Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsStripe, Inc. › 18679356
Last updated: April 19, 2026
Application No. 18/679,356

SYSTEMS AND METHODS FOR MONITORING NETWORK TRAFFIC TO IDENTIFY CYBERATTACKS

Final Rejection §103
Filed
May 30, 2024
Examiner
NGUYEN, ANH
Art Unit
2458
Tech Center
2400 — Computer Networks
Assignee
Stripe, Inc.
OA Round
2 (Final)
79%
Grant Probability
Favorable
3-4
OA Rounds
2y 9m
To Grant
99%
With Interview

Interview Optional

+24.9% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 359 resolved cases, 2023–2026

Examiner Intelligence

NGUYEN, ANH View full profile →
Grants 79% — above average
79%
Career Allow Rate
282 granted / 359 resolved
+20.6% vs TC avg
Strong +25% interview lift
Without
With
+24.9%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
23 currently pending
Career history
382
Total Applications
across all art units

Statute-Specific Performance

§101
12.8%
-27.2% vs TC avg
§103
58.6%
+18.6% vs TC avg
§102
9.0%
-31.0% vs TC avg
§112
12.1%
-27.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 359 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This communication is in response to the amendment filed on 01/16/2026. Claims 1-20 are rejected. Claims 1-2, 4-5, 7-9, 11-12, 14-16, and 18-19 have been amended. Response to Arguments Applicant’s arguments with respect to claims 1, 8, and 15 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-6, 8-13, 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Musuvathi et al. (US 20180367550 A1), hereafter Musuvathi in view of Zafar (US 12155742 B1) and further in view of Holub et al. (US 12289323 B1), hereafter Holub. Regarding claim 1, Musuvathi teaches a method, comprising: obtaining, by at least one processor, a plurality of data packets transmitted over a network corresponding to network operation activity parameters for a first time interval and a second time interval, the plurality of data packets transmitted by at least a first system, wherein the plurality of data packets includes at least one first data packet corresponding to the first time interval and at least one second data packet corresponding to the second time interval ([0006] a number of data packets received in a defined period of time (e.g., five seconds, ten seconds, thirty seconds, a minute, three minutes. Examiner note: In this paragraph, Musuvathi teaches that data packets received in each defined period of time corresponds to the claimed “data packets corresponding to the first time interval and second time interva)); determining, by the at least one processor, a plurality of feature values from the first time interval and the second time interval based on the plurality of data packets, each feature corresponding to execution of a protocol by the first system ([0006] A data instance comprises feature data for a feature set. The feature set can be defined by the system for security and detection of attacks. Thus, the feature set can include individual features, values for which are collected. The features can be related to data traffic information); in accordance with a detection of the potential cyberattack, generating, by the at least one processor, an embedding based at least in part on the detected change and the plurality of feature values and an encoder ([0004] For example, the label (embedding) can indicate whether previously received data traffic is associated with a known cyber attack or not. Consequently, based on the labels associated with the data instances, the model can tune (e.g., update) its parameters via machine learning, where [0006] the packet data received in a period of time); determining, by the at least one processor, that at least one data packet of the plurality of data packets is involved in a cyberattack based on the embedding ([0097] a set of local model parameters for a local model is computed via stochastic gradient descent (SGD) based on a training data subset that includes data instances of the feature set and a label indicating whether received data traffic comprises a known cyber attack); and in accordance with a determination that the at least one data packet is involved in the cyberattack, causing, by the at least one processor, an execution of a remedial protocol in association with the first system ([0013] The system can then implement a remedial action to mitigate any damaging effects that results from the cyber attack). Musuvathi does not explicitly teach detecting, by the at least one processor, a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval; an encoder, the encoder configured to generate the embedding based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval. Zafar teaches an encoder, the encoder configured to generate the embedding based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval (col. 6, lines 45-49, during preprocessing, the system may identify time-related features in the dataset, such as timestamps or temporal contexts. The system may convert time-related features into a suitable format for input into an artificial intelligence model. This may involve encoding timestamps as numerical values, converting temporal contexts into embeddings, or using time-related metadata for document retrieval. The system may also modify the model architecture to accept input embeddings that include time-related features). It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi disclosure, input is generated associate with time period, as taught by Zafar. One would be motivated to do so to identify the causes of past performance issues, and improving security by spotting unusual traffic patterns that could indicate cyber threats. Musuvathi and Zafar do not explicitly teach detecting, by the at least one processor, a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval; Holub teaches detecting, by the at least one processor, a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval (col. 9, lines 55-60, newly discovered attack patterns may periodically be added to the attack patterns (first time and second time intervals); col. 16, lines 13-17, FIG. 9 is a block diagram illustrating