Prosecution Insights
Last updated: July 17, 2026
Application No. 18/607,040

Dynamic software inventory system and method

Final Rejection §103
Filed
Mar 15, 2024
Priority
Mar 20, 2023 — provisional 63/453,189
Examiner
RAJAPUTRA, SUMAN
Art Unit
2163
Tech Center
2100 — Computer Architecture & Software
Assignee
Rocket Software Inc.
OA Round
4 (Final)
69%
Grant Probability
Favorable
5-6
OA Rounds
9m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 69% — above average
69%
Career Allowance Rate
114 granted / 165 resolved
+14.1% vs TC avg
Strong +38% interview lift
Without
With
+38.2%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
20 currently pending
Career history
202
Total Applications
across all art units

Statute-Specific Performance

§101
2.7%
-37.3% vs TC avg
§103
90.9%
+50.9% vs TC avg
§102
6.2%
-33.8% vs TC avg
§112
0.2%
-39.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 165 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 2. This Office Action is in response to the filing with the office dated 02/24/2026. Claims 1, 4, 5, 12 and 17 have been amended. Claims 2, 3, 13, 14, 18 and 21-22 have been cancelled. Claims 1, 12 and 17 are independent claims. Claims 1, 4-12, 15-17, 19, 20 and 23-24 are presented for examination. Priority 3. Applicant’s claim for the benefit of a prior-filed provisional Application No. 63/453,189 filed on 03/20/2023 is acknowledged by the examiner. Response to amendment/arguments 4. Applicant’s arguments with respect to the rejection of claims under 35 U.S.C. § 102 (a)(i) and 103(a) have been fully considered but are moot because the arguments are directed towards amended claims, thus necessitated the new ground of rejection as presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). Claim Rejections - 35 U.S.C. § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 5. Claims 1, 5, 7-10, 12, 15-17, 19-20 and 23-24 are rejected under 35 U.S.C. 103 as being unpatentable over Maloney; Sean Eren (US 20220374217 A1) in view of Smith; Christopher T. (US 20160012226 A1), PAQUIN; ADAM (US 20210360007 A1) and in further view of Nucci; Antonio (US 20210081189 A1). Regarding independent claim 1, Maloney; Sean Eren (US 20220374217 A1) teaches, a method for providing a dynamic inventory tool, the method comprising: receiving, at a rules module, at least one definitions file generated at a vendor environment comprising at least one server configured to generate software packages for deploying software at a client device (Paragraph Fig. 1 Paragraph [0041] discloses, a package repository 106 which may store software packages that can be utilized by configuration tool 122 to install software applications on a client computer 110. Also see [0037], [0070], [0098] (Examiner interprets definition file as software details/ information and rules are based on compliance)), scanning, based on the at least one definitions file, a file system configured to store and manage the software packages (Paragraph [0121] discloses, scanning/ evaluating each of the conditional rules based on the identification information of the particular computer to determine applicability of the particular software. Also see [0009]-[0014] the identification information of the computer may include one or more of: a manufacturer, a model, an operating system version, a workgroup, or version information of prior installed software. Also see [0081], [0085]); and receiving, at the file system based on a user selection relating to the at least one recommendation, at least one update for the software on the file system from the vendor environment (Paragraph [0139], [0140] discloses, based on user selection of particular version of software, updating the software that is received from the vendor. Also see [0156]). Maloney et al fails to explicitly teach, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment; generating, based on the scanning of the file system, an inventory of software on the file system by matching at least one unique identifier at the definitions file with the software; scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule. Smith; Christopher T. (US 20160012226 A1) teaches, discloses, generating, based on the scanning of the file system, an inventory of software on the file system by matching at least one unique identifier at the definitions file with the software (Paragraphs [0018], [0020] The cryptographic hash data 62 of the given file 20 can thus include encoded information (e.g., a cryptographic hash value) that can be indicative of one or more software products with which the given file 20 is associated (i.e., generating, based on the scanning the file system, an inventory of software by matching the unique identifier/ hash with the software) Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al by generating, based on the scanning of the file system, an inventory of software on the file system, as taught by Smith et al (Paragraphs [0018]-[0020]) One of the ordinary skill in the art would have been motivated to make this modification, by doing so, provides enhanced security, cost optimization, and improved operational efficiency. It creates a comprehensive, centralized record of all software assets, helping organizations to manage risk, ensure compliance, and make data-driven decisions. Maloney et al and Smith et al fails to explicitly teach, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment; scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule. PAQUIN; ADAM (US 20210360007 A1) teaches, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, (Paragraphs [0032], [0033] discloses, updating the software/ applying a fix based on the vulnerabilities/ condition. The rules are generated at the vendor environment), and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment (Paragraph [0034] Each set of CVE and vendor IDs is stored alongside metadata such as description, severity, device impact, and the updated version in which each vendor introduced the rule protecting against it). scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file (Paragraph [0035] discloses, After compiling this information, one or more embodiments of the invention makes a decision on the optimal IPS policy for the rule (block, log, allow, etc.), as well as provides a context for the priority level and time-sensitivity of the matter. Also see [0076], [0077]). