Office Action Predictor
Last updated: April 15, 2026
Application No. 18/609,584

SYSTEMS AND METHODS FOR SECURITY OPERATIONS MATURITY ASSESSMENT

Non-Final OA §101
Filed
Mar 19, 2024
Examiner
KONERU, SUJAY
Art Unit
3624
Tech Center
3600 — Transportation & Electronic Commerce
Assignee
Deepwatch, INC.
OA Round
1 (Non-Final)
58%
Grant Probability
Moderate
1-2
OA Rounds
3y 2m
To Grant
95%
With Interview

Examiner Intelligence

Grants 58% of resolved cases
58%
Career Allow Rate
421 granted / 722 resolved
+6.3% vs TC avg
Strong +37% interview lift
Without
With
+36.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 2m
Avg Prosecution
36 currently pending
Career history
758
Total Applications
across all art units

Statute-Specific Performance

§101
37.9%
-2.1% vs TC avg
§103
50.7%
+10.7% vs TC avg
§102
2.0%
-38.0% vs TC avg
§112
7.4%
-32.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 722 resolved cases

Office Action

§101
DETAILED ACTION This Office Action is in response to Applicant's response to application filed on 19 March 2024. Currently, claims 1-18 are pending. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDS) submitted is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-18 are clearly drawn to at least one of the four categories of patent eligible subject matter recited in 35 U.S.C. 101 (non-transitory medium, method and system). Claims 1-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Claims 1, 17-18 recite the abstract idea of determine, based on a number of a set of cyber security use cases covered by a plurality of active data sources associated with an organization and a number of a plurality of cyber security use cases, a cyber security use case coverage value and determine, for each of one or more of the active data sources of the plurality of active data sources, and based on a subset of cyber security use cases covered by the active data source, a criticality score for the active data source and determine, based on a number of the plurality of active data sources and a number of the plurality of data sources, a data source coverage value and determine, based on a number of a set of jurisdictions with which the plurality of active data sources are associated and a number of a plurality of jurisdictions associated with the organization, an asset collection coverage value and determine, based on the cyber security use case coverage value, the criticality scores for one or more of the active data source of the plurality of active data sources, the data source coverage value, the asset collection coverage value, a security operation maturity score for the organization and provide, based on the security operation maturity score and one or more benchmarks, a recommendation regarding the security operation maturity score of the organization. The claims are directed to assessing the security operations of an organization based on use cases and other types of sources and jurisdiction data. Under prong 1 of Step 2A, these claims are considered abstract because the claims are mental processes or concepts performed in the human mind (including an observation, evaluation, judgment, opinion) and certain methods of organizing human activity (including mitigating risk). The claims are a type of mental processes such as an evaluation because an assessing the security operations of an organization is an evaluation. Additionally, the claims are certain methods of organizing human activity (including mitigating risk) because the claims show determining a recommendation (mitigation) regarding a security operation score (risk) for an organization (which is human activity). Under prong 2 of Step 2A, the judicial exception is not integrated into a practical application because the claims (the judicial exception and any additional elements individually or in combination such as a non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to perform steps and using a machine learning model and an apparatus, comprising a memory and a processor operatively coupled to the memory, the processor configured to perform steps) are not an improvement to a computer or a technology, the claims do not apply the judicial exception with a particular machine, the claims do not effect a transformation or reduction of a particular article to a different state or thing nor do the claims apply the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment such that the claims as a whole is more than a drafting effort designed to monopolize the exception. These limitations at best are merely implementing an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea - see MPEP 2106.05(f). Under Step 2B, the claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements individually or in combination such as a non-transitory processor-readable medium storing code representing instructions to be executed by a processor, the code comprising code to cause the processor to perform steps and using a machine learning model and an apparatus, comprising a memory and a processor operatively coupled to the memory, the processor configured to perform steps (as evidenced by para [0042]-[0054], [0097]-[0104] of applicant’s own specification) are well understood, routine and conventional in the field. Dependent claims 2-10, 12, 14-16 also do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements either individually or in combination are merely an extension of the abstract idea itself by further showing receive input from a user to identify a plurality of data sources that include the plurality of active data sources and identify, based on analysis of network traffic of the organization, a plurality of data sources that include the plurality of active data sources and determine, based on the set of cyber security use cases covered by the plurality of active data sources and a plurality of compliance frameworks, compliance coverage of the organization, the security operation maturity score being further based on the compliance coverage and the one or more benchmarks include a benchmark security maturity score based on the plurality of active data sources and the one or more benchmarks include at least one of (1) a security maturity score of an organization similar to the organization, (2) a security maturity score of an industry related to the organization, (3) a security operation maturity score of a state, or (4) a security operation maturity score of a nation and identify at least one missing cyber security use case not covered by the plurality of active data sources and identify, based on the set of cyber security use cases covered by the plurality of active data sources and the one or more benchmarks, security gaps of the organization and wherein determining the criticality score for an active data source of the plurality of active data sources comprises using a weighted criticality score based on a score of each cyber security use case covered by that active data source and wherein the determining of the cyber security use case coverage value is based on data received in real-time from each active data source from the plurality of active data sources and determining the security operation maturity score includes code to calculate the security operation maturity score for the organization comprising employing a security maturity model that comprises a logistic equation that employs inputs comprising the cyber security use case coverage value, the criticality scores for one or more of the active data source of the plurality of active data sources, the data source coverage value, and the asset collection coverage value and the security operation maturity score for the organization includes is determined based on a plurality of security operation maturity scores, each security operation maturity score of the plurality of security operation maturity scores associated with at least one of a cyber security use case from the plurality of cyber security use cases or an active data source from the plurality of active data sources and generate based on the one or more benchmarks, a prediction of improvement of the security operation maturity score of the organization as each data source from a plurality of inactive data sources is activated to be an active data source, wherein the recommendation to improve the security operation maturity score of the organization comprises the prediction of improvement of the security operation maturity score of the organization and wherein the recommendation to improve the security operation maturity score of the organization comprises an indication of the security operation maturity score of the organization. Dependent claims 11 and 13 do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements individually or in combination such wherein determining the criticality score for an active data source is based on at least one of (1) whether the active data source includes external authentication capabilities or (2) a direction of network traffic of that active data source and wherein: the security operation maturity score for the organization includes an overall security operation maturity score based on a plurality of security operation maturity scores, each security operation maturity scores from the plurality of security operation maturity scores indicating a security operation maturity level of a segment from a plurality of segments of information technology infrastructure of the organization, and the plurality of security operation maturity scores including at least one of a security operation maturity score of data centers, a security operation maturity score of cloud service providers, or a security operation maturity score of software as a service (SaaS) (as evidenced by para [0042]-[0054], [0097]-[0104] of applicant’s own specification) are well understood, routine and conventional in the field. Allowable Subject Matter Claims 1-18 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 101, set forth in this Office action. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 11212316 B2 US 20200233955 A1 US 20190222585 A1 US 20180246926 A1 US 20180146004 A1 EP 2755139 A1 "Deepwatch Lens Score: SecOps maturity planning and benchmarking" Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUJAY KONERU whose telephone number is 571-270-3409. The examiner can normally be reached on Monday-Friday, 9 am to 5 pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patricia Munson can be reached on 571- 270-5396. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SUJAY KONERU/ Primary Examiner, Art Unit 3624
Read full office action

