Prosecution Insights
Last updated: July 17, 2026
Application No. 18/742,832

GENERATING RUNNABLE SCRIPTS FROM VULNERABILITY CHAINS

Non-Final OA §103
Filed
Jun 13, 2024
Examiner
NAHAR, SAYEDA S
Art Unit
2435
Tech Center
2400 — Computer Networks
Assignee
International Business Machines Corporation
OA Round
2 (Non-Final)
74%
Grant Probability
Favorable
2-3
OA Rounds
1y 4m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 74% — above average
74%
Career Allowance Rate
26 granted / 35 resolved
+16.3% vs TC avg
Strong +25% interview lift
Without
With
+25.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
22 currently pending
Career history
56
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
97.6%
+57.6% vs TC avg
§102
0.6%
-39.4% vs TC avg
§112
0.6%
-39.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 35 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment 2. This is in response to the amendments filed on 02/17/2026. Claims 1-4,9-12,17-20 have been amended. Claims 1-5, 7-13, and 15-20 are currently pending and have been considered below. Response to Arguments 3. Applicant’s arguments filed on 02/17/2026 have been fully considered but they are not persuasive. On the Remarks, Applicant argues that; none of the art of record in any combination teaches or suggests the features that are claimed. nowhere do the cited sections of She describe that "generate runnable exploit scripts that incorporate the identified exploit paths". The examiner respectfully disagrees. It is noted that, She at Para.0087, Abstract, Para.0050 discloses, “temporal graph to train a machine learning model to label the intention of the …. graph”, “a temporal graph derived from ….. events”, “….IT security events …. regarding …. unexpected occurrences across the data network” which the examiner interpreted as being the claimed “……. generate and train a foundation model”. Also, She at Para.0086, Para.0087, Abstract, Para.0050 discloses, “temporal graph is then reconstructed….a reconstructed …. (events) graph….. Machine learning …. be implemented using a …. neural network …”, “reconstructed temporal graph to train a machine learning model to label the intention of the temporal graph”, “a temporal graph derived from ….. events”, “….IT security events …. regarding …. unexpected occurrences across the data network” which the examiner interpreted as being the claimed “causing the foundation model to build a new vulnerability chain model, wherein the foundation model is trained on the IT environment information and the vulnerability chains;” because the broadest reasonable interpretation of the claimed “causing the foundation model to build a new vulnerability chain model, wherein the foundation model is trained on the IT environment information and the vulnerability chains;” includes reconstructed temporal graph, which is used to train a machine learning model, equivalent to the claimed ‘causing a foundation model to build a new vulnerability chain model’. Moreover, She at Para.0086, Para.0103, Para.0024, Abstract discloses; “the temporal graph …. Reconstructed…… Machine learning …..then be implemented using a …neural network”, “The temporal graph is split into multiple subgraphs. These subgraphs are then fed into the GNN …. for attack patterns….”, “multiple subgraphs are processed by a trained GNN”, “a graph neural network (GNN)” which the examiner interpreted as being the claimed “causing the ….. foundation model to: evaluate the new vulnerability chain model” because the broadest reasonable interpretation of the claimed “causing the ….. foundation model to: evaluate the new vulnerability chain model” includes multiple subgraphs combined into temporal graph and fed into the GNN/graph neural network (GNN). Also, She at Para.0053, Para.0057, Para.0016, Para.0101 discloses; “the exploit code runs …..on the …..computer ….send a user a link ….to a malicious site… contains an exploit code ….”, “An endpoint …is a …. device that runs ….. code (software)”, “monitoring activities …. in an endpoint…. executed …. graph by an endpoint”, “the temporal graphs …. by trained neural network” which the examiner interpreted as being the claimed “generate runnable exploit scripts that incorporate the identified exploit paths”. Applicant's further arguments with respect to claim(s) 1, 9, and 17 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Further, the examiner notes that while She, Crabtree and Sumedrea are being maintained in the new ground of rejection, the newly added features in the amended claims are not being presented in the applicant’s arguments, and thus any arguments presented by Applicant concerning She, Crabtree and Sumedrea and this newly added limitation are considered moot. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 4. Claims 1-5,7-13,15-21 are rejected under AIA 35 U.S.C. 103 as being unpatentable over She et al (US 20230088676 A1) in view of Crabtree et al. (US 20220060511 A1) and further in view of Sumedrea et al. (US 20250139233 A1) Regarding Claim 1: She discloses: a. A computer-implemented method (CIM), (Abstract; “A method to detect anomalous behavior in a computing system”) comprising: causing a network entity scanner to scan an Information Technology (IT) environment and (Para.0050, Para.0060, Para.0059; “Security Information and Event Management (SIEM) tools provide …. services for analyzing …. IT security events and vulnerabilities”, “events are sent from endpoints….. where such events are analyzed”, “a plurality of endpoints…. on behalf of multiple enterprises” Security Information and Event Management (SIEM) tools is construed as network entity scanner) collect information associated with the IT environment; (Para.0050, Para.0060, Para.0057; “a range of services for …. reporting on IT security events …. services typically include collection of events regarding …. unexpected occurrences across the data network”, “events are sent from endpoints”, “environment that includes …. endpoint 502”) causing a chained vulnerability identifier to identify vulnerability chains (Abstract, Para.0007, Para.0060; “attack pattern graphs”, “graph derived from …. events …. to embed a set of attack pattern …… associated with anomalous behavior (e.g., a potential attack) in the computing system”, “events are sent from endpoints….. to record endpoint activities, e.g., …… events, to describe a malicious or suspicious behavior …. (network graphs) ….”) based at least in part on the IT environment information; (Para.0050; “…. reporting on IT security events …. regarding …. unexpected occurrences across the data network” attack pattern graphs derived from events regarding unexpected occurrences/anomalous behavior across the data network, attack pattern graphs are construed as vulnerability chains, set of attack pattern associated with anomalous behavior within attack pattern graphs are construed as chained vulnerability identifier) b. ……. generate and train a foundation model; (Para.0087, Abstract, Para.0050; “temporal graph to train a machine learning model to label the intention of the …. graph”, “a temporal graph derived from ….. events”, “….IT security events …. regarding …. unexpected occurrences across the data network”) ….. the foundation model…… c. causing the foundation model to build a new vulnerability chain model, (Para.0086; “temporal graph is then reconstructed….a reconstructed …. (events) graph….. Machine learning …. be implemented using a …. neural network …”) wherein the foundation model is trained on the IT environment information and the vulnerability chains; (Para.0087, Abstract, Para.0050; “reconstructed temporal graph to train a machine learning model to label the intention of the temporal graph”, “a temporal graph derived from ….. events”, “….IT security events …. regarding …. unexpected occurrences across the data network” temporal graph is reconstructed, reconstructing temporal graph is used to train a machine learning model, which is construed as causing a foundation model to build a new vulnerability chain model) causing a visualizer to ….. the new vulnerability chain model into a visualization of the IT environment and identified exploit paths; (Para.0050; “IT security events and vulnerabilities…. include …. visualization tools for viewing current and potential network traffic patterns, correlation of asset vulnerabilities with network configuration and traffic to identify active attack paths ……”) transmitting the visualization to a user interface; (Para.0050, Para.0053; “visualization tools for viewing current and potential network traffic patterns, ….. with network configuration …..and while containment in the user interface …that is, an approach through the user interface that allows ….. display …..configurations and changes/deletions in the underlying network”, “attacker …. to send an employee a …. document, one that contains hidden exploit code …. to silently download malware on the employee computer ….. Another option is to send a user a link … to a malicious site”) d. …. generate and train a ….. foundation model; (disclosed in above, section b) and e. causing the ….. foundation model to: evaluate the new vulnerability chain model, (She, Para.0086, Para.0103, Para.0024, Abstract; “the temporal graph …. Reconstructed…… Machine learning …..then be implemented using a …neural network”, “The temporal graph is split into multiple subgraphs. These subgraphs are then fed into the GNN …. for attack patterns….”, “multiple subgraphs are processed by a trained GNN”, “a graph neural network (GNN)” multiple subgraphs combined into temporal graph and fed into the GNN/graph neural network (GNN) which is construed as causing the foundation model to: evaluate the new vulnerability chain model) and generate runnable exploit scripts that incorporate the identified exploit paths. (Para.0053, Para.0057, Para.0016, Para.0101; “the exploit code runs …..on