DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 23 May 2026 has been entered.
By the above submission, Claims 1 and 11 have been amended. Claims 2 and 12 have been canceled. No new claims have been added. Claims 1, 5-11, and 15-20 are currently pending in the present application.
Response to Arguments
Applicant's arguments filed 23 May 2026 have been fully considered but they are not persuasive.
Regarding the objections to the drawings for informalities, Applicant asserts that Figure 4 is clear when considered in combination with the specification (pages 6-7 of the present response). More specifically, Applicant argues that the flow from step 304 to step 306 is clear in the specification (page 6 of the present response, citing paragraphs 0083-0084). However, Figure 4 does not reflect any flow from step 304 to step 306, and more specifically, Figure 4 shows no flow out of step 304 and only shows step 306 occurring after the start. The drawings do not actually show what is asserted to be described in the specification. Applicant further argues that the specification is clear that step 310 operates directly on the output of step 309 (page 7 of the present response, citing paragraph 0085). However, Figure 4 does not reflect the output of step 309 being fed to step 310 or any connection between steps 309 and 310. Although Applicant asserts that the phrase “retrieves the logged defects” is used to describe step 310, it is noted that the figure instead shows retrieving threats in step 310 (rather than defects or vulnerabilities as described in the specification). Again, the drawings do not actually show what is asserted to be described in the specification. Applicant also argues that the specification explains that a decision is made regarding automation of the disposition action and that a yes decision leads to automated disposition in step 320 and a no decision leads to manual review at step 322 (page 7 of the present response, citing paragraph 0087). While this is acknowledged, it is recommended that decision block 318 be revised to more explicitly show the decision being made and/or the question being answered with the yes or no, e.g. with a label such as “Automated Disposition?” or similar.
Regarding the rejection of Claims 1, 2, 5-12, and 15-20 under 35 U.S.C. 112(b) as indefinite, and with respect to Claims 1, 5, 8, 10, 11, 15, 18, and 20, Applicant argues that that phrases “the security vulnerability” and “the one or more security vulnerabilities have proper antecedent basis in the claims and that the amended claim language clearly distinguishes between these limitations (page 10 of the present response). In MPEP § 2173.05(e), the example is given of if two different levers are recited earlier in the claim, then the recitation of “said lever” would be unclear as to which of the two levers was intended. Similarly, in the present claims, there are plural security vulnerabilities. The phrase “the security vulnerability” is not clearly distinguished as to whether it only refers to identified vulnerability or if it could also refer to one of the one or more vulnerabilities, and therefore, these limitations remain indefinite.
Regarding Claims 8 and 18 with respect to “providing feedback”, Applicant argues that the specification makes clear that feedback is provided to relevant parties such as developers, analysts, or engineers (page 11 of the present response, citing paragraph 0035 of the specification). However, although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
Regarding Claims 10 and 20 with respect to modifying the application workload, Applicant argues that this is intended to describe the automated disposition action as a whole and not add a separate step supplementing the step in the independent claim (page 11 of the present response, citing paragraph 0055 of the specification). Again, limitations from the specification are not read into the claims. If this is not intended as an additional action, then it is recommended to refer back to the previous recitation in the independent claims, using language such as “the modification of the application workload” or similar.
Regarding Claim 15 with respect to causing the computer system to manually review, Applicant argues that the specification shows a manual review module providing a structured interface which can be used by security experts for such review and that the computer system “causes the manual review process” (page 12 of the present response, citing paragraphs 0057-0058 of the specification). However, the structured interface does not, by itself, manually review the vulnerability; rather, it allows for the user to perform such manual review. Although Applicant asserts that the computer system causes the manual review process, the claim recites that the instructions cause the computer system itself to manually review the vulnerability. It remains unclear how the computer system would itself perform the manual review.
Therefore, for the reasons detailed above, the Examiner maintains the rejections as set forth below.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04 June 2026 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement has been considered by the examiner.
Drawings
The objection to the drawings for informalities is NOT withdrawn for the reasons detailed above with respect to Figure 4.
The drawings are objected to because they include informalities. In particular, the flow of Figure 4 is generally unclear and does not clearly reflect the corresponding portions of the specification. It is not clear from the Figure what is done after step 304 or if it proceeds to step 306, because there is no flow out of step 304. It is also not clear whether the logging in step 309 is then fed to step 310 because there is no connection between steps 309 and 310. Additionally, the decision in step 318 is unclear as to what leads to a yes or no result and should be clarified to more explicitly show a decision to be made. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
The objection to the specification for failure to provide proper antecedent basis for the claimed subject matter is NOT withdrawn because the amendments have raised new issues, as detailed below.
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the following is required: Independent Claims 1 and 11 have been amended to recite “a location within the application workload” and “a match existing between the one or more precedent decisions and the probability of the security vulnerability being a false positive”. However, there appears to be no mention in the specification of a location within a workload, nor does there appear to be any mention of a match between precedent decisions and a probability. Therefore, there is not clearly proper antecedent basis for the claimed subject matter in the specification. For further detail, see below with respect to the rejection under 35 U.S.C. 112(a) for failure to comply with the written description requirement.