Prosecution Timeline

Mar 19, 2024
Application Filed
Sep 23, 2025
Non-Final Rejection — §101
Jan 07, 2026
Applicant Interview (Telephonic)
Jan 07, 2026
Examiner Interview Summary
Mar 24, 2026
Response Filed

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12596979
PERSONALIZED RISK AND REWARD CRITERIA FOR WORKFORCE MANAGEMENT
2y 5m to grant Granted Apr 07, 2026
Patent 12596972
CONVERSATION-BASED MESSAGING METHOD AND SYSTEM
2y 5m to grant Granted Apr 07, 2026
Patent 12585868
SYSTEM TO TRACE CHANGES IN A CONFIGURATION OF A SERVICE ORDER CODE FOR SERVICE FEATURES OF A TELECOMMUNICATIONS NETWORK
2y 5m to grant Granted Mar 24, 2026
Patent 12579553
REUSABLE DATA SCIENCE MODEL ARCHITECTURES FOR RETAIL MERCHANDISING
2y 5m to grant Granted Mar 17, 2026
Patent 12572990
METHODS AND IoT SYSTEMS FOR MONITORING WELDING OF SMART GAS PIPELINE BASED ON GOVERNMENT SUPERVISION
2y 5m to grant Granted Mar 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
58%
Grant Probability
95%
With Interview (+36.9%)
3y 2m
Median Time to Grant
Low
PTA Risk
Based on 722 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month