Service Protection for Software Agents on Protected Workloads

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This Office Action is in response to the communication and claim amendment filed on 09/16/2025; Claims 1, 3, and 16 have been amended; Claims 1, 3, and 16 are independent claims. Claims 1-20 have been examined and are pending. This Action is made FINAL. Response to Arguments 35 U.S.C. 112(f) claim interpretation is withdrawn as failing the third prong test. The rejection of claims 3, 6-10 and 12-15 under 35 U.S.C. 101 is withdrawn as the claims have been amended and applicant’s arguments are found persuasive. Applicants’ arguments in the instant Amendment, filed on 09/16/2025, with respect to limitations listed below, have been fully considered but they are not persuasive. Applicants’ arguments with respect to claims 1-20 have been considered but are moot in view of the new ground(s) of rejection. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-2 are rejected under 35 U.S.C. 103 as being unpatentable over Diehl et al. (“Diehl,” US 9,043,903) in view of Shadbolt et al. (“Shadbolt,” US 11,368,361). Regarding claim 1, Diehl teaches a device, comprising: a processor (Diehl: Col. 4, lines 5-7, devices of the security service cloud 104 may also include processors 130, network interfaces 132, and memory 134; Col. 5, lines, 41-43, The processor(s) 130 may be or include any sort of processing units, such as central processing units (CPU) or graphic processing units (GPU)); at least one network interface controller configured to provide access to a network (Diehl: Col. 4, lines 5-7, devices of the security service cloud 104 may also include processors 130, network interfaces 132, and memory 134; Col. 5, lines 43-46, The network interface(s) 132 allow the devices of the security service cloud 104 to communicate with one or both of the computing device 102 and other devices.); and a memory communicatively coupled to the processor, wherein the memory comprises a workload protection logic that is configured to (Diehl: Col. 4, lines 25-35: "The memory 134 may store a communications module 136 to communicate with the kernel-level security agent 114 of the computing device 102, an analysis module 138 to evaluate interesting events identified by the kernel-level security agent 114, a configuration module 140 to generate and provide configuration updates to the kernel-level security agent 114, a healing module 142 to halt or deceive malware executing on the computing device 102."): establish communication with one or more agents (Diehl: Col. 2, lines 25-30, "the security service cloud may receive notifications of observed events from the kernel-level security agent, may perform analysis of data associated with those events, may perform healing of the host computing device, and may generate configuration updates and provide those updates to the kernel-level security agent." Col. 6, lines 33-36, the configuration module 140 stored in memory 134 may generate configuration updates and provide those updates through the communications module 136.); determine that an agent of the one or more agents should disable the service protection configuration (Diehl: Col. 6, lines 49-59, "The healing module 142 may determine appropriate remedies to events determined to be associated with malicious code. For example, the healing module 142 may determine that an appropriate remedy is to halt a process associated with malicious code, to remove one or more executables, files, or registry keys... The healing module 142 may then instruct the kernel-level security agent 114 to perform the determined remedy." Col. 7, lines 9-14, "the administrative UI 146 may enable an administrator of the security service cloud 104 to be alerted to events... and to instruct the security service cloud 104 regarding an appropriate response.”); and Diehl does not explicitly teach: apply a service protection configuration to the agent, wherein the service protection configuration instructs the agent to refuse a request to stop a service associated with the agent received from an operating system of the workload; transmit a disable command to the agent of the one or more agents; wherein the disable command instructs the agent to accept the request to stop the service associated with the agent received from the operating system of the workload. However, in analogous art, Shadbolt teaches: apply a service protection configuration comprising an instruction for an agent of the one or more agents to refuse a service to stop a service associated with the agent received from a host operating system (Shadbolt: Col. 3, lines 38-42, "The tamper protection feature disclosed herein is configured to prevent malicious or other unwanted changes to security settings on devices, such as unauthorized attempts to disable security protection features, by limiting access to the tamper protection feature." Col. 3, lines 60-64, "The tamper protection feature provides an enterprise-wide shield that blocks attempts by malicious applications, as well as by day-to-day end-users (including, for example, end-users with local administrative privileges), to alter critical settings."; Col. 12, lines 