the …..computer ….send a user a link ….to a malicious site… contains an exploit code ….”, “An endpoint …is a …. device that runs ….. code (software)”, “monitoring activities …. in an endpoint…. executed …. graph by an endpoint”, “the temporal graphs ….. by trained neural network”) however, She does not explicitly disclose: b. causing an artificial intelligence (AI) model transformer to generate and train a ….. model; adding one or more additional prompts to the …… model, wherein the additional prompt(s) are configured to support zero day exploits; c. causing a visualizer to convert the …..vulnerability chain model into a visualization of the IT environment and identified exploit paths; d. ….. causing the Al model transformer to generate and train a supplemental ….. model; e. causing the supplemental ….. model to: evaluate the ….. vulnerability …… In an analogous reference Crabtree discloses: c. causing a visualizer to convert the … vulnerability chain model into a visualization of the IT environment and identified exploit paths; (Para.0137, Para.0099, Para.0136, Abstract; “…. Graph…. comprise a visualization of …. relationships between devices and resources in a security infrastructure, contextualizing …. information …. for …. users”, “converting streams of information into graph representations of that data”, “graphs …. used to produce a visualization ….of changes over time, quantifying collected data into a meaningful and understandable format”, “use machine learning algorithms to run ….. attack and defense strategies against a model of the networked system created using a …. graph” streams of information of a security infrastructure are converted into graph representations, graph comprise a visualization of relationships between devices and resources in a security infrastructure, machine learning model is created with graph of attack and defense strategies, thus construed as causing a visualizer to convert the vulnerability chain model into a visualization of the IT environment and identified exploit paths) Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify She’s method of detecting anomalous behavior in a computing system by enhancing She’s method to include Crabtree’s method of using machine learning algorithms to run simulated attack and defense strategies against a model. The motivation: a simulated attack on a model of the network under test and a simulated defense against the simulated attack, results in obtaining a simulation result comprising the cyberattack strategy sequence and a probability of success of the attack and the defense. In addition, simulation result determines a cybersecurity improvement recommendation for the network under test. however, She in view of Crabtree does not explicitly disclose: b. causing an artificial intelligence (AI) model transformer to generate and train a ….. model; adding one or more additional prompts to the …… model, wherein the additional prompt(s) are configured to support zero day exploits; d. ….. causing the Al model transformer to generate and train a supplemental ….. model; e. causing the supplemental ….. model to: evaluate the ….. vulnerability …… In an analogous reference Sumedrea discloses: b. causing an artificial intelligence (AI) model transformer to generate and train a ….. model; (FIG.1/Para.0031, Para.0032, Para.0040; “trains AIM 105 to produce generalized AIM 120…. AIM 120 …. considered a general model…….”, “AIM 105 to perform a range of tasks such as text generation, translation, and summarization”, “train generalized AIM 120” AIM 105 performs a range of tasks such as text generation, translation, and summarization as well as AIM 105 produces generalized AIM 120, which is construed as an artificial intelligence (AI) model transformer [AIM 105] to generate and train a ….model [AIM 120]) adding one or more additional prompts to the …..model, wherein the additional prompt(s) are configured to support zero day exploits; (Para.0026, Para.0037, Abstract, Para.0044; “particular application…… may exploited through ….. prompt injection….. to take advantage of ….zero-day exploits”, “inputs prompts into AIM”, “an artificial intelligence model (AIM) using training data …. to detect …. cybersecurity threats”, “initiate a zero-day attack, which is a cyberattack that exploits a previously unknown vulnerability …. called “zero-day” vulnerabilities”) d. ….. causing the Al model transformer to generate and train a supplemental ….. model; (FIG.1/Para.0025, Abstract, Para.0053; “produce three dedicated AIMs 140, 160, and 180 from generalized AIM 120”, “an artificial intelligence model (AIM) …. to produce a generalized AIM….. the generalized AIM ….produce multiple dedicated AIMs” multiple dedicated AIMs, such as AIMs 140, 160, and 180 which are produced from AIM 120 and AIM 120 is produced from AIM 105 [FIG.1], therefore construed as causing the Al model transformer to generate and train a supplemental model, “the generalized AIM …. produce a plurality of dedicated AIMs. Each one of the dedicated AIMs from the plurality of dedicated AIMs is trained….”) e. causing the supplemental …. model to: evaluate the ……vulnerability …….