APPLICATION ACCESS ANALYZER

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statements (IDS) submitted on 01/141/2026 and 04/13/2026 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner. Specification The abstract of the disclosure is objected to because it uses a phrase which can be implied (“An analysis of application access is disclosed.”). A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b). Applicant is reminded of the proper language and format for an abstract of the disclosure. The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details. The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc. In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claim(s) 1-4, 13-17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Shemer et al. (U.S. Patent Application Publication No. 2022/0029902, hereinafter “Shemer”) in view of Hong et al. (U.S. Patent Application Publication No. 2012/0281528, hereinafter “Hong”). Claims 1, 13, and 20: Shemer discloses a system, comprising: a processor (§ 0056, Lines 1-2; Computing system 310 includes at least one processor 350) configured to: monitor access to an application over a network (§ 0027, Lines 2-4; Detection tools which utilize aspects of machine learning and artificial intelligence to detect anomalous events or activity in a network); automatically determine a root cause of an issue associated with the access to the application over the network for a user using an application access analyzer (§ 0037; An underlying event or events causing an anomalous condition in a network can be identified. In some examples, clustering based on network features can be used to identify an anomaly or to identify the source, root, or cause of an anomaly. In other examples, the source or the cause of the anomaly can be identified), wherein the automatically determining of the root cause comprises to: determine an anomaly in user authentication based on one or more of the following: user auth status, device information, and/or gateway information (§ 0048, Lines 24-27; The network data or traffic can be unexpected or anomalous, such as an intrusion by an unauthorized user in the network or virtual machine through a blacklisted IP address); identify a network service connectivity issue based on one or more of the following: a probe test result, a ping test result, and/or a curl test result (§ 0068; Examples of network parameters include information or parameters such as node status, throughput, response time, waiting time, network topology, average traffic data, time series analysis of network, round trip time (RTT), packet retransmits, packet size distribution, number of new connections, and rate of increase or decrease in the number of connections); and monitor a security policy issue based on whether a security policy allows or denies access (§ 0048, Lines 24-27; The network data or traffic can be unexpected or anomalous, such as an intrusion by an unauthorized user in the network or virtual machine through a blacklisted IP address); and perform an action in response to determining the root cause of the issue associated with the access to the application over the network for the user (§ 0036, Lines 1-3; Information or analysis performed by a detection tool is provided in a meaningful and actionable way to users); and a memory coupled to the processor and configured to provide the processor with instructions (§ 0056, Lines 1-4; Computing system 310 includes at least one processor 350 for performing actions in accordance with instru0ctions and one or more memory devices 370 or 375 for storing instructions and data). Shemer does not appear to disclose the probe test result, the ping test result, and/or the curl test result are an Autonomous Digital Experience Management (ADEM) probe test result, an ADEM ping test result, and/or an ADEM curl test result, respectively. Hong discloses an autonomous management system comprising an active measurement agent that may transmit the result of measuring and analyzing a state of a network using an active measurement (AM) method such as an Internet Control Message Protocol (ICMP) echo request packet (§ 0030, Lines 1-10) where the autonomous management controller may analyze a current network state and request measurement, which is additionally required for obtaining detailed network state information (§ 0032, Lines 1-5). Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Shemer’s monitoring module with features of Hong’s autonomous management controller in order to rapidly solve problems that have occurred or may occur in a network (Hong, § 0017, Lines 6-7). The method of claim 13 is implemented by the system of claim 1 and is therefore rejected with the same rationale. Regarding the “computer program product embodied in a non-transitory computer readable medium” of claim 20, Shemer discloses that memory 370 may be any device suitable for storing computer readable data (§ 0058, Lines 1-2). § 0058, ln. 4-9 discloses various examples of said suitable device. Claims 2 and 14: Shemer in view of Hong further discloses wherein the application access analyzer determines the root cause of the issue associated with the access to the application over the network for the user by correlating a plurality of data sources across a plurality of domains using artificial intelligence and/or machine learning (Shemer, § 0028, Lines 8-10; The technology disclosed herein can use multivariate and evolving properties of networks to detect anomalous network events) (Shemer, § 0054, Lines 4-7; The system can monitor for a collective or multi-factor change in the system to determine an anomalous condition rather than only monitoring individual changes in the parameters), and wherein the plurality of domains includes network (Shemer, § 0048, Lines 24-26; The network data or traffic can be unexpected or anomalous, such as during a denial of service attack), authentication (Shemer, § 0048, Lines 24-27; The network data or traffic can be unexpected or anomalous, such as an intrusion by an unauthorized user in the network or virtual machine through a blacklisted IP address), DNS (Shemer, § 0068, Lines 2-4; Examples of network parameters include information or parameters such as DNS Server and Host Name), SaaS/Private App health (Shemer, § 0048, Lines 24-25 and 33-35; The network data or traffic can be unexpected or anomalous, such as software versions are corrupt, outdate, or not present in some of the virtual machines or in a group of virtual machines), and security policy configuration (Shemer, § 0048, Lines 24-27; The network data or traffic can be unexpected or anomalous, such as an intrusion by an unauthorized user in the network or virtual machine through a blacklisted IP address). Claims 3 and 15: Shemer in view of Hong further discloses