DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Specification The disclosure is objected to because of the following informalities: Personal pronouns “us” and “we” are used in paragraphs [0040] and [0041] and should be changed to impersonal terminology. Appropriate correction is required. Claim Objections Claim 7 is FILLIN "Enter claim indentification information" \* MERGEFORMAT objected to because of the following informalities: There should be articles (e.g., “the”) preceding “windows” and “source system.” Appropriate correction is required. Claim 9 is objected to because of the following informalities: There should be an article (e.g., “the”) preceding “temporary linux system.” Appropriate correction is required. Claim 9 is objected to because of the following informalities: There is a space between the semi-colon and the word “system” in line 2. Appropriate correction is required. Claim 16 is objected to because of the following informalities: There are two periods in the claim. Appropriate correction is required. Claim 17 is objected to because of the following informalities: There are three periods in the claim. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b ) CONCLUSION.— The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the appl icant regards as his invention. Claim s 4 -10 and 13-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 4 contains a reference to “the scan runs” in line 2. There is insufficient antecedent basis for this limitation in the claim. Claim 5 requires “elevated privileges , ” which is a relative term and renders the claim indefinite. The term “elevated privileges” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. Claim 6 contains a reference to “the functionality” in line 10. There is insufficient antecedent basis for this limitation in the claim. Claim 7 contains a reference to “the instance;” however, this reference is ambiguous because “a VM instance,” “an instance,” and “a temporary linux instance” have been previously defined. Therefore, reference to “the instance” is ambiguous. Claim 8 contains a reference to “the system;” however, this reference is ambiguous because several systems have previously been defined. Claim 9 contains a reference to “the next launch” in line 5. There is insufficient antecedent basis for this limitation in the claim. Claim 9 contains a reference to “the windows instance” in line 5. There is insufficient antecedent basis for this limitation in the claim. Claim 10 contains a reference to “scanning the docker image” in line 1. However, the claim, and its parent claims, have not previously defined a docker image or that a docker image is scanned. Therefore, there is insufficient antecedent basis for this limitation in the claim. Claims 13-18 recite commensurate subject matter as claims 3-10; therefore, they are indefinite for the same reasons. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis ( i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness . Claim (s) 1 , 10 , 11, and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mandagere (US 11,250,136) and further in view of Suryanarayana (US 12,061,704) . Regarding claim 1 , Mandagere teaches: A method of an agent-less scanning of cloud infrastructure (col. 7:27-29, “ a workload includes a backup function and is configured to perform a backup snapshot on its own without backup agent 104 ”) , the method comprises: running a virtual machine (VM) from a customer account (col. 7:3-5, “ Primary system 102 may be configured to run one or more workloads 103. Examples of workloads include, but are not limited to, a virtual machine ”) and creating a snapshot of the VM in the customer account and saving the snapshot of the virtual machine into a storage account (col. 1:48-50, “ The primary system may perform a backup snapshot of file system data according to a backup policy and send the backup snapshot to a storage system ”) ; creating at least one of: a docker image, a VM instance (col. 2:16-20, “ The contents included in a backup snapshot may be indexed. For example, an index may indicate which version of an application was backed up in the backup snapshot, which version of a virtual machine was backed up in the backup snapshot, etc ”) and a bare-metal system, by restoring the snapshot saved in the storage account and gaining access to a restored system (col. 10:49-52, “ Storage system 112 may further restore the version of primary system 102 or a workload 103 in part by providing access, in temporary environment 118, to the data associated with the cloned view ”) ; and scanning the restored system (col. 14:39-40, “ At 208, a vulnerability scan of the restored instance is performed ”) . Mandagere does not teach; however, Suryanarayana discloses: scanning the restored system by one of: using an ephemeral scanner