(Para.0021; “dedicated AIMs …. prevent malicious actors from exposing vulnerabilities in the software applications”) Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify She in view of Crabtree’s method of detecting anomalous behavior in a computing system by enhancing She in view of Crabtree’s method to include Sumedrea’s method for performing a two-stage training operation on an AIM. The motivation: additional prompt(s) configured to support zero day exploits, protects applications from vulnerabilities, and efficiently produces and utilizes dedicated artificial intelligence models for runtime application self-protection. With respect to independent claims 9 and 17, a corresponding reasoning was given earlier in this section with respect to claim 1; therefore, claims 9 and 17 rejected, for similar reasons, under the grounds as set forth for claim 1. Regarding Claim 2: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 1, wherein the foundation model is generated and trained using training data in a first data lake, the training data in the first data lake being selected from the group consisting of: cybersecurity vulnerabilities, exploit predictions, and scripting details. (She, Para.0069, Para.0103, Para.0086; “graph …. is stored in a database”, “a …. model is trained…. to embed the graph into …..security-related tasks, such as cyber threat hunting…..”, “Machine learning …. implemented using a deep neural network (DNN). By training the DNN….. the temporal (events) graph”) Regarding Claim 3: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 2, wherein the …. foundation model… (She, disclosed in claim 1) …..the supplemental …… model is trained using training data in a second data lake that is different than the first data lake, the training data in the second data lake being selected from the group consisting of: cybersecurity vulnerabilities, exploit predictions, and scripting details. (Sumedrea, Para.0014, Para.0062; “each one of the dedicated AIMs from the plurality of dedicated AIMs is trained to detect …. application-centric cybersecurity threats ….. corresponding …..of the plurality of application types”, “The data storage device …. is stored …. dedicated …. instructions ….e.g., software”) With respect to dependent claims 11 and 19, a corresponding reasoning was given earlier in this section with respect to claim 3; therefore, claims 11 and 19 rejected, for similar reasons, under the grounds as set forth for claim 3. Regarding Claim 4: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 2, further comprising: …..the runnable exploit scripts…… …. causing the exploit scripts to be run on the… (She, Para.0053, Para.0057, Para.0016; “the exploit code runs …..on the …..computer ….send a user a link ….to a malicious site… contains an exploit code ….”, “An endpoint …is a …. device that runs ….. code (software)”, “monitoring activities …. in an endpoint…. executed …. graph by an endpoint”) passing the …. exploit …. to a test harness attached to a simulated IT environment; (Crabtree, Para.0157, Para.0141; “attack engine applies the generated attacks ….. through a …. simulation engine …..”, “A simulated attack …. performed …to determine the effects of the simulated attack and identify points of weakness”) causing the exploit …. to be run on the test harness; (Para.0157, Para.0130; “simulates …. attack …. for implementing certain types of attacks on a network…. that are vulnerable”, “to test an actual network …. initiate an … simulation of a cyberattack ….. comprising a simulated attack generated by a machine learning algorithm on a model of the network under test”) and evaluating performance of the exploit ….. (Para.0161; “The simulation results comprise probabilities of the success of attack and defense strategies based on a model of the network under test...”) With respect to dependent claims 12 and 20, a corresponding reasoning was given earlier in this section with respect to claim 4; therefore, claims 12 and 20 rejected, for similar reasons, under the grounds as set forth for claim 4. Regarding Claim 5: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 2, wherein the … foundation model …. for…. exploit script… (disclosed in claim 1) ….the supplemental ….model…….