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al and Smith et al by wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment, as taught by PAQUIN et al (Paragraphs [0032]-[0035]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so, Using assessment techniques that are Security Operation Center (SOC) based, one or more embodiments of the present invention programmatically recommend protection techniques in real time, as taught by PAQUIN et al (Paragraph [0031]). Maloney et al, Smith et al and PAQUIN et al fails to explicitly teach, generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule. Nucci; Antonio (US 20210081189 A1) teaches, generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule (Figs. 3, 4 and related paragraphs discloses, generating/ providing recommendations regarding updating the software based on a rule); Nucci et al also teaches, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition (Figs. 3, 4 and related paragraphs discloses, based on the based on the profile of a device policy comprising at least one rule specifying that a software should be updated based on a current software violating a condition. (Examiner interprets definition file as operation preferences in the user profile). Also see [0036]); scanning the at least one definitions file for the at least one rule (Paragraph [0022], [0023] determine that the risk metric violates a risk-tolerance level indicated in the operational preferences of the device policy for the group of network devices by scanning the definition file/ profile. Also see [0068]); and receiving, at the file system based on a user selection relating to the at least one recommendation, at least one update for the software on the file system from the vendor environment (Fig. 4 Paragraph [0081] Upon the user selecting the accept recommended upgrade option 420, the user device 110 may send an indication to the recommendation system 108 that the user would like to apply the recommended software. The recommendation system 108 may then perform operations to cause the group of network devices 106 to install and run the recommended software). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al and Smith et al by providing wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition; scanning the at least one definitions file for the at least one rule; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule, as taught by Nucci et al (Figs 3, 4 and related paragraphs). One of the ordinary skill in the art would have been motivated to make this modification, would provide accurate software updates for network devices to improve functionality and increase available features of the network devices, which in turn improves the functioning of the overall device network. Further, the software updates may provide service and security vulnerability fixes for discovered issues or bugs, which may help ensure the safe operation of the device network and overlaid business applications. Additionally, as technology continues to advance, updating device software for network devices to gain additional features and capabilities helps prevent the network devices from becoming obsolete and maintain operational value for longer periods of time as taught by Nucci et al (Paragraph [0004], [0019]). Regarding dependent claim 5, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Smith et al further teaches, wherein the at least one unique identifier is generated from at least one cryptographic hash functions (Paragraph [0020] The cryptographic hash data 62 of the given file 20 can thus include encoded information (e.g., a cryptographic hash value) that can be indicative of one or more software products with which the given file 20 is associated. Also see Paragraph [0023], [0026]). Regarding dependent claim 7, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Nucci et al further teaches, further comprising: detecting software satisfying the condition; and determining the at least one recommendation based on the software satisfying the condition (Figs. 3, 4 and related paragraphs discloses, based on the based on the profile of a device policy comprising at least one rule specifying that a software should be recommended based on actual operation conditions violates an operational preference recommending to run updated software that is more optimized for the network device and that satisfies the operational preferences of the user. Also see Abstract). Regarding dependent claim 8, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Nucci et al further teaches, wherein the at least one recommendation is based on feedback data associated with previous recommendations regarding updating the software on the file system (Paragraph [0073] discloses, providing at least one recommendation is based on feedback from other users to ensure that bugs and advisories/vulnerabilities have been discovered and fixed). Regarding dependent claim 9, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Maloney; Sean Eren (US 20220374217 A1) teaches, wherein the at least one recommendation indicates whether the software on the file system is up to date (Paragraph [0161] The package is determined as not applicable if a version of the software that is currently installed is the same as or newer than the version in the package). Regarding dependent claim 10, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Maloney; Sean Eren (US 20220374217 A1) teaches, wherein the at least one recommendation comprises at least one of a recommended software version for updating the software on the file system or a benefit for updating the software on the file system (Paragraphs [0160], [0163] discloses, if applicable recommending software version for updating the software on the file). Regarding