48-51, "the end-user's 320 attempt to disable the anti-virus protection of fifth device 328 through a registry editor for the device is thwarted. The end-user 320 is unable to modify any aspect of the policy.") transmit a disable command to the agent of the one or more agents (Shadbolt: Col. 13, lines 3-12: "In response to this request, the system generates a policy command datagram that is specific to the targeted organization or enterprise at a third stage 630. The generated command further includes a time-to-live (TTL) value and is digitally signed. In a fourth stage 640, the command is received by the selected client devices. At this time, the client-side systems of the client device will process the command, which also involves a verification of the command in order to authenticate its source and establish its integrity"; Col. 14, lines 32-34, "in a third scenario 730, the system security administrator has elected to disable the tamper protection feature".) wherein the disable command instructs the agent to accept the request to stop the service associated with the agent received from the operating system of the workload (Shadbolt: Col. 12, lines 25-29, "the user interface 400 includes a drop-down menu 440 in which three possible configurations are offered, including (a) Not Configured; (b) Enable Tamper Protection; and (c) Disable Tamper Protection."; Col. 14, lines 25-30, "In a second scenario 720, the system security administrator has elected to enable the tamper protection feature... any attempts by threat actor 712 to disable the subscription service will be associated with no change 724 in the system." Col. 14, lines 32-36: "In a third scenario 730, the system security administrator has elected to disable the tamper protection feature. In such cases, any attempts by threat actor 712 to the subscription service will be associated with no change 734 in the system."). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Shadbolt with the method and system of Diehl to include apply a service protection configuration to the agent, wherein the service protection configuration instructs the agent to refuse a request to stop a service associated with the agent received from an operating system of the workload; transmit a disable command to the agent of the one or more agents ; wherein the disable command instructs the agent to accept the request to stop the service associated with the agent received from the operating system of the workload. One would have been motivated to prevent malware or unauthorized users from altering security configurations and disabling the security agent, thereby keeping endpoints protected from further exploitation (Shadbolt: Col. 4, lines 59-67). Regarding claim 2, the combination of Diehl and Shadbolt teaches the device of claim 1. The combination of Diehl and Shadbolt further teaches wherein the workload protection logic is further configured to: determine if at least one of the one or more agents should have an updated protection configuration (Diehl: Col. 6, lines 33-48, "The configuration module 140 stored in memory 134 may generate configuration updates and provide those updates through the communications module 136. The configuration module 140 may generate device-specific configuration updates or configuration updates applicable to multiple devices... The configuration module 140 may generate and provide configuration updates responsive to a notification from the computing device 102 or independently of any prior notification from the computing device 102.”; Col. 8, lines 30-32, "the security administrator 222 for a tenant will access the configuration manager 230... and select the desired policy setting for the tamper protection feature. In response, the configuration manager 230 will call an API to be implemented by the target service."; Col. 9, lines 47-50, "the configuration manager 230 can support adding exclusions for specific devices, as well as provide conflict resolution in case multiple policies are targeted to the same device."); and transmit an updated protection configuration to the at least one of the one or more agents (Diehl: Col. 6, lines 33-48, The configuration module 140 stored in memory 134 may generate configuration updates and provide those updates through the communications module 136"; Microsoft '361: Col. 9, lines 45-50, "the configuration processor 280 can distribute the command that will enable (or disable or remove) the tamper protection feature to the target client devices"; Col. 12, lines 43-46,"The command will be delivered by the configuration manager over the configuration service channel to the client side of the system, and the service executable at each device endpoint will interpret the policy."). Claims 3-8 are rejected under 35 U.S.C. 103 as being unpatentable over Diehl et al. (“Diehl,” US 9,043,903) in view of Shadbolt et al. (“Shadbolt,” US 11,368,361). Regarding claim 3, Diehl teaches a device, comprising: a processor (Diehl: Col. 3, lines 58-60, "In addition to components such as processors 108, network interfaces 110, and memory 112, the computing device 102 may implement a kernel-level security agent 114"); at least one network interface