DETAILED ACTION
Claims 21-40 are presented for consideration.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 21-40 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-16 of U.S. Patent No. 11,997,125 [ hereinafteras ‘125 patent ] in view of Sharan et al. [ US Patent Application No 2020/0175077 ]. The claims of ‘125 patent discloses all claims of the current application, except one or more nouns or pronounces , and one or more verbs, however, Sharan discloses one or more nouns or pronounces, and one or more verbs [ i.e. user inputs a natural language command ] [ paragraphs 0034, and 0038 ], it would have been obvious to person skill in the art before the effective filing date of the claimed invention to combine the teaching of ‘125 patent and Sharan because the teaching of Sharan would enable to provide system that streamlines and augments the security analysis process through the implementation of an interactive artificial intelligence, natural language processing, and playbook protocols [ Sharan, paragraph 0005 ]..
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 21-40 are rejected under 35 U.S.C. 103 as being unpatentable over Sharan et al. [ US Patent Application No 2020/0175077 ], in view of Roturier et al. [ US Patent No 10,418,036 ].
4. As per claim 21, Sharan discloses the invention as claimed including a cyber situational awareness and response system [ i.e. security information and event management ] [ Figure 1; Abstract; and paragraphs 0031, and 0032 ], comprising:
one or more processors; and one or more memories coupled to the one or more processors to store instructions, which when executed by the one or more processors, cause the cyber situational awareness and response system to perform operations, the operations comprising:
receiving a user input from a user of the cyber situational awareness and response system [ i.e. text-based, voice-based, visual-based input ] [ 110, 112, 114, Figure 1; and paragraph 0032 ], the user input having one or more nouns or pronouns, and one or more verbs [ i.e. user inputs a natural language command ] [ paragraphs 0034, and 0038 ];
determining one or more first entities based on the one or more nouns or pronouns; determining an intent based on the one or more verbs [ i.e. applying lemmatization and tokenized concepts to language inputs to extract the entities and invent of the given instruction ] [ 400, Figure 3; and paragraphs 0033, and 0037 ].
Sharan does not specifically disclose
wherein the intent comprises a cyber security action relating to the one or more first entities to be performed by the cyber situational awareness and response system; and
automating performance of the cyber security action relating to the one or more first entities based on the intent.
Roturier discloses
wherein the intent comprises a cyber security action relating to the one or more first entities to be performed by the cyber situational awareness and response system [ i.e. transform the human intents into machine intents (e.g. actions to be performed against an incident analysis system ] [ 320, Figure 3; col 5, lines 30-col 6, lines 2; and col 7, lines 48-col 8, lines 31 ]; and
automating performance of the cyber security action relating to the one or more first entities based on the intent [ i.e. executes one or more queries against one or more security incident analysis system for information about the one or more entities of interest ] [ 330, Figure 3; Abstract; and col 12, lines 38-59 ].
It would have been obvious to person skill in the art before the effective filing date of the claimed invention to combine the teaching of Rao and Roturier because the teaching Roturier would enable to query security event across a plurality of security incident analysis systems through a unified conversational agent [ Roturier, col 1, lines 62-67 ].
As per claim 22, Roturier discloses displaying, via a first user interface, information relating to the one or more first entities in response to the intent [ i.e. transmit aggregated results to client device for display via user interface ] [ col 6, lines 53-63 ].
As per claim 23, Roturier discloses displaying, via a second user interface, event information of an event in response to a user selection of the information relating to the one or more first entities [ .e. a notification for display on user interface, identify the second user and the security incident ] [ col 7, lines 1-17 ].
As per claim 24, Roturier discloses wherein the information relating to the one or more first entities comprises at least one of: an identifier of the event, a description of the event, a date of the event, a caller of the event, or a priority level of the event [ i.e. results of each query and an identification of the source incident analysis system for each query result ] [ col 12, lines 60-col 13, lines 3 ].
8. As per claim 25, Roturier discloses wherein the operations further comprise: extracting one or more second entities from the event information; and determining an actionable entity from the one or more second entities based on a set of predetermined actionable entities [ i.e. incident analysis system has one or more executable files that can be executed to remedy the security incident ] [ col 9, lines 47-col 10, lines 7 ].
9. As per claim 26, Roturier discloses displaying, via a third user interface, a plurality of available security actions associated with the determined actionable entity [ i.e. one or more additional prompts for requesting additional information ] [ col 2, lines 29-32; and col 9, lines 47-col 10, lines 7 ].
10. As per claim 27, Roturier discloses wherein the event information comprises at least one of: endpoint information, one or more Internet protocol (IP) addresses, a hostname, or a possible threat actor [ i.e. source of an attack ] [ col 7, lines 1-17, and lines 58-65 ].
11. As per claim 28, Roturier discloses wherein the cyber security action relating to the one or more first entities includes a response to a knowledge-seeking or contextual awareness-based question about the one or more first entities [ i.e. incident analysis system has one or more executable files that can be executed to remedy the security incident ] [ col 9, lines 47-col 10, lines 7 ].
12. As per claim 29, Roturier discloses wherein the action relating to the one or more first entities includes an automation-based action for incident response operation [ i.e. remedy the security incident ] [ col 2, lines 42-50 ].
13. As per claim 30, Sharan discloses wherein the intent is a knowledge-based intent, a contextual awareness-based intent, or an automation-based intent [ paragraphs 0037, and 0038 ].
14. As per claims 31-40, they are rejected for similar reasons as stated above in claims 21-30.
Response to Arguments
Applicant’s arguments with respect to claim(s) 21-40 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Medalion et al. [ US Patent Application No 2020/0162496 ] discloses system and method for classifying cyber security threats using natural language processing
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUSTIN NGUYEN whose telephone number is (571)272-3971. The examiner can normally be reached Monday-Friday 9-6 PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian Gillis can be reached on 571-2727952. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DUSTIN NGUYEN/Primary Examiner, Art Unit 2446