that runs during a boot time of an instance (col. 5:40-44, “ prior to booting the runtime OS, the illustrated method determines (operation 210), in accordance with the vulnerability information acquired during a previous tenure of the runtime OS, whether to perform a comprehensive vulnerability detection (CVD) boot ”) or using a docker based command on a launched container. It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of scanning the restored system by one of: using an ephemeral scanner that runs during a boot time of an instance or using a docker based command on a launched container , as taught by Suryanarayana , in the same way to the scanning , as taught by Mandagere . Both inventions are in the field of scanning for vulnerabilities , and combining them would have predictably resulted in a method configured to “ perform a vulnerability aware (VA) boot sequence ,” as indicated by Suryanarayana ( abstract ). Regarding claim 10, Suryanarayana teaches: The method of claim 1, wherein scanning of the docker image further comprises: launching a docker image (col. 5:61-64, “ an EOS space 301 encompassing, in the depicted example, OS configuration data, VM docker partitions data, file system data, container image data, firmware configuration data, and Git repository data ”) ; and running the scan operations using docker command for performing a scan task (col. 2:26-29, “ OS independent incremental scans dynamically mitigate vulnerabilities in OS-specific data, virtual machines (VMA), Docker Partitions, Container Images, etc ”) . Claims 11 and 18 recite commensurate subject matter as claims 1 and 10. Therefore, they are rejected for the same reasons. Claim (s) 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mandagere and Suryanarayana, as applied above, and further in view of Nguyen (US 11,899,786) . Regarding claim 2 , Mandagere and Suryanarayana do not teach; however, Nguyen discloses: terminating one or more instances of the ephemeral scanner by sending a message to at least one of: a cloud and a plurality of cloud servers for terminating the instances (col. 9:28-31, “ the computing device 104 can provide to entity 110 information included in the response, or can quarantine or delete file(s) indicated in the response as being associated with a security violation ”) . It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of terminating one or more instances of the ephemeral scanner by sending a message to at least one of: a cloud and a plurality of cloud servers for terminating the instances , as taught by Nguyen, in the same way to the cloud- init functionality, as taught by Mandagere and Suryanarayana. Both inventions are in the field of detecting vulnerabilities, and combining them would have predictably resulted in a method configured to “ quarantine or delete the exploit ,” as indicated by Nguyen (col. 2:2). Claim (s) 3 , 4 , 12, and 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mandagere and Suryanarayana, as applied above, and further in view of Nickolov (US 2020/0204468) . Regarding claim 3, Mandagere and Suryanarayana do not teach; however, Nickolov discloses: leveraging a cloud init functionality exposed by a plurality of cloud vendors to run an agent-less scanning during the boot time of an instance (¶ 676, “ the operation(s) of building a new base image may be implemented as a set of configuration modification instructions to be executed on an existing base image, such as, for example during the “cloud init ” phase of an Amazon EC2 virtual machine image ”) , in a linux based system (¶ 86, “ a modern Linux operating system may include several thousand packages ”) . It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of leveraging a cloud init functionality exposed by a plurality of cloud vendors to run an agent-less scanning during the boot time of an instance, in a linux based system , as taught by Nickolov , in the same way to the method , as taught by Mandagere and Suryanarayana. Both inventions are in the field of scanning for vulnerabilities , and combining them would have predictably resulted in “ evaluating server system reliability, vulnerability and component compatibility using crowdsourced server and vulnerability data ,” as indicated by Nickolov ( ¶ 4 ). Regarding claim 4, Mandagere teaches: The method of claim 3, further comprises obtaining a new snapshot to get the latest state of the system scanned during the scan runs (abstract, “ A backup snapshot among a plurality of backup snapshots is selected. ”) . Claims 12 and 13 recite commensurate subject matter as claims 3 and 4. Therefore, they are rejected for the same reasons. Claim (s) 5 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mandagere , Suryanarayana, and Nickolov , as applied above, and further in view of Nguyen (US 11,899,786) . Regarding