SECURITY VULNERABILITY TRACKING AND RESOLUTION

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments with respect to claim(s) 1-20 have been considered. Applicant’s arguments regarding the USC 101 rejection were persuasive. Applicant’s argument regarding USC 103 rejection is moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Examiner has incorporated Cole US 2012/0144494 to meet the claims as amended. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 6, 7, 15-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thakur US 2014/0331326 in view of Agrawal US 2024/0362340 in view of Cole US 2012/0144494. As per claim 1. Thakur teaches A system for automatically creating and closing tickets for security vulnerabilities, the system comprising: one or more memories; and one or more processors, communicatively coupled to the one or more memories, configured to: receive an indication of a set of security vulnerabilities that were detected; [0029]-[0031] (detect risk and automatically create risk record and remediation ticket) Thakur teaches use of the system via an application programming interface. [0028] (API). Thakur teaches determine a set of tickets to open for the set of security vulnerabilities; [0031]-[0037] (creating tickets for vulnerability remediation) Thakur teaches receive an indication that at least one security vulnerability, in the set of security vulnerabilities, has been resolved; and transmit, to the ticket system, a command to close at least one ticket, in the set of tickets, corresponding to the at least one security vulnerability. [0074][0084][0085] (teaches tracking vulnerability by ticket and closing tickets when risk has been remediated) Agrawal teaches determine a priority and a due date for each ticket in the set of tickets; transmit, to a ticket system, a command to open the set of tickets including the priority and the due date for each ticket; mapping vulnerability identifiers to priorities and due dates [0076] (teaches creating a security ticket with due date and priority) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Agrawal with the prior art because it is more efficient. Cole teaches monitor via communication with the one or more cloud environments or the vulnerability repository to determined that at least one security vulnerability is resolved, wherein monitoring comprises periodically querying or subscribing to status updates for the security vulnerabilities. Cole teaches ticket with vulnerability ID and due date. [0441]-[0443][0447]-[0449] (ticket database for vulnerabilities and tickets along with status, monitoring, showing completed tickets in ticket management component and updating the status, presenting via a user interface) It would have been obvious to one of ordinary skill in the art before the priority date of the instant application to use the teaching of Cole with the prior art because it improves the status communication of vulnerability status. As per claim 6. Thakur teaches The system of claim 1, wherein the one or more processors are configured to: receive, from a vulnerability repository, an indication of a solution associated with the at least one security vulnerability, wherein the at least one ticket, corresponding to the at least one security vulnerability, indicates the solution. [0037][[0086] (ticket with knowledgebase, solution) As per claim 7. Thakur teaches The system of claim 1, wherein the one or more processors, to transmit the command to open the set of tickets, are configured to: transmit the command according to at least one schedule. [0034] [0035] (VCA creates tickets on a schedule based on risk reports) As per claim 15. Thakur teaches A non-transitory computer-readable medium storing a set of instructions for creating and closing tickets for security vulnerabilities, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: receive an indication of a set of security vulnerabilities that were detected; determine a set of tickets to open for the set of security vulnerabilities; transmit, to a ticket system, a command to open the set of tickets; monitor to determine that at least one security vulnerability, in the set of security vulnerabilities, has been resolved; and transmit, to the ticket system, a command to close at least one ticket, in the set of tickets, corresponding to the at least one security vulnerability. [0029]-[0031] (detect risk and automatically create risk record and remediation ticket) [0031]-[0037] (creating tickets for vulnerability remediation) [0074][0084][0085] (teaches tracking vulnerability by ticket and closing tickets when risk has been remediated) Thakur teaches use of the system via an application programming interface. [0028] (API). Agrawal teaches determine a priority and a due date for each ticket in the set of tickets; transmit, to a ticket system, a command to open the set of tickets including the priority and the due date for each ticket; mapping vulnerability identifiers to priorities and due dates [0076] (teaches creating a security ticket with due date and priority) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Agrawal with the prior art because it is more efficient. Cole teaches monitor via communication