated response. These claims follow the same workflow held to be an abstract idea.
Step 2: Statutory Category Test
Further, the Applicant argues that the “claims integrate the idea into a practical application and/or amount to significantly more than an abstract idea itself and therefore are directed to patent-eligible subject matter under Section 101” since “the claims recite the additional elements of "implementing or updating the user interface to indicate a change in a setting of a user account experiencing the first security risk or a change in a network device within the BMS experiencing the second security risk based at
least in part on an input received from the user via the user interface or an automated response to the first security risk or the second security risk." Applicant contends “that additional elements recite a technical improvement in cybersecurity because they automatically mitigate the cybersecurity risk posed by network devices or accounts within the BMS, which is an improvement in technology.”
The Examiner disagrees since the limitation "implementing or updating the user interface to indicate a change in a setting of a user account experiencing the first security risk or a change in a network device within the BMS experiencing the second security risk based at least in part on an input received from the user via the user interface or an automated response to the first security risk or the second security risk" amounts to generic updating a user interface based on user input or automated responses. As discuss above, this activity amounts to a collecting, analyzing, and displaying of information. There is no underlying improvement in cybersecurity risk detection.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Levy Nahum (US 20210067543 A1) - Embodiments of the invention relate to the field of computer networks, and more specifically, to dynamically creating traffic counters during runtime based on actual web application layer requests received by a web application layer proxy.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARRIN HOPE whose telephone number is (571)270-5079. The examiner can normally be reached Mon-Thr - 6:45-4:15, Fri - 6:45-3:15, Alt. Fri Off.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Stephen S Hong can be reached at (571)272-4124. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
DARRIN HOPE
Examiner
Art Unit 2178
/STEPHEN S HONG/Supervisory Patent Examiner, Art Unit 2178