wherein the application access analyzer automatically detects a performance degradation associated with the access to the application over the network for the user or a group of users (Shemer, § 0048, Lines 24-35; The network data or traffic can be unexpected or anomalous, such as during a denial of service attack or a key component of the network fails, among other things). Claims 4 and 16: Shemer in view of Hong further discloses wherein the action includes generating a human consumable and actionable verdict analysis that reduces a mean time to detect and remediate application connectivity issues (Shemer, § 0082, Lines 1-3 and 5-6; A notification can be sent to a user device. The notification can be for example similar to table 230, alert 240, alert 250, or indications 260 or 270. The notification may be formatted in a manner that is easily interpreted by humans). Claim 17: Shemer in view of Hong further discloses wherein the automatically determining the root cause of the issue associated with the access to the application over the network for the user using the application access analyzer includes identifying a network infrastructure issue, a customer network services issue, client connectivity issue, SaaS/private application (app) health issue, and/or other connectivity/reachability or performance degradation issue (Shemer, § 0048, Lines 24-35; The network data or traffic can be unexpected or anomalous, such as during a denial of service attack or a key component of the network fails, among other things). Claim(s) 6 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Shemer et al. (U.S. Patent Application Publication No. 2022/0029902, hereinafter “Shemer”) in view of Hong et al. (U.S. Patent Application Publication No. 2012/0281528, hereinafter “Hong”); further in view of Hoja et al. (U.S. Patent Application Publication No. 2017/0134247, hereinafter “Hoja”). Claims 6 and 18: Shemer in view of Hong discloses the system as recited in claim 1 and the method as recited in claim 13. Shemer in view of Hong does not appear to disclose wherein the application access analyzer auto discovers a network topology that is used by the user to access the application. Hoja discloses an application access analyzer auto discovers a network topology that is used by the user to access the application (§ 0048, Lines 1-4 and 7-8; The described embodiments are directed to the view of topology relationships between processes being part of a distributed application equipped with the rich set of information related to the quality of communication. Topology can be discovered at the level of processes). Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Shemer and Hong’s detection tools with Hoja’s system in order to allow tracking of communication and relationships, the quality of communication, the completeness of communication, which requires a deeper level of insight (Hoja, § 0048, Lines 9-12). Claim(s) 7 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Shemer et al. (U.S. Patent Application Publication No. 2022/0029902, hereinafter “Shemer”) in view of Hong et al. (U.S. Patent Application Publication No. 2012/0281528, hereinafter “Hong”); further in view of Mooney, III (U.S. Patent Application Publication No. 2022/0207140, hereinafter “Mooney”). Claims 7 and 19: Shemer in view of Hong discloses the system as recited in claim 1 and the method as recited in claim 13. Shemer in view of Hong does not appear to disclose wherein the application access analyzer performs a security posture evaluation by building a unified logical model of computation for security policies associated with an enterprise network. Mooney discloses performing a security posture evaluation (§ 0055, Lines 40-43; In some examples, the program code identifies gaps in a security posture (e.g., issues a warning, “You do not appear to be protected against Y, install X or point us to X so that we can account it.”)) by building a unified logical model of computation for security policies associated with an enterprise network (§ 0052, Lines 1-6; The program code generates a model which includes the threat model elements. From the individual analyses of various artifacts, the program code collects evidence of the elements of a threat model and incorporates these individual items into a holistic (unified) threat model of the system architecture). Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Shemer and Hong’s detection tools with Mooney’s program code in order to identify security requirements, pinpoint security threats and potential vulnerabilities, quantify threat and vulnerability criticality, and/or prioritize remediation methods (Mooney, § 0002, Lines 1-6) and provide information security analysts, system administrators, and/or developers with a deeper understanding and discovery of important aspects of a computing system (Mooney, § 0002, Lines 9-12). Claim(s) 12 is rejected under 35 U.S.C. 103 as being unpatentable over Shemer et al. (U.S. Patent Application Publication No. 2022/0029902, hereinafter “Shemer”) in view of Hong et al. (U.S. Patent Application Publication No. 2012/0281528, hereinafter “Hong”); further in view of Wu et al. (U.S. Patent Application Publication No. 2022/0239569, hereinafter “Wu”). Claim 12: Shemer in view of Hong discloses the system as recited in claim 1. Shemer in view of Hong does not appear to disclose wherein the processor is further configured to process a user query using a natural language query interface of the application access analyzer. Wu discloses a query interface of a network management system that provides for diagnostics and/or troubleshooting of a remotely managed multi-site network (§ 0019, Lines 2-4), which may be a natural language query interface or a chatbot (§ 0071, Lines 4-5). Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify Shemer and Hong’s system by integrating Wu’s query interface in order to reduce the burden on support groups when supporting a network and reduce expenditures and increase return on capital (Wu, § 0003, Lines 7-9). Response to Arguments Applicant's arguments filed 02/19/2026 have been fully considered but they are not persuasive. Applicant argues on page 8 that the abstract has been amended to overcome the objection. However, an implied phrase still remains. Removal of said phrase would overcome this objection. Applicant’s arguments with respect to claim(s) 1, 13, and 20 (and their respective dependent claims) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to NAM T TRAN whose telephone number is (408)918-7553. The examiner can normally be reached Monday-Friday 7AM-3PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emmanuel Moise can be reached at 571-272-3865. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /NAM T TRAN/Primary Examiner, Art Unit 2455