controller configured to provide access to a workload protection logic (Diehl: Col. 3, lines 58-60, "In addition to components such as processors 108, network interfaces 110, and memory 112, the computing device 102 may implement a kernel-level security agent 114"; Col. 5, lines 22-23, communications module 122 to communicate with the security service cloud); and a memory communicatively coupled to the processor, wherein the memory comprises an agent logic that is configured to (Diehl: the computing device 102 may implement a kernel-level security agent 114, which is shown stored in the memory 112 and executable by the processor(s) 108. The kernel-level security agent 114 may include components 116 to observe events and determine actions to take based on those events"): establish communication with the workload protection logic (Diehl: Col. 5, lines 19-23, "managers 120 to receive configuration updates from the security service cloud 104 and to perform the updates while continuing to observe events, and a communications module 122 to communicate with the security service cloud"; Col. 10, lines 55-61, "The communications module 122 may represent network protocol stack(s), network interface driver(s), and any other network interface components utilized by the kernel-level security agent 114 to communicate with the security service cloud 104 over the network 106"); receive a service protection configuration (Diehl: Col. 3, lines 50-55, "managers 120 to receive configuration updates from the security service cloud 104"; Col. 6, lines 27-48, "The configuration module 140 stored in memory 134 may generate configuration updates and provide those updates through the communications module 136... The configuration updates may include both updates responsive to interesting events and updates to the modules and data 116-122 comprising the kernel-level security agents 114"); enable service protection (Diehl: Col. 4, lines 1-20, "The kernel-level security agent 114 may include components 116 to observe events and determine actions to take based on those events, a situational model 118 to track attributes and behaviors of processes of the computing device 102"; Col. 2, lines 1-15: Col. 2, lines 7-13, "the kernel-level security agent loads before the operating system of the host computing device... By loading early in boot-time, the kernel-level security agent significantly reduces the window in which malware can become active"); Diedh does not explicitly disclose notify an operating system associated with the device to refuse a service stop; receive a disable command; determine if the disable command was received from the workload protection logic; notify the operating system to accept the service stop request. However, in analogous art, Shadbolt teaches notify an operating system associated with the device to refuse a service stop (Shadbolt: Col. 2, lines 1-15, "The tamper protection feature disclosed herein is configured to prevent malicious or other unwanted changes to security settings on devices, such as unauthorized attempts to disable security protection features, by limiting access to the tamper protection feature"; Col. 2, lines 35-45, "The tamper protection feature provides an enterprise-wide shield that blocks attempts by malicious applications, as well as by day-to-day end-users (including, for example, end-users with local administrative privileges), to alter critical settings"; Col. 9, lines 25-35, "when first actor 110 attempts to modify configuration settings to disable or otherwise tamper with the AVP system 180 configuration... results in the AVP system 180 blocking the action. As shown in an alternate third stage 106, the first device 120 prevents the first actor 110 from performing the modification"); receive a disable command (Shadbolt: Microsoft '361: Col. 13, lines 5-12: "In a fourth stage 640, the command is received by the selected client devices. At this time, the client-side systems of the client device will process the command, which also involves a verification of the command in order to authenticate its source and establish its integrity"; Col. 14, lines 32-34, "in a third scenario 730, the system security administrator has elected to disable the tamper protection feature"). determine if the disable command was received from the workload protection logic (Shadbolt: Col. 8, lines 15-35, "the client-side systems of the client device will process the command, which also involves a verification of the command in order to authenticate its source and establish its integrity. For example, in a fifth stage 650, the client device determines whether (a) the authenticity of the digital signature can be verified; (b) the tenant ID or other identifier corresponds to the tenant of which the client is a member; and (c) the command has expired"; Col. 6, lines 1-15, "The receiving endpoint verifies the validity and intent of the policy, establishing that it is a signed package that only security operations personnel with the necessary admin rights can control"; Col. 8, lines 40-50, "the command payload is targeted to a specific identifier associated with the subscription service. The identifier(s) of the command are compared