an example computer system that can be used to implement one or more portions of a cyberattack monitoring system configured to detect successful attacks based on subsequent benign actions (a change) of an attacker following an initial attack); It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi and Zafar disclosure, detecting a change in data to detect a cyberattack, as taught by Holub. One would be motivated to do so to apply an evaluation function to detect attack patterns in the log and determine (e.g. based on a threshold) particular client actions that correspond to an attempted attack. Regarding claims 2, 9, and 16, Musuvathi, Zafar, and Holub teach all limitations of parent claims 1, 8, and 15, wherein the second time interval is at least in part earlier than the first time interval (col. 14, lines 13-28, tags indicating the start and end times of an event, the duration of a process, or the frequency of data collection intervals). Temporal tags may also include additional attributes or metadata describing the temporal characteristics of the data. This could include tags indicating the time zone, time resolution, periodicity, or temporal context of the data), and wherein determining the plurality of feature values based on the plurality of data packets comprises: determining the plurality of feature values based on the at least one second data packet and the at least one second data packet (col. 23, lines 63-67, model 400 may take inputs and provide outputs. The inputs may include multiple datasets such as a training dataset and a test dataset. Each of the plurality of datasets may include time series data, annotated time series data, temporal tags, weights, time-shifts). It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi and Holub disclosure, network data in different time period, as taught by Zafar. One would be motivated to do so to identify the causes of past performance issues, and improving security by spotting unusual traffic patterns that could indicate cyber threats. Regarding claims 3, 10, and 17, Musuvathi, Zafar, and Holub teach all limitations of parent claims 2, 9, and 16, wherein Musuvathi further teaches the encoder is a transformer encoder ([0047] FIG. 4 is a diagram 400 illustrating examples of a remedial action that can be taken in response to a model 402 determining that the likelihood (e.g., a probability, value) of illegitimate data traffic associated with a cyber attack exceeds a threshold 404), and wherein generating the embedding based on the plurality of feature values and the transformer encoder comprises: providing, by the at least one processor, the plurality of feature values to be input to the transformer encoder and cause the transformer encoder to generate an output, and obtaining, by the at least one processor, the embedding based on the generation of the output of the transformer encoder ([0047] Given a new data instance provided as input to the model, the model can provide an output and the output can be compared to the threshold). Regarding claims 4, 11, and 18, Musuvathi, Zafar, and Holub teach all limitations of parent claims 2, 9, and 16, wherein Musuvathi further taches determining that the at least one data packet of the plurality of data packets is involved in the cyberattack comprises: providing, by the at least one processor, the embedding to be input to a prediction head and cause the prediction head to generate an output ([0028] The model described herein can be configured for use in association with security systems configured to detect a cyber attack. That is, the model can be used to predict a likelihood of illegitimate data traffic that is associated with a cyber attack), and obtaining, by the at least one processor, data associated with a probability that the at least one data packet of the plurality of data packets is involved in the cyberattack based on the generation of the output of the prediction head ([0047] Given a new data instance provided as input to the model 402, the model 402 can provide an output (e.g., a likelihood or probability value) and the output can be compared to the threshold 404. When the comparison yields that the computed outcome exceeds the threshold 404, a security system deduces that computing infrastructure is likely under attack). Regarding claims 5, 12, and 19, Musuvathi, Zafar, and Holub teach all limitations of parent claims 4, 11, and 18, wherein Musuvathi further teaches determining that the at least one data packet of the plurality of data packets is involved in the cyberattack comprises: comparing, by the at least one processor, the probability that the at least one data packet of the plurality of data packets is involved in the cyberattack with a threshold probability ([0013] For instance, the likelihood can be associated with probability value (e.g., 95%) and can be compared to a probability threshold (e.g., 90%, 80%, etc.) established by the system or set by a computing infrastructure administrator for security and detection purposes); determining, by the at least one processor, that the probability satisfies the threshold probability ([0013] Using the likelihood computed by a model as an output, the system is configured to determine whether the likelihood satisfies, or exceeds, a threshold); and determining that the at least one data packet of the plurality of data packets is involved in the cyberattack based on determining that the probability satisfies the threshold probability ([0013] The system can then implement a remedial action to mitigate any damaging effects that results from the cyber attack). Regarding claims 6, 13, and 20, Musuvathi, Zafar, and Holub teach all limitations of parent claims 1, 8, and 15, wherein Musuvathi further teaches determining the plurality of feature values based on the plurality of data packets comprises: determining, by the at least one processor, that one or more dependencies involved in generating at least one feature value is not satisfied ([0004] the label can indicate whether previously received data traffic is associated with a known cyber attack or