claim 5, Mandagere , Suryanarayana, and Nickolov do not teach; however, Nguyen discloses: the cloud- init functionality allows the scanner to run at boot time with elevated privileges ( col. 22:18-19, “ mitigation module 236 can run at ring zero (on x86 processors) or another high-privilege execution level ” ) which allows performing at least one of: a misconfiguration check or a compliance check at an operating system (OS) level (col. 37:46-47, “ At 426, the security subsystem 248 can determine that event 402 is associated with a security violation ”) . It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of the cloud- init functionality allows the scanner to run at boot time with elevated privileges which allows performing at least one of: a misconfiguration check or a compliance check at an operating system (OS) level , as taught by Nguyen, in the same way to the cloud- init functionality, as taught by Mandagere , Suryanarayana, and Nickolov . Both inventions are in the field of detecting vulnerabilities, and combining them would have predictably resulted in a method configured to “ quarantine or delete the exploit ,” as indicated by Nguyen (col. 2:2). Claim 14 recites commensurate subject matter as claim 5. Therefore, they are rejected for the same reasons. Claim (s) 6 , 7, 8 , 15, and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mandagere and Suryanarayana, as applied above, and further in view of Le (US 2012/0265959 ) . Regarding claim 6, Mandagere and Suryanarayana do not teach; however, Le discloses: preparing a windows system by performing the steps comprising: a) launching a windows snapshot of a source system to be scanned (¶ 73, “ A user runs Sysprep on a Windows 2000 computer before capturing an image of that computer . Sysprep accepts a file specifying all of the possible disk controllers that a destination computer might use when the image is deployed in the future ”) ; and b) detaching a boot volume of the source system (¶ 36, “ Before a capture operation, the imaging system shuts down the source computer, causing all software from its disk, including applications and the primary operating system, to unload from memory ”) and launching a temporary linux instance with a secure shell (ssh) access enabled (¶ 49, “ The secondary operating system used tends to be based on DOS or Linux, since those operating systems tend to be lightweight, low cost, and easily customizable for disk imaging tasks ”) ; attaching the boot volume of the source system to a temporary linux system (¶ 37, “ The secondary operating system includes and loads the imaging client ”) ; starting the temporary linux system and mounting the windows disk on the temporary linux system using cloud init (¶ 39, “ The client then uses the secondary operating system's file system driver, or its own driver, to format the destination disk, thereby creating an empty file system. The client then reads the image file from the imaging server, and re-creates the appropriate files and folders on the destination file system ”) ; and booting up the windows machines (¶ 460, “ the UCMS server dismounts the source and destination disks, then instructs the imaging client to reboot the destination computer from its newly deployed physical disk ”) and running the scanner during windows startup and receiving the functionality comprising the misconfiguration check and the compliance check at an operating system (OS) level (it would have been obvious to repeat the scanning taught by Mandagere and Suryanarayana ) . It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of preparing a windows system by performing the steps comprising: a) launching a windows snapshot of a source system to be scanned; and b) detaching a boot volume of the source system and launching a temporary linux instance with a secure shell (ssh) access enabled; attaching the boot volume of the source system to a temporary linux system; starting the temporary linux system and mounting the windows disk on the temporary linux system using cloud init ; and booting up the windows machines , as taught by Le , in the same way to the method, as taught by Mandagere and Suryanarayana. Both inventions are in the field of managing snapshots of systems , and combining them would have predictably resulted in “ the creation, manipulation and deployment of computer disk images ,” as indicated by Le (¶ 3 ). Regarding claim 7, Le discloses: The method of claim 6, wherein launching windows snapshot of source system to be scanned further comprises: launching the windows snapshot (¶ 10, “ Image capture is the process of creating an image file from a computer's disk ”) ; and shutting down the instance after the window snapshot is launched (¶ 298, “ Once the desired changes are made, the user shuts down the helper virtual machine and