against the identifier(s) in the protected registry value of the client device"); and notify the operating system to accept the service stop request (Shadbolt: Col. 13, lines 62-67, "If the client device determines that each of the three security mechanisms have been successfully verified, the command can be executed by the client device... the command is not available for modification by the end-user at any point"; Col. 9, lines 44-47, "the configuration processor 280 can distribute the command that will enable (or disable or remove) the tamper protection feature to the target client devices"; Col. 14, lines 25-34 (FIG. 7 description), "in a second scenario 720, the system security administrator has elected to enable the tamper protection feature... in a third scenario 730, the system security administrator has elected to disable the tamper protection feature). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Shadbolt with the method and system of Diehl to include notify an operating system associated with the device to refuse a service stop; receive a disable command; determine if the disable command was received from the workload protection logic; notify the operating system to accept the service stop request. One would have been motivated to prevent malware or unauthorized users from altering security configurations and disabling the security agent, thereby keeping endpoints protected from further exploitation (Shadbolt: Col. 4, lines 59-67). Regarding claim 4, the combination of Diehl and Shadbolt teaches the device of claim 3. The combination of Diehl and Shadbolt further teaches, wherein the device, in response to the determination that the disable command was received from the workload protection logic, disable the service protection (Shadbolt: Col. 13, lines 13-31, (Fig. 6, stage 650, ) "In a fifth stage 650, the client device determines whether (a) the authenticity of the digital signature can be verified; (b) the tenant ID or other identifier corresponds to the tenant of which the client is a member; and (c) the command has expired." "the verification technique mathematically guarantees integrity and authenticity of the received command based on the digital signature according to an asymmetric encryption algorithm used to generate the digital signature." "If a certificate is determined to be genuine by the client device, then the client device can assume that the public key identified in the certificate is associated with the particular entity identified in the certificate."; Col. 13, lines 62-65, (FIG. 6, Stage 660), "If the client device determines that each of the three security mechanisms have been successfully verified, the command can be executed by the client device in a sixth stage 660.); Col. 9, limes 44-47, "the configuration processor 280 can distribute the command that will enable (or disable or remove) the tamper protection feature to the target client devices". Col. 12, lines 25-29, FIG. 4 description):"drop-down menu 440 in which three possible configurations are offered, including (a) Not Configured; (b) Enable Tamper Protection; and (c) Disable Tamper Protection".). Regarding claim 5, the combination of Diehl and Shadbolt teaches the device of claim 3. The combination of Diehl and Shadbolt further teaches, wherein the device, in response to the determination that the disable command was not received from the workload protection logic, ignores disable command (Shadbolt: Col. 14, lines 15, If on the other hand the client device determines that any one of the three security mechanisms has failed verification, the command will be rejected in a seventh stage 670). Regarding claim 6, the combination of Diehl and Shadbolt teaches the device of claim 3. The combination of Diehl and Shadbolt further teaches, wherein the agent logic is further configured to: receive a configuration update command (Shadbolt: Col, 13, lines 8-9, FIG. 6, Stage 640"the command is received by the selected client devices"; Col. 15, lines 24-25, "configuration command comprising a first policy modification"); and determine if the configuration update command was received from the workload protection logic (Shadbolt: Coal. 13, lines 13-17, FIG. 6, Stage 650: "the client device determines whether (a) the authenticity of the digital signature can be verified; (b) the tenant ID or other identifier corresponds to the tenant of which the client is a member; and (c) the command has expired". Shadbolt: FIG. 6, Stage 650, Col 13, line 20-24, "the verification technique mathematically guarantees integrity and authenticity of the received command based on the digital signature"). Regarding claim 7, the combination of Diehl and Shadbolt teaches the device of claim 6. The combination of Diehl and Shadbolt further teaches, wherein the device, in response to the determination that the configuration update command was received from the workload protection logic (Shadbolt: Col. 13, lines 62-64, FIG. 6, Stage 660: "If the client device determines that each of the three security mechanisms have been successfully verified, the command can be executed"), update one or more configurations associated with the configuration update command (Shadbolt: FIG. 6, Stage 660: "the command can be executed"; Col. 15, lines 24-25, "changing the first policy... according to the first policy modification"). Regarding claim 8, the combination of Diehl and Shadbolt teaches the device of claim 6. The combination of Diehl and Shadbolt further discloses wherein the device, in response to the determination that the configuration update command was not received from the workload protection logic (Shadbolt: Col. 14, lines 1-5, FIG. 6, Stage 670: "If on the other hand the client device determines that any one of the three security mechanisms has failed verification"), the configuration update command is ignored (Shadbolt: FIG. 6, Stage 670: "the command will be rejected"). Claims 9-12 are rejected under 35 U.S.C. 103 as being unpatentable over Diehl et al. (“Diehl,” US 9,043,903) in view of Shadbolt et al. (“Shadbolt,” US 11,368,361), further in view of Ylonen et al. (“Ylonen,” US 9,832,177). Regarding claim 9, the combination of Diehl and Shadbolt teaches the device of claim 3. Diehl and Shadbolt do not explicitly disclose, wherein the agent logic is configured to receive commands from a backdoor command line execution process. However, in an analogous art, Ylonen discloses wherein the agent logic is configured to receive commands from command line execution process. (Ylonen: Col. 16, lines 26-29, "a request is sent to a host by connecting to the host using the SSH protocol, obtaining a shell (command interpreter) at the host, and sending commands to the shell over the SSH protocol and reading responses"; Col. 16, lines 31-37, "an agent program running on a host... runs a shell at the client (managed host) side, allowing the management system to send commands to the shell and read responses"; Col. 7, lines 56-60, "the management system may also provide an API (Application Programming Interface) for scripting and integration with other software packages (e.g., a command-line, function call or web services API)"). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ylonen with the method and system of Diehl and Shadbolt to include wherein the agent logic is configured to receive commands from a backdoor command line execution wherein the command is received from a command line execution process. One would have been motivated to provide CLI access the security agent would enable the same benefits of scripting and integration in the security agent context (Ylonen: 7, lines 56-60). Regarding claim 10, the combination of Diehl, Shadbolt, and Yolnen teaches the device of claim 9. The combination of Diehl, Shadbolt, and Yolnen further teaches, wherein the agent logic is further configured to determine if the disable command was received from the backdoor command line execution process (Shadbolt: Col. 12, lines 25-29, "(c) Disable Tamper Protection" option in drop-down menu 440; Shadbolt: Col. 9, lines 45-47, "command that will enable (or disable or remove) the tamper protection feature" "determine if the disable command was received from the backdoor command line execution process"; Col. 13, lines 13-31, Stage 650: "the client device determines whether (a) the authenticity of the digital signature can be verified; (b) the tenant ID or other identifier corresponds to the tenant of which the client is a member; and (c) the command has expired"; FIG. 6, Stage 650: "the verification technique mathematically guarantees integrity and authenticity of the received command based on the digital signature"). Regarding claim 11, the combination of Diehl, Shadbolt, and Yolnen teaches the device of claim 10. The combination of Diehl, Shadbolt, and Yolnen, wherein the agent logic, in response to the determination that the disable command was received from the backdoor command line execution process, disable the service protection (Shadbolt: Col. 1, lines 62-64, Stage 660: "If the client device determines that each of the three security mechanisms have been successfully verified, the command can be executed"; Yolnen: Col. 16, lines 26-29, "a request is sent to a host by connecting to the host using the SSH protocol, obtaining a shell (command interpreter) at the host, and sending commands to the shell over the SSH protocol and reading responses"; Col. 16, lines 31-37, "an agent program running on a host... runs a shell at the client (managed host) side, allowing the management system to send commands to the shell and read responses"; Col. 7, lines 56-60, "the management system may also provide an API (Application Programming Interface) for scripting and integration with other software packages (e.g., a command-line, function call or web services API)"; Shadbolt: Col. 12, lines 25-29, "(c) Disable Tamper Protection" option in drop-down menu 440; Shadbolt: Col. 9, lines 44-46, "command that will enable (or disable or remove) the tamper protection feature"; Shadbolt: Col., 13, lines 63-64 Stage 660: "the command can be executed".). Regarding claim 12, the combination of Diehl, Shadbolt, and Yolnen teaches the device of claim 10. the combination of Diehl, Shadbolt, and Yolnen wherein the device, in response to the determination that the disable command was not received from the workload protection logic or the backdoor