CTFR 18/451,405 CTFR 98865 Notice of Pre-AIA or AIA Status 07-03-aia AIA 15-10-aia The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Information Disclosure Statement The information disclosure statement (IDS) submitted by applicant dated 03/09/2026 have been considered by the examiner. Response to Amendment and Arguments Applicant’s arguments, with respect to amended claim 7 have been fully considered and are persuasive. The objection of claim 7 has been withdrawn in light of the amendment to claim 7. All of applicant’s arguments were considered, but only arguments which have not been rendered moot due new rejections made below in response to applicant’s amendments will be addressed. Applicant argues: “The Office appears to rely on Ohayon to supply "correlating." However, Ohayon's disclosure relates to correlating or matching input signals from multiple distributed instances of an ML/DL/AI model (e.g., in a vehicular setting) for attack detection against such models. That is a materially different operation from the claimed correlation. Ohayon correlates homogeneous model inputs across distributed instances to detect adversarial manipulation; it does not correlate anomalous model input/output data with operational security log data associated with the same AI- supported application. Accordingly, importing Ohayon into the cited combination supplies, at most, a general notion of "correlation," not the specific cross-domain correlation mechanism required by amended claim 1.”. Examiner respectfully disagrees. Ohayon argues in Para [0036] that the platform monitors the input data that individual AI instances are receiving in real time. By matching these inputs from AI against threat databases, wherein the threat databases are baseline of normal behavior that the model is expected to output under specific operating conditions which is resulted by comparing the car's AI model operational data against the telemetry of a fleet of other AI model operational data of connected vehicles on the road. If the operational data deviates from the monitored baseline the platform, identify whether this deviation is an environmental anomaly or a cyberattack. Applicant argues: “Nor does Ohayon describe any use of application security log telemetry such as authentication logs, access logs, or other security log records-in combination with anomalous model behavior to support identifying an AI security alert. Accordingly, importing Ohayon into the cited combination supplies, at most, a general notion of "correlation," not the specific cross-domain correlation mechanism required by amended claim 1.” . Applicant’s arguments have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of Ohayon (WO 2022224246 A1) in view of ANNAU (US 20230351049 A1) based on the new amendments to the claims 1, 11, 16. Claim Rejections - 35 USC § 103 07-06 AIA 15-10-15 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-21-aia AIA Claim s 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Poliakov (US 20200082097 A1) in view of Veeramany (US 20200244691 A1) in view of Ohayon (WO 2022224246 A1) in view of ANNAU (US 20230351049 A1) and in view of DAMBROT (US 20230269272 A1) . Regarding claim 1, Poliakov teaches computerized system comprising: one or more computer processors (Claim 20) ; and computer memory storing computer-useable instructions that, when used by the one or more computer processors, cause the one or more computer processors to perform operations (Para [0188]) , the operations comprising: accessing artificial intelligence attack monitoring data ( Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; (perform an action) associated with a plurality of artificial-intelligence-supported applications of a computing environment (Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; based on the artificial intelligence attack monitoring data and the artificial intelligence, accessing operational data of an artificial-intelligence-supported application (perform an action) (Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.); analyzing the artificial intelligence attack monitoring data and the operational data (Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.) ; based on analyzing the artificial intelligence attack monitoring data and the operational data (Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.), accessing operational data of an artificial-intelligence-supported application (Claim 1. Para [0181]-[0183]: At block 502, the protection engine 103 identifies parameters of the AI application. At block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.). Poliakov does not explicitly disclose accessing security graph associated with a plurality of a computing environment; (perform an action based on) security graph. Veeramany does disclose accessing security graph associated with a plurality of a computing environment (Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; (perform an action based on) security graph (Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) . Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov with the teachings of Veeramany to include accessing security graph associated with a plurality of a computing environment; (perform an action based on) security graph in order to use to reconfigure the computer network to reduce risk of cyber-attack ( Veeramany Para [0004]) . Poliakov in view of Veeramany does not explicitly disclose analyzing the artificial intelligence attack monitoring data and the operational data, by correlating the artificial intelligence attack monitoring data and the operational data, wherein the artificial intelligence attack monitoring data comprises anomalous model input data or anomalous model output data associated with the artificial-intelligence-supported application. OHAYON teaches analyzing the artificial intelligence attack monitoring data and the operational data, by correlating the artificial intelligence attack monitoring data and the operational data, wherein the artificial intelligence attack monitoring data comprises anomalous model input data or anomalous model output data associated with the artificial-intelligence-supported application (Para [0035]: the system or platform may optionally operate by correlating or matching input signals or inputs that derive from a plurality of distributed instances of a ML / DL / AI model; for example, particularly in a vehicular setting; and may utilize such correlation or matching for attack detection against such ML / DL / AI model or engine.