not); and determining, by the at least one processor, an alternative feature value based on one or more of: a default feature value or one or more different feature values ([0128] determine, using the global model and the new data instance of the feature set, the likelihood of the illegitimate data traffic that is associated with the cyber attack). Regarding claim 8, Musuvathi teaches a system, comprising: one or more processors configured to: obtain a plurality of data packets transmitted over a network corresponding to network operation activity parameters for a first time interval and a second time interval, the plurality of data packets transmitted by at least a first system, wherein the plurality of data packets includes at least one first data packet corresponding to the first time interval and at least one second data packet corresponding to the second time interval ([0006] a number of data packets received in a defined period of time (e.g., five seconds, ten seconds, thirty seconds, a minute, three minutes. Examiner note: In this paragraph, Musuvathi teaches that data packets received in each defined period of time corresponds to the claimed “data packets corresponding to the first time interval and second time interval)); determine a plurality of feature values from the first time interval and the second time interval based on the plurality of data packets, each feature corresponding to execution of a protocol by the first system ([0006] A data instance comprises feature data for a feature set. The feature set can be defined by the system for security and detection of attacks. Thus, the feature set can include individual features, values for which are collected. The features can be related to data traffic information); in accordance with a detection of the potential cyberattack, generate an embedding based at least in part on the detected change and the plurality of feature values and an encoder ([0004] For example, the label (embedding) can indicate whether previously received data traffic is associated with a known cyber attack or not. Consequently, based on the labels associated with the data instances, the model can tune (e.g., update) its parameters via machine learning, where [0006] the packet data received in a period of time); determine that at least one data packet of the plurality of data packets is involved in a cyberattack based on the embedding ([0097] a set of local model parameters for a local model is computed via stochastic gradient descent (SGD) based on a training data subset that includes data instances of the feature set and a label indicating whether received data traffic comprises a known cyber attack); and in accordance with a determination that the at least one data packet is involved in the cyberattack, cause an execution of a remedial protocol in association with the first system ([0013] The system can then implement a remedial action to mitigate any damaging effects that results from the cyber attack). Musuvathi does not explicitly teach detect a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval; an encoder, the encoder configured to generate the embedding based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval. Zafar teaches an encoder, the encoder configured to generate the embedding based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval (col. 6, lines 45-49, during preprocessing, the system may identify time-related features in the dataset, such as timestamps or temporal contexts. The system may convert time-related features into a suitable format for input into an artificial intelligence model. This may involve encoding timestamps as numerical values, converting temporal contexts into embeddings, or using time-related metadata for document retrieval. The system may also modify the model architecture to accept input embeddings that include time-related features). It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi disclosure, input is generated associate with time period, as taught by Zafar. One would be motivated to do so to identify the causes of past performance issues, and improving security by spotting unusual traffic patterns that could indicate cyber threats. Musuvathi and Zafar do not explicitly teach detect a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval; Holub teaches detect a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval (col. 9, lines 55-60, newly discovered attack patterns may periodically be added to the attack patterns (first time and second time intervals); col. 16, lines 13-17, FIG. 9 is a block diagram illustrating an example computer system that can be used to implement one or more portions of a cyberattack monitoring system configured to detect successful attacks based on subsequent benign actions (a change) of an attacker following an initial attack); It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi and Zafar disclosure, detecting a change in data to detect a cyberattack, as taught by Holub. One would be motivated to do so to apply an evaluation function to detect attack patterns in the log and determine (e.g. based on a threshold) particular client actions that correspond to an attempted attack. Regarding claim 15, Musuvathi teaches a non-transitory computer-readable medium storing instructions there on that, when executed by one or more processors, cause the one or more processors to: obtain a plurality of data packets transmitted over a network corresponding to network operation activity parameters for a first time interval and a second time interval, the plurality of data packets transmitted by at least a first system, wherein the plurality of data packets includes at least one first data packet corresponding to the first time interval and at least one second data packet corresponding to the second time interval ([0006] a number of data packets received in a defined period of time (e.g., five seconds, ten seconds, thirty seconds, a minute, three minutes)); determine a plurality of feature values from the first time interval and the second time interval based on the plurality of data packets, each