command line execution process, ignores the disable command (Shadbolt: Col. 14, lines 1-5, Stage 670: "If on the other hand the client device determines that any one of the three security mechanisms has failed verification, the command will be rejected"; Shadbolt: Col. 14, lines 1-5, FIG. 6, Stage 670: "the command will be rejected".). Claims 13-15 are rejected under 35 U.S.C. 103 as being unpatentable over Diehl et al. (“Diehl,” US 9,043,903) in view of Shadbolt et al. (“Shadbolt,” US 11,368,361), further in view of Smith et al. (“Smith,” US 10,154,067). Regarding claim 13, the combination of Diehl and Shadbolt teaches the device of claim 3. Diehl and Shadbolt do not explicitly disclose, wherein the agent logic is further configured to receive a service request. However, in an analogous art, Smith discloses wherein the agent logic is further configured to receive a service request (Smith: Col. 6, lines 34-45, The local security …detects that the requesting application 104a has made the communication request, intercepts the request, and blocks the request from proceeding further at least until the source local security agent 106a as evaluated whether the request matches a local policy; Col. 6, lines 44-47, The local security agent 106a evaluates the request against the locally stored policies 124a in order to determine whether to allow or deny the request). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smith with the method and system of Diehl and Shadbolt to include wherein the agent logic is further configured to receive a service request. One would have been motivated to provide the system which protects against policy violations that are not detected by traditional systems with­out requiring alterations to the source and destination appli­cations or the network traffic between them (Smith: abstract). Regarding claim 14, the combination of Diehl, Shadbolt, and Smith teaches the device of claim 13. The combination of Diehl, Shadbolt, and Smith further teaches, wherein a notification to the operating system includes at least a notification that no service requests will be accepted until the service protection configuration is disabled (Shadbolt: Col. 3, lines 43-46, "changes in management and deployment of the desired tamper protection state may only be made through a designated cloud-based enterprise mobility management tool (MMT)"; abstract, "tamper protection locks the selected service and prevents security settings from being changed through third-party apps and methods; Col. 2, lines 61-65, "the protected state ensuring the first policy is not modified in response to an unsigned modification request." Col. 12, lines 5053, "The end-user 320 is unable to modify any aspect of the policy, resulting in the continued maintenance of the desired system-wide protection."; Col. 12, lines 25-29, "the user interface 400 includes a drop-down menu 440 in which three possible configurations are offered, including (a) Not Configured; (b) Enable Tamper Protection; and (c) Disable Tamper Protection."; Col. 14, lines 25-30, "In a second scenario 720, the system security administrator has elected to enable the tamper protection feature... any attempts by threat actor 712 to disable the subscription service will be associated with no change 724 in the system). Regarding claim 15, the combination of Diehl, Shadbolt, and Smith teaches the device of claim 14. The combination of Diehl, Shadbolt, and Smith further teaches, wherein the agent logic is further configured to: determine if the service protection configuration is enabled (Shadbolt: Col. lines; Shadbolt: Col. 12, lines 18-30; Three configuration states: "(a) Not Configured; (b) Enable Tamper Protection; (c) Disable Tamper Protection"); and in response to the protection configuration being enabled, ignore the service request (Shadbolt: Col. 15, lines, 31-34, Activating a protected state for the first policy in response to the authentication, the protected state ensuring the first policy is not modified in response to an unsigned modification request.”). Claims 16 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Diehl et al. (“Diehl,” US 9,043,903) in view of Shadbolt et al. (“Shadbolt,” US 11,368,361), further in view of Burch et al. (“Burch,” US 10,084,773) Regarding claim 16, Diehl teaches a method of operating an agent, comprising: establishing communication with a workload protection logic (Diehl: Col. 5, lines 19-23, "managers 120 to receive configuration updates from the security service cloud 104 and to perform the updates while continuing to observe events, and a communications module 122 to communicate with the security service cloud"; Col. 10, lines 55-61, "The communications module 122 may represent network protocol stack(s), network interface driver(s), and any other network interface components utilized by the kernel-level security agent 114 to communicate with the security service cloud 104 over the network 106"); receiving a service protection configuration (Diehl: Col. 3, lines 50-55, "managers 120 to receive configuration updates from the security service cloud 104"; Col. 6, lines 27-48, "The configuration module 140 stored in memory 134 may generate