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of Veeramany with the teachings of Ohayon to include analyzing the artificial intelligence attack monitoring data and the operational data, by correlating the artificial intelligence attack monitoring data and the operational data, wherein the artificial intelligence attack monitoring data comprises anomalous model input data or anomalous model output data associated with the artificial-intelligence-supported application in order to allow the platform to detect anomalies in real-time. Poliakov in view of Veeramany in view of Ohayon does not explicitly disclose wherein the operational data comprises security log data associated with the artificial-intelligence-supported application. ANNAU teaches wherein the operational data comprises security log data associated with the artificial-intelligence-supported application (Para [0175]-[0178]: An AI model includes digital logs that stores digital data describing information describing the operation of the AI model and/or other information used by the AI model or the human designer of the AI model. A log security attack includes an attack on the digital logs maintained by an AI model. For example, if the AI model logs information during deployment to audit and/or improve its future performance and this log contains sensitive information, it should be stored and transmitted securely by AI model.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of Veeramany in view of Ohayon with the teachings of ANNAU to include wherein the operational data comprises security log data associated with the artificial-intelligence-supported application in order to automate the monitoring of logs according to specific sets of rules. Poliakov in view of Veeramany in view of Ohayon in view of ANNAU does not explicitly disclose identifying an artificial intelligence security alert; communicating the artificial intelligence security alert. DAMBROT does disclose identifying an artificial intelligence security alert (Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; and communicating the artificial intelligence security alert (Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of Veeramany in view of Ohayon in view of ANNAU with the teachings of DAMBROT to include identifying an artificial intelligence security alert; communicating the artificial intelligence security alert in order to provide AI security awareness for clients. Regarding claim 2, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, wherein the artificial intelligence attack monitoring data comprises the anomalous model input data or the anomalous model output data from an interface of the artificial-intelligence-supported application associated one or more artificial-intelligence-supported applications in the computing environment ( DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 3, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, wherein the operational data is identified based on nodes or edges of the artificial-intelligence-supported application in the artificial intelligence security graph ( Veeramany Para [0073]: An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface. An attack graph can identify cybersecurity vulnerabilities and potential paths for a cyberattack to progress. An attack graph can include nodes corresponding to elements of an attack surface of a system (such as the system 100 of FIG. 1). The nodes of the attack graph (e.g. nodes 1110 and 1120) can be connected by edges (e.g. edge 1115) that correspond to relationships between the elements. As a specific example, an attack graph can trace a path for a malware attack of the system and can identify the elements of the attack surface that are compromised during the attack. The attack graph can link the elements of the attack surface to business functions, where the business functions can be analyzed using fault trees. For example, the output(s) of the attack graph can be used as input(s) to one or more fault trees. As one example, outputs of the attack graph can include probabilities that a cyberattack is underway at the equipment represented by each of the nodes of the attack graph. Specifically, each node of the attack graph can produce an output of the attack graph, where the output value represents a probability that the equipment represented by the mode is under cyberattack. The outputs of the nodes can be combined into a data structure, such as a vector, where each element of the vector represents the probability that the equipment is under cyberattack. ) (Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category.) . Regarding claim 4, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, supports identifying the artificial intelligence security alert ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) , wherein correlating the artificial intelligence attack monitoring data and the operational data ( Ohayon Para [0035]: the system or platform may optionally operate by correlating or matching input signals or inputs that derive from a plurality of distributed instances of a ML / DL / AI model; for example, particularly in a vehicular setting; and may utilize such correlation or matching for attack detection against such ML / DL / AI model or engine.) . Regarding claim 5, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, the operations further comprising generating a risk score that quantifies a likelihood or impact of a security threat associated with the artificial intelligence security alert, wherein the likelihood or the impact of the security threat is associated with a number of potential attack surfaces associated with the security threat ( DAMBROT Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 6, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, the operations further comprising communicating a security posture visualization comprising the artificial intelligence security alert, wherein the artificial intelligence security alert is associated with a prioritization identifier and a risk score ( DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 7, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, the operations further comprising: receiving an indication to execute a remediation action associated with the artificial intelligence security alert, wherein the remediation action is associated a security posture visualization ( DAMBROT Para [0010]-Para [0012] monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; and executing the remediation action ( DAMBROT Para [0010]-Para [0012] monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 8, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, the operations further comprising: accessing the artificial intelligence attack monitoring data associated with the artificial intelligence security alert of the artificial-intelligence-supported application ( Poliakov Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category. DAMBROT Para [0010]-Para [0012] monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; accessing the artificial intelligence security graph ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; based on the artificial intelligence attack monitoring data, the artificial intelligence security alert, and the artificial intelligence security graph, accessing the operational data of the artificial-intelligence-supported application ( Poliakov Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category. DAMBROT Para [0010]-Para [0012] monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity. Veeramany Para [0073]: An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface. An attack graph can identify cybersecurity vulnerabilities and potential paths for a cyberattack to progress. An attack graph can include nodes corresponding to elements of an attack surface.) ; analyzing the artificial intelligence attack monitoring data, the artificial intelligence security alert, and the operational data ( Poliakov Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category. DAMBROT Para [0010]-Para [0012] monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity. Veeramany Para [0073]: An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface. An attack graph can identify cybersecurity vulnerabilities and potential paths for a cyberattack to progress. An attack graph can include nodes corresponding to elements of an attack surface.) ; and based on analyzing the artificial intelligence attack monitoring data, the artificial intelligence security alert, and the operational data, updating a prioritization identifier associated with the artificial intelligence security alert ( Poliakov Claim 1. Para [0183]: at block 506, the protection engine 103 determines a target configuration of an AI model to protect the AI application, based on the assessed vulnerability of the AI application. In various embodiments, the target configuration can be based on the goal of the AI model, metrics provided by the metric submodule 216 of FIG. 2, and/or defense category. DAMBROT Para [010]-Para[0012]. Para monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 9, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, the operations further comprising: receiving a request for security posture of the computing environment ( DAMBROT Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; generating a security posture visualization associated with the computing environment, wherein the security posture visualization comprises the artificial intelligence security alert ( DAMBROT Para [0010]- Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; and communicating the security posture visualization comprising the artificial intelligence security alert ( DAMBROT Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 10, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the system of claim 1, the operations further comprising: based on the request, receiving the security posture visualization associated with the computing environment, wherein the security posture visualization comprises the artificial intelligence security alert ( DAMBROT Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; and causing display of the security posture visualization comprising the artificial intelligence security alert ( DAMBROT Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . As per claim 11, 12, 14, 15 , the claim claiming One or more computer-storage media having computer-executable instructions essentially corresponding to the system claims 1, 2, 9, 7 above respectfully, and they are rejected, at least for the same reasons. Regarding claim 13, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the method of claim 11, wherein the analyzing artificial intelligence attack monitoring data, the artificial intelligence security alert, and the operational data comprises the artificial intelligence security alert, the operational data the artificial intelligence security alert, the operational data ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) , wherein correlating artificial intelligence attack monitoring data, wherein correlating artificial intelligence attack monitoring data ( Ohayon Para [0035]: the system or platform may optionally operate by correlating or matching input signals or inputs that derive from a plurality of distributed instances of a ML / DL / AI model; for example, particularly in a vehicular setting; and may utilize such correlation or matching for attack detection against such ML / DL / AI model or engine.) , and the operational supports updating the prioritization identifier ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 16, Poliakov teaches a computer-implemented method, the method comprising: the artificial intelligence (Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; accessing application data associated with a plurality of artificial-intelligence-supported applications