then detaches the reconfigured disk ”) . Regarding claim 8, Le discloses: The method of claim 6, wherein detaching the boot volume comprises detaching a disk from the system (¶ 558, “ The user finally shuts down the virtual host and then detaches its second virtual disk ”) . Claims 15 and 16 recite commensurate subject matter as claims 6-8. Therefore, they are rejected for the same reasons. Claim (s) 9 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mandagere , Suryanarayana and Le (US 2012/0265959) , as applied above, and further in view of Le (US 7,356,679) . Regarding claim 9, Mandagere , Suryanarayana and Le (US 2012/0265959) do not teach; however, Le (US 7,356,679) discloses: installing a new technology file system ( ntfs ) driver on the linux system ( col. 7:16-19, “ An NTFS driver exists on Linux, a free operating system, and was developed by using both publicly available information and information collected from reverse engineering ” ) ; installing a chntpw utility ( col. 9:58-61, “ Windows 2000 uses a central configuration file called the "registry." The registry contains thousands of entries containing software and system configuration information ”) ; mounting a new technology file system ( ntfs ) volume (col. 63:44-46, “ it performs a loop-back mount of that object, i.e., it maps the image or the disk to a simulated local disk ”) ; injecting a windows service to start on the next launch of the windows instance using a reged command (col. 72:37-43, “ The UCMS first maps the image to a simulated local (source) disk 2210 using loop-back mounting as described above and then invokes an API function called RegLoadKey ( ) to load the hive from the simulated disk into a temporary subtree within the server operating system's registry and then accesses the desired registry entries under the temporary subtree using other well-known Windows 2000 API functions ”) ; and installing a required service binary on the windows disk and configuring a service binary to start the scanner when windows starts up and unmounting the volume (col. 77:52-56, “ the UCMS can greatly simplify the process by automatically inserting the boot-time agent, creating the registry entries and creating a customized version of the configuration settings file inside the image just before deploying it ”) . It would have been obvious to a person having ordinary skill in the art, at the effective filing date of the invention, to have applied the known technique of installing a new technology file system ( ntfs ) driver on the linux system; installing a chntpw utility; mounting a new technology file system ( ntfs ) volume; injecting a windows service to start on the next launch of the windows instance using a reged command; and installing a required service binary on the windows disk and configuring a service binary to start the scanner when windows starts up and unmounting the volume , as taught by Le (US 7,356,679) , in the same way to the method, as taught by Mandagere , Suryanarayana and Le (US 2012/0265959) . Both inventions are in the field of managing snapshots of systems, and combining them would have predictably resulted in “ the creation, manipulation and deployment of computer disk images ,” as indicated by Le (US 7,356,679) ( col. 1:16-17 ). Claim(s) 17 recite(s) commensurate subject matter as claim(s) 9. Therefore, it/they is/are rejected for the same reasons. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Shua (US 11,663,032) discloses “ determining a location of a snapshot of at least one virtual disk of a protected virtual cloud asset, wherein the virtual cloud asset is instantiated in the cloud computing environment ” (abstract) which relates to the disclosed creating snapshots of a VM. Beyo (US 2023/0025740) discloses “ creating a sandbox environment in the cloud environment associated with the user, loading scanner code in the sandbox environment, wherein the scanner code includes code for performing a data security assessment, loading and restoring a snapshot of the database in the sandbox environment, setting a unique password for admin access to the restored snapshot of the database ” (abstract) which relates to the disclosed creating snapshots of a VM. Any inquiry concerning this communication or earlier communications from the examiner should be directed to FILLIN "Examiner name" \* MERGEFORMAT JACOB D DASCOMB whose telephone number is FILLIN "Phone number" \* MERGEFORMAT (571)272-9993 . The examiner can normally be reached FILLIN "Work Schedule?" \* MERGEFORMAT M-F 9:00-5:00 . Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FILLIN "SPE Name?" \* MERGEFORMAT Pierre Vital can be reached at FILLIN "SPE Phone?" \* MERGEFORMAT (571) 272-4215 . The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JACOB D DASCOMB/ Primary Examiner, Art Unit 2198