configuration updates and provide those updates through the communications module 136... The configuration updates may include both updates responsive to interesting events and updates to the modules and data 116-122 comprising the kernel-level security agents 114"); enabling service protection (Diehl: Col. 4, lines 1-20, "The kernel-level security agent 114 may include components 116 to observe events and determine actions to take based on those events, a situational model 118 to track attributes and behaviors of processes of the computing device 102"; Col. 2, lines 1-15: Col. 2, lines 7-13, "the kernel-level security agent loads before the operating system of the host computing device... By loading early in boot-time, the kernel-level security agent significantly reduces the window in which malware can become active"); Diedh does not explicitly disclose notifying an operating system associated with a device to refuse a service stop; notify the operating system to accept the service stop request. However, in an analogous art, Shadbolt discloses notifying an operating system associated with a device to refuse a service (Shadbolt: Col. 2, lines 1-15, "The tamper protection feature disclosed herein is configured to prevent malicious or other unwanted changes to security settings on devices, such as unauthorized attempts to disable security protection features, by limiting access to the tamper protection feature"; Col. 2, lines 35-45, "The tamper protection feature provides an enterprise-wide shield that blocks attempts by malicious applications, as well as by day-to-day end-users (including, for example, end-users with local administrative privileges), to alter critical settings"; Col. 9, lines 25-35, "when first actor 110 attempts to modify configuration settings to disable or otherwise tamper with the AVP system 180 configuration... results in the AVP system 180 blocking the action. As shown in an alternate third stage 106, the first device 120 prevents the first actor 110 from performing the modification".); notify the operating system to accept the service stop request (Shadbolt: Col. 13, lines 62-67, "If the client device determines that each of the three security mechanisms have been successfully verified, the command can be executed by the client device... the command is not available for modification by the end-user at any point"; Col. 9, lines 44-47, "the configuration processor 280 can distribute the command that will enable (or disable or remove) the tamper protection feature to the target client devices"; Col. 14, lines 25-34 (FIG. 7 description), "in a second scenario 720, the system security administrator has elected to enable the tamper protection feature... in a third scenario 730, the system security administrator has elected to disable the tamper protection feature). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Shadbolt with the method and system of Diehl to include notifying an operating system associated with a device to refuse a service stop; notify the operating system to accept the service stop request. One would have been motivated to prevent malware or unauthorized users from altering security configurations and disabling the security agent, thereby keeping endpoints protected from further exploitation (Shadbolt: Col. 4, lines 59-67). Diehl and Shadbolt do not explicitly disclose receiving a command with a time-based one-time password (TOTP); (f) verify the TOTP is valid; executing, in response to the TOTP being verified as valid, the command; However, in an analogous art, Burch discloses receiving a command with a time-based one-time password (TOTP) (Burch: Col. 5, lines 57-61, (FIG. 1C description), "At 6, the MA read the TOTPS, which is stored in the key chain and hashes it with the 'Time Of Day' (TOD), and then, the MA displays the results as the TOTP. The end user types (enters) the TOTP into the browser form on his/her desktop. Then, the browser submits the form."; Col. 5, lines 62-64, "At 7, the form is sent to the TAA [TOTP Access Appliance]... The two TOTP are compared."); verify the TOTP is valid (Burch: Col. 5, lines 62-67, "At 7, the form is sent to the TAA, The TAA hashes the TOD with the TOTPS, which was calculated at 5. The two TOTP are compared. If the two TOTPs (user provided and TAA generated) match the user is successfully authenticated, if no match, then, the process is repeated for a time just before or after the current TOD."); executing, in response to the TOTP being verified as valid, the command (Burch: Col. 6, lines 4-8, "At 8, the [I]DP returns a valid SAML token to the SP. At 9, the SP redirects the browser back to the protected resource. At 10, the user's browser on the mobile device is allowed access to the protected resource."); Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Burch with the method and system of Diehl and Shadbolt to include (e) receiving a command with a time-based one-time password (TOTP); verify the TOTP is valid; executing, in response to the TOTP being verified as valid, the command. One would have been motivated to add TOTP verification commands because Burch teaches that TOTP provides “a higher level of security” and “limit risk of secret