of a computing environment (Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; (perform an action) the plurality of artificial-intelligence-supported applications (Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; using the application data (perform an action) (Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) . Poliakov does not explicitly disclose accessing a security graph generation model, the security graph generation model comprises instructions on how to generate security graph; the security graph generation model, generating the security graph; and deploying the security graph associated. Veeramany does disclose accessing a security graph generation model, the security graph generation model comprises instructions on how to generate security graph (Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; the security graph generation model, generating the security graph (Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; and deploying the security graph associated (Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) . Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov with the teachings of Veeramany to include accessing a security graph generation model, the security graph generation model comprises instructions on how to generate security graph; the security graph generation model, generating the security graph; and deploying the security graph associated in order to use to reconfigure the computer network to reduce risk of cyber-attack ( Veeramany Para [0004]) . Poliakov in view of Veeramany does not explicitly disclose wherein the artificial intelligence security alerts are identified based on analyzing artificial intelligence attack monitoring data and operational data of the plurality artificial-intelligence-supported application. OHAYON teaches wherein the artificial intelligence security alerts are identified based on analyzing artificial intelligence attack monitoring data and operational data of the plurality artificial-intelligence-supported application (Para [0035]. Para [0029]: the system or platform may optionally operate by correlating or matching input signals or inputs that derive from a plurality of distributed instances of a ML / DL / AI model; for example, particularly in a vehicular setting; and may utilize such correlation or matching for attack detection against such ML / DL / AI model or engine. The Attack Mitigation Unit 124 may generating a notification or warning message or alert message, indicating abuse or the ML / DL / AI Engine 101.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of Veeramany with the teachings of Ohayon to include wherein the artificial intelligence security alerts are identified based on analyzing artificial intelligence attack monitoring data and operational data of the plurality artificial-intelligence-supported application in order to reduce risk of cyber-attack to the AI-model. Poliakov in view of Veeramany in view of Ohayon does not explicitly disclose wherein the operational data comprises security log data associated with the artificial-intelligence-supported application. ANNAU teaches wherein the operational data comprises security log data associated with the artificial-intelligence-supported application (Para [0175]-[0178]: An AI model includes digital logs that stores digital data describing information describing the operation of the AI model and/or other information used by the AI model or the human designer of the AI model. A log security attack includes an attack on the digital logs maintained by an AI model. For example, if the AI model logs information during deployment to audit and/or improve its future performance and this log contains sensitive information, it should be stored and transmitted securely by AI model.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of Veeramany in view of Ohayon with the teachings of ANNAU to include wherein the operational data comprises security log data associated with the artificial-intelligence-supported application in order to automate the monitoring of logs according to specific sets of rules. Poliakov in view of Veeramany in view of Ohayon in view of ANNAU does not explicitly disclose identifying an artificial intelligence security alert; communicating the artificial intelligence security alert. DAMBROT does disclose identifying an artificial intelligence security alert (Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; and communicating the artificial intelligence security alert (Para [0010]-Para [0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Poliakov in view of Veeramany in view of Ohayon in view of ANNAU with the teachings of DAMBROT to include identifying an artificial intelligence security alert; communicating the artificial intelligence security alert in order to provide AI security awareness for clients. Regarding claim 17, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the method of claim 16, wherein the artificial intelligence security graph generation model is a model of the plurality of artificial-intelligence-supported applications and their connections in the computing environment ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) . Regarding claim 18, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the method of claim 16, wherein generating the artificial intelligence security graph comprises: generating a first layer of the artificial intelligence security graph based on a first set of application data from the application data, wherein the first set of application data comprises account-based connections between an artificial-intelligence-supported application and an artificial intelligence application ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; generating a second layer of the artificial intelligence security graph based on a second set of application data from the application data, wherein the second set application data comprises configuration-based connections between the artificial-intelligence-supported application and an artificial intelligence application ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; and generating a third layer