with the one or more cloud environments or the vulnerability repository to determined that at least one security vulnerability is resolved, wherein monitoring comprises periodically querying or subscribing to status updates for the security vulnerabilities. Cole teaches ticket with vulnerability ID and due date. [0441]-[0443][0447]-[0449] (ticket database for vulnerabilities and tickets along with status, monitoring, showing completed tickets in ticket management component and updating the status, presenting via a user interface) It would have been obvious to one of ordinary skill in the art before the priority date of the instant application to use the teaching of Cole with the prior art because it improves the status communication of vulnerability status. As per claim 16. Thakur teaches The non-transitory computer-readable medium of claim , wherein the indication further includes a set of titles, and each ticket in the set of tickets includes a title from the set of titles. Figures 7-10 [0084]-[0089] (teaches ticket and dashboard UI for interaction including tickets, fields, tasks/projects, assignment to users or parties) As per claim 17. Thakur teaches The non-transitory computer-readable medium of claim , wherein the one or more instructions, when executed by the one or more processors, cause the device to: determine a set of due dates for the set of tickets, wherein the command to open the set of tickets indicates the set of due dates. Figures 7-10 [0084]-[0089] (teaches ticket and dashboard UI for interaction including tickets, fields, tasks/projects, assignment to users or parties). Agrawal teaches determine a set of due dates for the set of tickets [0076] (teaches creating a security ticket with due date and priority) As per claim 18. Agrawal teaches The non-transitory computer-readable medium of claim , wherein the one or more instructions, when executed by the one or more processors, cause the device to: determine a set of priorities for the set of tickets, wherein the command to open the set of tickets indicates the set of priorities. [0076] (teaches creating a security ticket with due date and priority) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Agrawal with the prior art because it is more efficient. As per claim 19. Thakur teaches The non-transitory computer-readable medium of claim , wherein the one or more instructions, when executed by the one or more processors, cause the device to: generate a set of titles for the set of tickets, wherein the command to open the set of tickets indicates the set of titles. Figures 7-10 [0084]-[0089] (teaches ticket and dashboard UI for interaction including tickets, fields, tasks/projects, assignment to users or parties) As per claim 20. Agrawal teaches The non-transitory computer-readable medium of claim , wherein the one or more instructions, that cause the device to transmit the command to open the set of tickets, cause the device to: transmit a first command to open a first portion of the set of tickets according to a first schedule; and transmit a second command to open a second portion of the set of tickets according to a second schedule that is different from the first schedule. [0036][0076] (teaches different schedules according to different factors, including priority) Claim(s) 2-4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thakur US 2014/0331326 in view of Agrawal US 2024/0362340 in view of Cole US 2012/0144494 in view of Tishbi US 2024/0169068 As per claim 2. Thakur teaches the system of claim 1, wherein the one or more processors, to determine the set of tickets, are configured to: aggregate two or more security vulnerabilities, in the set of security vulnerabilities, that share a cloud environment, into a single ticket in the set of tickets, wherein the single ticket indicates a quantity of the two or more security vulnerabilities. [0033] (combining tickets) Thakur does not teach a “cloud environment” Tishbi teaches combining tickets for security vulnerabilities that share a cloud environment [0040] (single ticket for plurality of alerts associated with multiple virtual machines in the cloud with vulnerabilities) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the combination of Tishbi with the prior art because it reduces resource usage. As per claim 3. Tishbi teaches the system of claim 1, wherein the one or more processors, to determine the set of tickets, are configured to: aggregate two or more security vulnerabilities, in the set of security vulnerabilities, that affect a plurality of cloud instances, into a single ticket in the set of tickets, wherein the single ticket includes a list of the plurality of cloud instances. [0040] (single ticket for plurality of alerts associated with multiple virtual machines in the cloud with vulnerabilities) As per claim 4. Tishbi teaches the system of claim 1, wherein the one or more processors, to determine the set of tickets, are configured to: aggregate two or more security vulnerabilities, in the set of security vulnerabilities, that affect a plurality of containers, into a single ticket in the set of tickets, wherein the single ticket includes a list of the plurality of containers. [0040] [0045]-[0047] (single