exposure” (Burch: Col. 1, lines 10-12; Col. 7, lines 10-13). Regarding claim 18, the combination of Diehl, Shadbolt, and Burch teaches the method of claim 16. The combination of Diehl, Shadbolt, and Burch further teaches, wherein the command is received from a workload protection logic (Diehl: Col. 6, lines 57-62, "The healing module 142 may then instruct the kernel-level security agent 114 to perform the determined remedy. In some embodiments, the healing module 142 may provide the instructions via an event generated by the healing module 142 and provided to the kernel-level security agent 114."; Col. 6, lines 3-21, "The analysis module 138 may determine that an interesting event may be associated with malicious code based on these determinations and evaluations and may, in response... invoke the healing module 142 to perform healing of computing devices 102 associated with the interesting event or deceiving of an adversary associated with the malicious code."; Col. 6, lines 49-59, "the healing module 142 may determine that an appropriate remedy is to halt a process associated with malicious code, to remove one or more executables, files, or registry keys, or to deceive malicious code... The healing module 142 may then instruct the kernel-level security agent 114 to perform the determined remedy."). Regarding claim 19, the combination of Diehl, Shadbolt, and Burch teaches the method of claim 16. The combination of Diehl, Shadbolt, and Burch further teaches, wherein the command is a configuration update command (Diehl: Col. 23, lines :55-60 (Claim 1): "receiving, at a target device, a configuration command comprising a first policy modification for a tamper protection policy"; Col. 15:25-26, "changing the first policy at the target device according to the first policy modification"; Col. 7, lines 11-13, "the configuration manager 230 centrally manages the policy configuration requests from the various policy sources for the client device"). Regarding claim 20, the combination of Diehl, Shadbolt, and Burch teaches the method of claim 16. The combination of Diehl, Shadbolt, and Burch further teaches, wherein the command is a disable command (Shadbolt teaches: Col. 12, lines 26-29, FIG. 4, "the user interface 400 includes a drop-down menu 440 in which three possible configurations are offered, including (a) Not Configured; (b) Enable Tamper Protection; and (c) Disable Tamper Protection"; Col. 9, lines 47-50, "the configuration processor 280 can distribute the command that will enable (or disable or remove) the tamper protection feature to the target client devices"; Col. 14, lines 21-24, (FIG. 7): "a threat actor 712 is depicted as being able to make modifications 714 in either direction (i.e., 'ON' to 'OFF', or 'OFF' to 'ON') to the subscription service at the endpoint device"). Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Diehl et al. (“Diehl,” US 9,043,903) in view of Shadbolt et al. (“Shadbolt,” US 11,368,361), and Burch et al. (“Burch,” US 10,084,773), further in view of Ylonen et al. (“Ylonen,” US 9,832,177). Regarding claim 17, the combination of Diehl, Shadbolt, and Burch teaches the method of claim 16. Diehl, Shadbolt, and Burch do not explicitly teach, wherein the command is received from a command line execution process. However, in an analogous art, Ylonen discloses wherein the command is received from a command line execution process (Ylonen: Col. 16, lines 26-29, "a request is sent to a host by connecting to the host using the SSH protocol, obtaining a shell (command interpreter) at the host, and sending commands to the shell over the SSH protocol and reading responses"; Col. 16, lines 31-37, "an agent program running on a host... runs a shell at the client (managed host) side, allowing the management system to send commands to the shell and read responses"; Col. 7, lines 56-60, "the management system may also provide an API (Application Programming Interface) for scripting and integration with other software packages (e.g., a command-line, function call or web services API)"). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ylonen with the method and system of Diehl, Shadbolt, and Burch to include wherein the command is received from a command line execution process. One would have been motivated to provide CLI access the security agent would enable the same benefits of scripting and integration in the security agent context (Ylonen: 7, lines 56-60). Conclusion Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CANH LE whose telephone number is (571)270-1380. The examiner can normally be reached on Monday to Friday 6:00AM to 3:30PM other Friday off. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham, can be reached at telephone number 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from Patent Center and the Private Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from Patent Center or Private PAIR. Status information for unpublished applications is available through Patent Center and Private PAIR for authorized users only. Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form. /Canh Le/ Examiner, Art Unit 2439 January 11th, 2026 /LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439