independent claim 12, Maloney; Sean Eren (US 20220374217 A1) teaches, a system for providing a dynamic inventory tool, the system comprising: a rules module for storing at least one definitions file generated at a vendor environment comprising at least one server configured to generate software packages for deploying software at a client device (Paragraph Fig. 1 Paragraph [0041] discloses, a package repository 106 which may store software packages that can be utilized by configuration tool 122 to install software applications on a client computer 110. Also see [0037], [0070] (Examiner interprets definition file as software details/ information and rules are based on compliance)); scanning, based on the at least one definitions file, the file system; a file system configured for: storing the software packages; (Paragraph [0139], [0140] discloses, based on user selection of particular version of software, updating the software that is received from the vendor. Also see [0156]); and receiving, based on a user selection relating to at least one recommendation regarding software at the file system, at least one update from the vendor environment(Paragraph [0139], [0140] discloses, based on user selection of particular version of software, updating the software that is received from the vendor. Also see [0156]). and a processor executing instructions stored on memory to perform the steps of: receiving the at least one definitions file from the rules module (Paragraph Fig. 1 Paragraph [0041] discloses, a package repository 106 which may store software packages that can be utilized by configuration tool 122 to install software applications on a client computer 110. Also see [0037], [0070] (Examiner interprets definition file as software details/ information and rules are based on compliance)); Maloney et al fails to explicitly teach, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment; scanning, based on the at least one definitions file, the file system; generating, based on the scanning of the file system, an inventory of software on the file system by matching at least one unique identifier at the definitions file with the software; scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file; and generating, for the client device, a web page providing the at least one recommendation based on the at least one rule. Smith; Christopher T. (US 20160012226 A1) teaches, discloses, generating, based on the scanning of the file system, an inventory of software on the file system by matching at least one unique identifier at the definitions file with the software (Paragraphs [0018], [0020] The cryptographic hash data 62 of the given file 20 can thus include encoded information (e.g., a cryptographic hash value) that can be indicative of one or more software products with which the given file 20 is associated (i.e., generating, based on the scanning the file system, an inventory of software by matching the unique identifier/ hash with the software) Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al by generating, based on the scanning of the file system, an inventory of software on the file system, as taught by Smith et al (Paragraphs [0018]-[0020]) One of the ordinary skill in the art would have been motivated to make this modification, by doing so, provides enhanced security, cost optimization, and improved operational efficiency. It creates a comprehensive, centralized record of all software assets, helping organizations to manage risk, ensure compliance, and make data-driven decisions. Maloney et al and Smith et al fails to explicitly teach, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment; scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file; and generating, for the client device, a web page providing the at least one recommendation based on the at least one rule. PAQUIN; ADAM (US 20210360007 A1) teaches, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition (Paragraphs [0032], [0033] discloses, updating the software/ applying a fix based on the vulnerabilities/ condition. The rules are generated at the vendor environment), and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment (Paragraph [0034] Each set of CVE and vendor IDs is stored alongside metadata such as description, severity, device impact, and the updated version in which each vendor introduced the rule protecting against it). scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file (Paragraph [0035] discloses, After compiling this information, one or more embodiments of the invention makes a decision on the optimal IPS policy for the rule (block, log, allow, etc.), as well as provides a context for the priority level and time-sensitivity of the matter. Also see [0076], [0077]). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al and Smith et al by wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment, as taught by PAQUIN et al (Paragraphs [0032]-[0035]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so, Using assessment techniques that are Security Operation Center (SOC) based, one or more embodiments of the present invention programmatically recommend protection techniques in real time, as taught by PAQUIN et al (Paragraph [0031]). Nucci; Antonio (US 20210081189 A1) teaches, and generating, for the client device, a web page providing the at least one recommendation based on the at least one rule generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule (Figs. 3, 4 and related paragraphs discloses, generating/ providing recommendations regarding updating the software based on a rule); Nucci et al also teaches, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition (Figs. 3, 4 and related paragraphs discloses, based on the based on the profile of a device policy comprising at least one rule specifying that a software should be updated based on a current software violating a condition. (Examiner interprets definition file as operation preferences in the user profile). Also see [0036]); scanning the at least one definitions file for the at least one rule (Paragraph [0022], [0023] determine that the risk metric violates a risk-tolerance level indicated in the operational preferences of the device policy for the group of network devices by scanning the definition file/ profile. Also see [0068]); and receiving, at the file system based on a user selection relating to the at least one recommendation, at least one update for the software on the file system from the vendor environment (Fig. 4 Paragraph [0081] Upon the user selecting the accept recommended upgrade option 420, the user device 110 may send an indication to the recommendation system 108 that the user would like to apply the recommended software. The recommendation system 108 may then perform operations to cause the group of network devices 106 to install and run the recommended software). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al and Smith et al by providing wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition; scanning the at least one definitions file for the at least one rule; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule, as taught by Nucci et al (Figs 3, 4 and related paragraphs). One of the ordinary skill in the art would have been motivated to make this modification, would provide accurate software updates for network devices to improve functionality and increase available features of the network devices, which in turn improves the functioning of the overall device network. Further, the software updates may provide service and security vulnerability fixes for discovered issues or bugs, which may help ensure the safe operation of the device network and overlaid business applications. Additionally, as technology continues to advance, updating device software for network devices to gain additional features and capabilities helps prevent the network devices from becoming obsolete and maintain operational value for longer periods of time as taught by Nucci et al (Paragraph [0004], [0019]). Regarding dependent claim 15, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the system of claim 12, Nucci et al further teaches, further comprisingsoftware satisfying the condition (Figs. 3, 4 and related paragraphs discloses, based on the based on the profile of a device policy comprising at least one rule specifying that a software should be recommended based on actual operation conditions violates an operational preference recommending to run updated software that is more optimized for the network device and that satisfies the operational preferences of the user. Also see Abstract). Regarding dependent claim 16, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the system of claim 12. Maloney; Sean Eren (US 20220374217 A1) teaches, wherein the at least one recommendation comprise at least one of a recommended software version for updating the software on the file system or a benefit for updating the software on the file system (Paragraphs [0160], [0163] discloses, if applicable recommending software version for updating the software on the file). Regarding independent claim 17, Maloney; Sean Eren (US 20220374217 A1) teaches, a computer program product embodied in a non-transitory computer readable storage medium and comprising computer instructions for: receiving, at a rules module, at least one definitions file generated at a vendor environment comprising at least one server configured to generate software packages for deploying software at a client device (Paragraph Fig. 1 Paragraph [0041] discloses, a package repository 106 which may store software packages that can be utilized by configuration tool 122 to install software applications on a client computer 110. Also see [0037], [0070] (Examiner interprets definition file as software details/ information and rules are based on compliance)); scanning, based on the at least one definitions file, a file system configured to manage the software packages (Paragraph [0121] discloses, scanning/ evaluating each of the conditional rules based on the identification information of the particular computer to determine applicability of the particular software. Also see [0009]-[0014] the identification information of the computer may include one or more of: a manufacturer, a model, an operating system version, a workgroup, or version information of prior installed software. Also see [0081], [0085]); and receiving, at the file system based on a user selection relating to the at least one recommendation, at least one update for the software on the file system from the vendor environment (Paragraph [0139], [0140] discloses, based on user selection of particular version of software, updating the software that is received from the vendor. Also see [0156]). Maloney et al fails to explicitly teach, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment; generating, based on the scanning of the file system, an inventory of software on the file system by matching at least one unique identifier at the definitions file with the software; scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule. Smith; Christopher T. (US 20160012226 A1) teaches, discloses, generating, based on the scanning of the file system, an inventory of software on the file system by matching at least one unique identifier at the definitions file with the software (Paragraphs [0018], [0020] The cryptographic hash data 62 of the given file 20 can thus include encoded information (e.g., a cryptographic hash value) that can be indicative of one or more software products with which the given file 20 is associated (i.e., generating, based on the scanning the file system, an inventory of software by matching the unique identifier/ hash with the software) Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al by generating, based on the scanning of the file system, an inventory of software on the file system, as taught by Smith et al (Paragraphs [0018]-[0020]) One of the ordinary skill in the art would have been motivated to make this modification, by doing so, provides enhanced security, cost optimization, and improved operational efficiency. It creates a