Claim Rejections - 35 USC § 112
The rejection of Claims 1, 5-11, and 15-20 under 35 U.S.C. 112(a) for failure to comply with the enablement requirement is withdrawn in light of the amendments to the claims as well as Applicant’s remarks (pages 9-10 of the present response). The rejection of Claims 1, 5-11, and 15-20 under 35 U.S.C. 112(a) for failure to comply with the written description requirement is NOT withdrawn because the amendments have raised new issues, as detailed below. The rejection of Claims 1, 5-11, and 15-20 under 35 U.S.C. 112(b) as indefinite is NOT withdrawn for the reasons detailed above in the Response to Arguments, and because not all issues have been addressed and/or because the amendments have raised new issues, as detailed below. The rejections of Claims 2 and 12 are moot in light of the cancellation of the claims.
The following is a quotation of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1, 5-11, and 15-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Independent Claims 1 and 11 have been amended to recite “a location within the application workload”. Although the specification generally describes a location within a codebase (paragraph 0039), this appears to be distinct from a location within a workload. Further, Applicant has not pointed out where this aspect of the amended claims is supported. See MPEP § 2163.04. Claims 1 and 11 have further been amended to recite “a match existing between the one or more precedent decisions and the probability of the security vulnerability being a false positive”. Although Applicant generally points to paragraph 0054 for support of a match with historical precedents (page 9 of the present response), this does not show a match between a precedent decision and a probability as recited in the claim. Therefore, there is not clearly sufficient written description of the claimed subject matter in the specification.
Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1, 5-11, and 15-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “a location within the application workload” in lines 7-8. It is not clear what is meant by a location within a workload, as it is not clear how this could have a physical location, nor is it clear what sort of logical location may be implied by this. This is in contrast to a location within a codebase as recited in paragraph 0039 of the specification. The claim further recites “and historical data pertaining to one or more security vulnerabilities” in lines 8-9. It is not grammatically clear if this is intended to be grouped with “including” in line 6 or if this may be intended to be included in the analysis, e.g. the analysis is based on both the characteristics and the historical data. If the latter interpretation is intended, it is recommended to clarify this further, for example by including labels such as “an analysis of (a) one or more characteristics… and (b) historical data” or similar. The claim additionally recites “the security vulnerability” in lines 10, 15-17, and 19. However, the claim previously recited plural vulnerabilities, and it is not clear to which of the plural vulnerabilities these limitations are intended to refer. The claim also recites “a match existing between the one or more precedent decisions and the probability of the security vulnerability being a false positive” in lines 16-17. It is not clear how a precedent decision would be matched to a probability, or what else the match may be between. The above ambiguities render the claim indefinite.
Claim 5 recites “the security vulnerability” in line 2. It is not clear to which of the plural vulnerabilities this limitation is intended to refer.
Claim 8 recites “providing feedback” in line 1. It is not clear to whom or to what the feedback is provided. The claim further recites “the security vulnerability” in lines 1-2 and 3. It is not clear to which of the plural vulnerabilities this limitation is intended to refer.
Claim 10 recites “the security vulnerability” in line 2. It is not clear to which of the plural vulnerabilities this limitation is intended to refer. The claim also recites that the disposition action includes modifying the application workload in line 3; it is not clear if this is an additional action supplementing the modification of the application workload in Claim 1.
Claim 11 recites “a location within the application workload” in line 12. It is not clear what is meant by a location within a workload, as it is not clear how this could have a physical location, nor is it clear what sort of logical location may be implied by this. This is in contrast to a location within a codebase as recited in paragraph 0039 of the specification. The claim further recites “and historical data pertaining to one or more security vulnerabilities” in line 13. It is not grammatically clear if this is intended to be grouped with “including” in line 11 or if this may be intended to be included in the analysis, e.g. the analysis is based on both the characteristics and the historical data. If the latter interpretation is intended, it is recommended to clarify this further, for example by including labels such as “an analysis of (a) one or more characteristics… and (b) historical data” or similar. The claim additionally recites “the security vulnerability” in lines 14, 21-23, and 25-26. However, the claim previously recited plural vulnerabilities, and it is not clear to which of the plural vulnerabilities these limitations are intended to refer. The claim also recites “a match existing between the one or more precedent decisions and the probability of the security vulnerability being a false positive” in lines 22-23. It is not clear how a precedent decision would be matched to a probability, or what else the match may be between. The above ambiguities render the claim indefinite
Claim 15 recites that the instructions “cause the computer system to manually review” in lines 1-2. However, it is not clear how the computer system would perform a manual review when it appears that this would require a user to perform such a manual review. The claim further recites “the security vulnerability” in line 2. It is not clear to which of the plural vulnerabilities this limitation is intended to refer.
Claim 16 recites “manually reviewing contributes to updating a disposition repository” in lines 1-2. It is not clear whether this contributing is intended to be a positive function of the system.
Claim 18 recites that the system is caused to “provide feedback” in line 2. It is not clear to whom or to what the feedback is provided. The claim further recites “the security vulnerability” in lines 2 and 3. It is not clear to which of the plural vulnerabilities this limitation is intended to refer.
Claim 20 recites “the security vulnerability” in line 2. It is not clear to which of the plural vulnerabilities this limitation is intended to refer. The claim also recites that the disposition action includes modifying the application workload in line 3; it is not clear if this is an additional action supplementing the modification of the application workload in Claim 11.
Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Wang et al, US Patent 12513169, discloses a system that measures false positive probability for threat detection algorithms.
Woods et al, US Patent Application Publication 2025/0285058, discloses a system for risk assessment that includes determining a false positive probability.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:00am-5:30pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal D Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Zachary A. Davis/Primary Examiner, Art Unit 2492