feature corresponding to execution of a protocol by the first system ([0006] A data instance comprises feature data for a feature set. The feature set can be defined by the system for security and detection of attacks. Thus, the feature set can include individual features, values for which are collected. The features can be related to data traffic information); in accordance with a detection of the potential cyberattack, generate an embedding based at least in part on the detected change and the plurality of feature values and an encoder ([0004] For example, the label (embedding) can indicate whether previously received data traffic is associated with a known cyber attack or not. Consequently, based on the labels associated with the data instances, the model can tune (e.g., update) its parameters via machine learning, where [0006] the packet data received in a period of time); determine that at least one data packet of the plurality of data packets is involved in a cyberattack based on the embedding ([0097] a set of local model parameters for a local model is computed via stochastic gradient descent (SGD) based on a training data subset that includes data instances of the feature set and a label indicating whether received data traffic comprises a known cyber attack); and in accordance with a determination that the at least one data packet is involved in the cyberattack, cause an execution of a remedial protocol in association with the first system ([0013] The system can then implement a remedial action to mitigate any damaging effects that results from the cyber attack). Musuvathi does not explicitly teach detect a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval; an encoder, the encoder configured to generate the embedding based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval. Zafar teaches an encoder, the encoder configured to generate the embedding based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval (col. 6, lines 45-49, during preprocessing, the system may identify time-related features in the dataset, such as timestamps or temporal contexts. The system may convert time-related features into a suitable format for input into an artificial intelligence model. This may involve encoding timestamps as numerical values, converting temporal contexts into embeddings, or using time-related metadata for document retrieval. The system may also modify the model architecture to accept input embeddings that include time-related features). It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi disclosure, input is generated associate with time period, as taught by Zafar. One would be motivated to do so to identify the causes of past performance issues, and improving security by spotting unusual traffic patterns that could indicate cyber threats. Musuvathi and Zafar do not explicitly teach detect a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval; Holub teaches detect a change indicative of a potential cyberattack based on the plurality of feature values from the first time interval and the plurality of feature values from the second time interval (col. 9, lines 55-60, newly discovered attack patterns may periodically be added to the attack patterns (first time and second time intervals); col. 16, lines 13-17, FIG. 9 is a block diagram illustrating an example computer system that can be used to implement one or more portions of a cyberattack monitoring system configured to detect successful attacks based on subsequent benign actions (a change) of an attacker following an initial attack); It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi and Zafar disclosure, detecting a change in data to detect a cyberattack, as taught by Holub. One would be motivated to do so to apply an evaluation function to detect attack patterns in the log and determine (e.g. based on a threshold) particular client actions that correspond to an attempted attack. Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Musuvathi (US 20180367550 A1) in view of Zafar (US 12155742 B1) in view of Mishra (US 20230098508 A1) and further in view of Holub (US 12289323 B1). Regarding claims 7 and 14, Musuvathi, Zafar, and Holub teach tall limitations of parent claims 1 and 8, Musuvathi does not explicitly teach wherein determining the plurality of feature values based on the plurality of data packets comprises: determining, by the at least one processor and for the first time interval and the second time interval, at least one of: a minimum feature value, an average feature value, a maximum feature value, a minimum aggregate feature value, a mean aggregate feature value, or a maximum aggregate feature value, and Mishra teaches determining, by the at least one processor, the plurality of feature values based on at least one of the minimum feature value, the average feature value, the maximum feature value, the minimum aggregate feature value, the mean aggregate feature value, or the maximum aggregate feature value ([0029] The attack stage feature may be determined as number of attack stages hit by the office/total number of attack stages. The detection type feature may be determined as number of detection types hit by the office/total number of detection types. A total score may be determined as sum (event scores)/max (sum (event scores) of all devices in an office). It would have been obvious to a person of ordinary skill in the art before the effective filling date of the claimed invention made to include in the Musuvathi disclosure, feature types are determined based on the max score features value, as taught by Mishra. One would be motivated to do so to detect occurrence of different types of network threats and prevent them from affecting performance and security of the computer networks. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANH NGUYEN whose telephone number is (571)270-0657. The examiner can normally be reached M-F. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached at 5712703037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ANH NGUYEN/Primary Examiner, Art Unit 2458
Read full office action