comprehensive, centralized record of all software assets, helping organizations to manage risk, ensure compliance, and make data-driven decisions. Maloney et al and Smith et al fails to explicitly teach, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment; scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule. PAQUIN; ADAM (US 20210360007 A1) teaches, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition (Paragraphs [0032], [0033] discloses, updating the software/ applying a fix based on the vulnerabilities/ condition. The rules are generated at the vendor environment), and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment (Paragraph [0034] Each set of CVE and vendor IDs is stored alongside metadata such as description, severity, device impact, and the updated version in which each vendor introduced the rule protecting against it). scanning the at least one definitions file for the at least one rule; determining that the at least one rule matches the at least one unique identifier at the definitions file (Paragraph [0035] discloses, After compiling this information, one or more embodiments of the invention makes a decision on the optimal IPS policy for the rule (block, log, allow, etc.), as well as provides a context for the priority level and time-sensitivity of the matter. Also see [0076], [0077]). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al and Smith et al by wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition, and wherein the at least one rule is generated at the vendor environment based on specifications associated with the vendor environment, as taught by PAQUIN et al (Paragraphs [0032]-[0035]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so, Using assessment techniques that are Security Operation Center (SOC) based, one or more embodiments of the present invention programmatically recommend protection techniques in real time, as taught by PAQUIN et al (Paragraph [0031]). Maloney et al, Smith et al and PAQUIN et al fails to explicitly teach, generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule. Nucci; Antonio (US 20210081189 A1) teaches, generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule (Figs. 3, 4 and related paragraphs discloses, generating/ providing recommendations regarding updating the software based on a rule); Nucci et al also teaches, wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition (Figs. 3, 4 and related paragraphs discloses, based on the based on the profile of a device policy comprising at least one rule specifying that a software should be updated based on a current software violating a condition. (Examiner interprets definition file as operation preferences in the user profile). Also see [0036]); scanning the at least one definitions file for the at least one rule (Paragraph [0022], [0023] determine that the risk metric violates a risk-tolerance level indicated in the operational preferences of the device policy for the group of network devices by scanning the definition file/ profile. Also see [0068]); and receiving, at the file system based on a user selection relating to the at least one recommendation, at least one update for the software on the file system from the vendor environment (Fig. 4 Paragraph [0081] Upon the user selecting the accept recommended upgrade option 420, the user device 110 may send an indication to the recommendation system 108 that the user would like to apply the recommended software. The recommendation system 108 may then perform operations to cause the group of network devices 106 to install and run the recommended software). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al and Smith et al by providing wherein the at least one definitions file comprises at least one rule specifying that a software should be updated based on a condition; scanning the at least one definitions file for the at least one rule; generating, for the client device, a web page providing at least one recommendation regarding updating the software on the file system based on the at least one rule, as taught by Nucci et al (Figs 3, 4 and related paragraphs). One of the ordinary skill in the art would have been motivated to make this modification, would provide accurate software updates for network devices to improve functionality and increase available features of the network devices, which in turn improves the functioning of the overall device network. Further, the software updates may provide service and security vulnerability fixes for discovered issues or bugs, which may help ensure the safe operation of the device network and overlaid business applications. Additionally, as technology continues to advance, updating device software for network devices to gain additional features and capabilities helps prevent the network devices from becoming obsolete and maintain operational value for longer periods of time as taught by Nucci et al (Paragraph [0004], [0019]). Regarding dependent claim 19, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the computer program product of claim 17. Nucci et al further teaches, further comprising(Figs. 3, 4 and related paragraphs discloses, based on the based on the profile of a device policy comprising at least one rule specifying that a software should be recommended based on actual operation conditions violates an operational preference recommending to run updated software that is more optimized for the network device and that satisfies the operational preferences of the user. Also see Abstract). Regarding dependent claim 20, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the computer program product of claim 17. Maloney et al further teaches, wherein the at least one recommendation comprise at least one of a recommended software version for updating the software on the file system or a benefit for updating the software on the file system (Paragraphs [0160], [0163] discloses, if applicable recommending software version for updating the software on the file). Regarding dependent claim 23, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Nucci