of artificial intelligence security graph based on a third set of application data from the application data, wherein the third set of application data comprises code-based connections between the artificial-intelligence-supported application and an artificial intelligence application ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) . Regarding claim 19, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the method of claim 16, the method further comprising: accessing artificial intelligence attack monitoring data ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; accessing the artificial intelligence security graph ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; based on the artificial intelligence attack monitoring data and the artificial intelligence security graph, accessing operational data of an artificial-intelligence-supported application ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; analyzing the artificial intelligence attack monitoring data and the operational data associated with an artificial-intelligence-supported application ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; based on analyzing the artificial intelligence attack monitoring data and the operational data, identifying an artificial intelligence security alert ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; and communicating the artificial intelligence security alert ( DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Regarding claim 20, Poliakov in view of Veeramany in view of Ohayon in view of ANNAU in view of DAMBROT teaches the method of claim 16, the method further comprising: accessing artificial intelligence attack monitoring data associated with an artificial intelligence security alert of an artificial-intelligence-supported application ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) ; accessing the artificial intelligence security graph ( Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; based on the artificial intelligence attack monitoring data, the artificial intelligence security alert, and the artificial intelligence security graph, accessing operational data of artificial-intelligence-supported application ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. Veeramany Fig. 11. Para [0073]: attack graph 310 identifying cybersecurity linkages to business functions. An attack graph is a data structure representing a cyberattack of a system or sub-system. As one example, an attack graph can be implemented as a tree, a graph, or other suitable data structure that is stored in a computer-readable memory or storage device. An attack graph can be used to identify and analyze the elements and interactions of the different components of the attack surface.) ; analyzing the artificial intelligence attack monitoring data, the artificial intelligence security alert, and the operational data ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application.) ; and based on analyzing the artificial intelligence attack monitoring data, the artificial intelligence security alert, and the operational data, updating a prioritization identifier associated with the artificial intelligence security alert ( Poliakov Claim 1. Para [0181]-[0182]: at block 502, the protection engine 103 identifies parameters of the AI application. The goal of an AI application 109 is automatically determined by the protection engine 103 or received from a rules database 118. At block 504 the protection engine 103 performs an assessment of a vulnerability of the AI application. DAMBROT Para [0010]-Para[0012]: monitoring, via an analysis engine, the one or more AI Services, the one or more assets and the at least one AI pipeline to identify potential threats from an adversarial attack; generating, via the analysis engine, at least one security score that measure a security posture of an entity wherein the at least one security score is based on one or more of: security incidents, alerts and security findings; and providing, via an interface, security health data that represents the security posture of the entity.) . Conclusion 07-40 AIA Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL . See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUDY BAZNA whose telephone number is (703)756-1258. The examiner can normally be reached Monday - Friday 08:30 AM-05:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JUDY BAZNA/ Examiner, Art Unit 2495 /FARID HOMAYOUNMEHR/ Supervisory Patent Examiner, Art Unit 2495 Application/Control Number: 18/451,405 Page 2 Art Unit: 2495 Application/Control Number: 18/451,405 Page 3 Art Unit: 2495 Application/Control Number: 18/451,405 Page 4 Art Unit: 2495 Application/Control Number: 18/451,405 Page 5 Art Unit: 2495 Application/Control Number: 18/451,405 Page 6 Art Unit: 2495 Application/Control Number: 18/451,405 Page 7 Art Unit: 2495 Application/Control Number: 18/451,405 Page 8 Art Unit: 2495 Application/Control Number: 18/451,405 Page 9 Art Unit: 2495 Application/Control Number: 18/451,405 Page 10 Art Unit: 2495 Application/Control Number: 18/451,405 Page 11 Art Unit: 2495 Application/Control Number: 18/451,405 Page 12 Art Unit: 2495 Application/Control Number: 18/451,405 Page 13 Art Unit: 2495 Application/Control Number: 18/451,405 Page 14 Art Unit: 2495 Application/Control Number: 18/451,405 Page 15 Art Unit: 2495 Application/Control Number: 18/451,405 Page 16 Art Unit: 2495 Application/Control Number: 18/451,405 Page 17 Art Unit: 2495 Application/Control Number: 18/451,405 Page 18 Art Unit: 2495 Application/Control Number: 18/451,405 Page 19 Art Unit: 2495 Application/Control Number: 18/451,405 Page 20 Art Unit: 2495 Application/Control Number: 18/451,405 Page 21 Art Unit: 2495 Application/Control Number: 18/451,405 Page 22 Art Unit: 2495 Application/Control Number: 18/451,405 Page 23 Art Unit: 2495 Application/Control Number: 18/451,405 Page 24 Art Unit: 2495 Application/Control Number: 18/451,405 Page 25 Art Unit: 2495 Application/Control Number: 18/451,405 Page 26 Art Unit: 2495 Application/Control Number: 18/451,405 Page 27 Art Unit: 2495 Application/Control Number: 18/451,405 Page 28 Art Unit: 2495