Prosecution Timeline

May 30, 2024
Application Filed
Oct 28, 2025
Non-Final Rejection — §103
Dec 19, 2025
Interview Requested
Jan 06, 2026
Applicant Interview (Telephonic)
Jan 06, 2026
Examiner Interview Summary
Jan 16, 2026
Response Filed
Feb 17, 2026
Final Rejection — §103
Apr 09, 2026
Applicant Interview (Telephonic)
Apr 10, 2026
Examiner Interview Summary

Precedent Cases

Applications granted by this same examiner with similar technology

18/624,121
Patent 12602480
DATA MANAGEMENT APPARATUS AND DATA MANAGEMENT METHOD
2y 5m to grant Granted Apr 14, 2026
18/748,377
Patent 12603908
SYSTEM FOR DETECTING ANOMALOUS NETWORK PATTERNS BASED ON ANALYZING NETWORK TRAFFIC DATA AND METHOD THEREOF
2y 5m to grant Granted Apr 14, 2026
18/647,627
Patent 12587558
SYSTEM AND METHOD OF ARTIFICIAL INTELLIGENCE ASSISTED CYBER THREAT IDENTIFICATION VIA WEBSERVER LOGS
2y 5m to grant Granted Mar 24, 2026
17/119,797
Patent 12578895
USING NETWORK DEVICE REPLICATION IN DISTRIBUTED STORAGE CLUSTERS
2y 5m to grant Granted Mar 17, 2026
17/926,502
Patent 12581310
PAIRING OF USER DEVICE WITH REMOTE SYSTEM
2y 5m to grant Granted Mar 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
79%
Grant Probability
99%
With Interview (+24.9%)
2y 9m
Median Time to Grant
Moderate
PTA Risk
Based on 359 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month