et al further teaches, wherein the condition comprises at least one of an occurrence of a security threat, a performance level being below a predetermined threshold, or a benefit level being above a second predetermined threshold (Paragraphs [0099], [0100] discloses, based on violating the one or more operational preferences, recommending second software satisfies the one or more operational preferences 126 (e.g., above the risk-tolerance threshold) and is associated with the common functional attribute of the group of network devices (Examiner interprets security threat as security vulnerability)). Regarding dependent claim 24, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the system of claim 12. Nucci et al further teaches, wherein the condition comprises at least one of an occurrence of a security threat, a performance level being below a predetermined threshold, or a benefit level being above a second predetermined threshold (Paragraphs [0099], [0100] discloses, based on violating the one or more operational preferences, recommending second software satisfies the one or more operational preferences 126 (e.g., above the risk-tolerance threshold) and is associated with the common functional attribute of the group of network devices (Examiner interprets security threat as security vulnerability)). 6. Claims 4 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Maloney; Sean Eren (US 20220374217 A1) in view of Smith; Christopher T. (US 20160012226 A1), PAQUIN; ADAM (US 20210360007 A1), Nucci; Antonio (US 20210081189 A1) and in further view of Freitag; Jon (US 20230315614 A1). Regarding dependent claim 4, Maloney et al, Smith et al and Nucci et al teach, the method of claim 1. Maloney et al, Smith et al, PAQUIN et al and Nucci et al fails to explicitly teach, wherein matching the at least one unique identifier with the software comprises matching the at least one unique identifier with a corresponding executable file associated with the software on the file system Freitag et further teaches, wherein matching the at least one unique identifier with the software comprises matching the at least one unique identifier with a corresponding executable file associated with the software on the file system (Paragraph [0037] The build definition file and/or the build generation module 104c can identify the application dependences during the process of generating the software application build and retrieve the necessary dependency components (such as updated versions of libraries) in order to complete generation of the build(s). In some embodiments, the build generation module 104c can generate an output file (e.g., POM.xml in Maven™) that stores the determined application dependencies. Also see[0005] The system comprises a computing device with a memory for storing computer-executable instructions and a processor that executes the computer-executable instructions to select a software application comprising one or more application libraries each associated with a current version identifier). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al, Smith et al, PAQUIN et al and Nucci et al, wherein matching the at least one unique identifier with the software comprises matching the at least one unique identifier with a corresponding executable file associated with the software on the file system, as taught by Freitag et al (Paragraph [0037]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so, the methods and systems described herein further provide an intuitive front-end user interface for developers to manage the library upgrade process for one or more applications without the need to manually generate complex scripts or build instructions for the library upgrades as taught by Freitag et al (Paragraph [0004]). Regarding dependent claim 11, Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Maloney et al, Smith et al, PAQUIN et al and Nucci et al fails to explicitly teach, Freitag; Jon (US 20230315614 A1) teaches, of-date software (Paragraph [0032] In some embodiments, the UI module 104a also displays a severity indicator 414 for each artifact that provides a color-coded indication to the user of which libraries may be in need of urgent or critical updates (due to end-of-life, security vulnerabilities, deprecation, changes to other dependencies, etc.) and which libraries are not in need of such urgent updates. For example, critical updates may be displayed in red, urgent updates may be displayed in yellow, and non-urgent updates may be displayed in green. The severity indicator can be grey or blank if the current version of the artifact is the preferred version to use. The UI module 104a can collect metadata about the artifacts from library database 108b that relate to end-of-life, security vulnerabilities, deprecation, changes to other dependencies, and the UI module 104a can convert this metadata into the color used in the severity indicator 414. The severity indicator 414 can draw the user's attention to which artifact(s) may be priorities for updating in the upcoming test build). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al, Smith et al, PAQUIN et al and Nucci et al, the providing the at least one recommendation comprises generating an output page displaying content associated with the at least one recommendation, wherein the content is color-coded based on whether each recommendation indicates out-of-date software, as taught by Freitag et al (Paragraphs [0030], [0031]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so, the methods and systems described herein further provide an intuitive front-end user interface for developers to manage the library upgrade process for one or more applications without the need to manually generate complex scripts or build instructions for the library upgrades as taught by Freitag et al (Paragraph [0004]). 7. Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Maloney; Sean Eren (US 20220374217 A1) in view of Smith; Christopher T. (US 20160012226 A1), PAQUIN; ADAM (US 20210360007 A1), Nucci; Antonio (US 20210081189 A1) and in further view of Eldefrawy; Karim (US 20210232695 A1). Regarding dependent claim 6 Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, the method of claim 1. Maloney et al, Smith et al, PAQUIN et al and Nucci et al teach, fails to explicitly teach, wherein the at least one definitions file is a JSON file. Eldefrawy; Karim (US 20210232695 A1) teaches, wherein the at least one definitions file is a JSON file (Paragraph [0036] discloses that the definition file is a JSON file). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Maloney et al, Smith et al, PAQUIN et al and Nucci et al, wherein the at least one definitions file is a JSON file, as taught by Freitag et al (Paragraph [0036]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so, the primary advantage of software identification within a JSON structure is its simplicity and readability, allowing for easy parsing and interpretation of software details by both humans and machines, making it a convenient way to store and exchange information about different software components across systems as taught by Eldefrawy et al). Closest Prior Art 8. The prior art made of record and not relied upon is considered pertinent to the applicant’s disclosure. Nair; Bini Krishnan (US 20080276295 A1) teaches, A method of monitoring levels of security conformity and preparedness of a plurality of network connected computing machines, obtains a report by remotely scanning the machines in segments. The machines might already be connected to commercial security software and a patch dispenser. The report includes definition dates and any files quarantined by the commercial security software, patch-management-software communication present and the patches received. The method uses the report and software (not installed on the scanned machines) to produce a Network Security Scanner for Enterprise Protection output to perform a security-preparedness audit of the scanned machines. The audit non-intrusively ascertains. If the scanned machines conform to user-defined fields and policies, and assists in selective security updating of the machines. The scanning, unrecognized by the scanned machines may be configured to suit their OS, and done periodically as desired (Abstract). Borthakur; Apolak (US 20180321928 A1) teaches, [0097] FIG. 6 is a block diagram of an implementation of a system 600 usable for sharing software asset management content among multiple customer platform instances that manage respective customer computing networks. For example, software asset management content may include software publisher data, software product data, software package data, Normalization rules that can be used to match discovered software to the predefined software packages or products, software entitlement definitions, software product definitions, product process names, processor normalization rules, and processor core factor mapping rules. Since the software asset management content will continue to evolve as software vendors ship new versions of software, data may be stored on a central instance that provides a mechanism for customer instances to retrieve the latest content. ….The updated software asset management content can then be pushed to the central data server instance 610 so that the content is available to be downloaded and used by customer instances. 9. Examiner has pointed out particular references contained in the prior arts of record in the body of this action for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and Figures may apply as well. It is respectfully requested from the applicant, in preparing the response, to consider fully the entire references as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior arts or disclosed by the examiner. It is noted that any citation to specific pages, columns, figures, or lines in the prior art references any interpretation of the references should not be considered to be limiting in any way. A reference is relevant for all it contains and may be relied upon for all that it would have reasonably suggested to one having ordinary skill in the art. In re Heck, 699 F.2d 1331-33, 216 USPQ 1038-39 (Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275, 277 (CCPA 1968))). Conclusion Applicant’s amendments/Arguments necessitated new grounds of rejection as presented in this office action. THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUMAN RAJAPUTRA whose telephone number is (571) 272-4669. The examiner can normally be reached between 8:00 AM - 5:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi (571) 272-4078 can be reached. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/ patents/ apply/ patent-center for more information about Patent Center and https://www.uspto.gov/ patents/ docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /S. R./ Examiner, Art Unit 2163 /ALEX GOFMAN/Primary Examiner, Art Unit 2163
Read full office action

Prosecution Timeline

Show 8 earlier events
Nov 21, 2025
Response after Non-Final Action
Dec 02, 2025
Non-Final Rejection mailed — §103
Feb 10, 2026
Interview Requested
Feb 19, 2026
Applicant Interview (Telephonic)
Feb 19, 2026
Examiner Interview Summary
Feb 24, 2026
Response Filed
May 29, 2026
Final Rejection mailed — §103
Jun 25, 2026
Interview Requested

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12639389
INSIGHT ENGINE
1y 9m to grant Granted May 26, 2026
Patent 12613888
SYSTEMS AND METHODS FOR PARSING OPAQUE DATA
4y 9m to grant Granted Apr 28, 2026
Patent 12455878
SYSTEM AND METHOD FOR SQL SERVER RESOURCES AND PERMISSIONS ANALYSIS IN IDENTITY MANAGEMENT SYSTEMS
2y 11m to grant Granted Oct 28, 2025
Patent 12436988
KEYPHRASE GENERATION
2y 10m to grant Granted Oct 07, 2025
Patent 12423367
SEARCH ENGINE INTERFACE USING TAG/OPERATOR SEARCH CHIP OBJECTS
1y 11m to grant Granted Sep 23, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

5-6
Expected OA Rounds
69%
Grant Probability
99%
With Interview (+38.2%)
3y 1m (~9m remaining)
Median Time to Grant
High
PTA Risk
Based on 165 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month