ticket for plurality of alerts associated with multiple virtual machines in the cloud with vulnerabilities, reducing multiple tickets to a group ticket for containers) Claim(s) 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thakur US 2014/0331326 in view of Agrawal US 2024/0362340 in view of Cole US 2012/0144494 in view of Sima US 2006/0282494 As per claim 5. Sima teaches the system of claim 1, wherein the at least one ticket indicates a most recent scan time associated with the at least one security vulnerability. [0046] (teaches detection display with timestamp) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Sima with the prior art because it provides a user more complete information. Claim(s) 8-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Thakur US 2014/0331326 in view of Gristede US 2023/0315529 in view of Cole US 2012/0144494. As per claim 8. Thakur teaches A method of creating tickets for security vulnerabilities and associated with the plurality of projects; receiving, from the user device, a confirmation of the set of tickets; and transmitting, to a ticket system, a command to open the set of tickets in response to the confirmation. [0029]-[0031] [0074][0084][0085] Thakur teaches receiving data organized by tables, Excel/XML/CSV used to create tickets. [0026][0034][0035] Gristede teaches tickets from delimited values, comprising: receiving, from a user device, at least one delimiter-separated values (DSV) file; parsing, by a client device, the at least one DSV file to determine a plurality of projects indicated in the at least one DSV file; transmitting, to the user device, instructions for a user interface (UI) previewing a set of tickets based on information in the at least one DSV file [0064][0070]-[0074] (teaches that tickets are composed of components separated by delimiters) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Gristede with the prior art because it is an efficient way to organize data. Cole teaches parsing a DSV file to extract for each project of a plurality of projects a set of security vulnerability records and associated metadata. Cole teaches validating by the client device the security vulnerability records and associated metadata extracted by the client device by cross referencing with a vulnerability repository.[0043][0044][0222][0441]-[0444] [0450][0451] (teaches vulnerability table database; teaches ticket database representing multiple vulnerabilities, and projects, scanning and testing target clients which may be reconfirmed, or retested, teaches table/ticket including metadata, teaches ticket management that allows client to vulnerability validation) It would have been obvious to one of ordinary skill in the art before the priority date of the instant application to use the teaching of Cole with the prior art because it improves the status communication of vulnerability status. As per claim 9. Gristede teaches The method of claim , wherein the at least one DSV file includes a comma-separated values file. [0064][0070]-[0074] (Examiner asserts that placement of a comma between values is well known in the art) As per claim 10. Thakur teaches The method of claim , wherein the UI includes a set of rows that correspond to the set of tickets, and the UI includes a plurality of columns associated with a plurality of fields included in each ticket. Figures 7-10 [0084]-[0089] (teaches ticket and dashboard UI for interaction including tickets, fields, tasks/projects, assignment to users or parties) As per claim 11. Thakur teaches The method of claim 10, wherein one column, in the plurality of columns, is associated with the plurality of projects. Figures 7-10 [0084]-[0089] (teaches ticket and dashboard UI for interaction including tickets, fields, tasks/projects, assignment to users or parties) As per claim 12. Gristede teaches The method of claim 10, further comprising: populating, by the client device, at least a portion of the plurality of columns based on the information in the at least one DSV file. [0064][0070]-[0074] (Examiner asserts that placement of a comma between values is well known in the art) Thakur teaches receiving data organized by tables, Excel/XML/CSV used to create tickets. [0026][0034][0035] As per claim 13. Gristede teaches The method of claim , further comprising: receiving, from the user device, additional information using the UI, wherein the command to open the set of tickets includes the information in the at least one DSV file and the additional information. [0064][0070]-[0074] (Examiner asserts that placement of a comma between values is well known in the art) Thakur teaches receiving data organized by tables, Excel/XML/CSV used to create tickets. [0026][0034][0035] As per claim 14. Thakur teaches The method of claim , wherein the command to open the set of tickets indicates, for each ticket, at least one user to assign to the ticket. Figures 7-10 [0084]-[0089] (teaches ticket and dashboard UI for interaction including tickets, fields, tasks/projects, assignment to users or parties) Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833. The examiner can normally be reached M-F 8-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439