(disclosed in claim 1) ……generate a difficulty rating for each exploit …. (Crabtree, Para.0140, Para.0157; “attack is …. checked against a baseline score ….to determine the full extent of the impact”, “attack building resources …. for implementing certain types of attacks on a network”) With respect to dependent claim 13, a corresponding reasoning was given earlier in this section with respect to claim 5; therefore, claim 13 rejected, for similar reasons, under the grounds as set forth for claim 5. Regarding Claim 7: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 1, wherein the visualizer is configured to convert the new vulnerability chain model into the visualization (Crabtree, Para.0137, Para.0099, Para.0136, Abstract; “…. Graph…. comprise a visualization of …. relationships between devices and resources in a security infrastructure, contextualizing …. information …. for …. users”, “converting streams of information into graph representations of that data”, “graphs …. used to produce a visualization …. of changes over time, quantifying collected data into a meaningful and understandable format”, “use machine learning algorithms to run …. attack and defense strategies against a model of the networked system created using a …. graph”) based at least in part on the information associated with the IT environment collected by the network entity scanner. (Para.0148, Para.0106, Para.0158, Para.0103; “a … graph …. used to represent a complete picture of an organization's infrastructure”, “scan …. analyze the collected information. …. to produce a ….graph….. using the analyzed data, forming a graph of …. organization resources”, “a defense building resource might be a port scanner that checks for and closes open ports”, “scan checks the …..port ….used by attackers to check for an open port ….. to select a target for an attack that exploits a vulnerability using that port”) With respect to dependent claim 15, a corresponding reasoning was given earlier in this section with respect to claim 7; therefore, claim 15 rejected, for similar reasons, under the grounds as set forth for claim 7. Regarding Claim 8: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 1, wherein the chained vulnerability identifier is configured to identify vulnerability chains by: examining the IT environment information; (She, Para.0050; “analyzing, …. IT security events and vulnerabilities”) identifying vulnerabilities in the IT environment information; (Para.0050; “….. monitoring, and reporting on IT security events and vulnerabilities”) and linking subsets of the identified vulnerabilities to form the vulnerability chains. (Para.0045, Para.0080, Para.0072, Para.0060; “a set of observations into subsets”, “computing the …. subset of security related subgraphs in the …. and finally yielding a subgraph that describes the threat….”, “…. suspicious behavior pattern. …..involves matching a subgraph in the … graph ….”, “to record endpoint activities, e.g.….. suspicious behavior …..with …. graphs”) With respect to dependent claim 16, a corresponding reasoning was given earlier in this section with respect to claim 8; therefore, claim 16 rejected, for similar reasons, under the grounds as set forth for claim 8. Regarding Claim 21: She in view of Crabtree and further in view of Sumedrea discloses: The CIM of claim 1, further comprising: proactively causing changes to be made to the IT environment (She, Para.0054, Para.0052; “the agent …. protects the enterprise against such threats at ….. exploit prevention …..that prevents exploiting attempts from compromising user computers”, “agent code ….executing in enterprise endpoint ….. that enables IT security to manage the deployment ….of …. unmanaged endpoints”) that address one or more of the identified exploit paths. (She, Para.0053; “send a user a link …..to a malicious site…. contains an exploit code …. When the employee clicks the link ….. the exploit code runs ….silently download malware on the employee computer. The link can also direct the user to a phishing site ….. to convince the user to submit corporate credentials”) Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Contact Information Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAYEDA SALMA NAHAR whose telephone number is (703)756-4609. The examiner can normally be reached M-F 12:00 PM to 6:00 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached on (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SAYEDA SALMA NAHAR/Examiner, Art Unit 2435 /BEEMNET W DADA/Primary Examiner, Art Unit 2435
Read full office action

Prosecution Timeline

Jun 13, 2024
Application Filed
Nov 18, 2025
Non-Final Rejection mailed — §103
Feb 17, 2026
Response Filed
Apr 20, 2026
Final Rejection mailed — §103
Jun 22, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12627979
METHOD FOR LICENSE-BASED ACCESS NETWORK ACCESS CONTROL INDEPENDENT OF SUBSCRIBER DATA IN A TELECOMMUNICATIONS NETWORK AND TELECOMMUNICATIONS NETWORK THEREOF
4y 1m to grant Granted May 12, 2026
Patent 12537850
CONCEALED MONITOR COMMUNICATIONS FROM A TASK IN A TRUSTED EXECUTION ENVIRONMENT
3y 11m to grant Granted Jan 27, 2026
Patent 12506751
METHOD AND SYSTEM FOR SCORING SEVERITY OF CYBER ATTACKS
3y 7m to grant Granted Dec 23, 2025
Patent 12493681
PUF-RAKE: A PUF-BASED ROBUST AND LIGHTWEIGHT AUTHENTICATION AND KEY ESTABLISHMENT PROTOCOL
3y 8m to grant Granted Dec 09, 2025
Patent 12457490
ON-DEMAND SUBSCRIPTION CONCEALED IDENTIFIER (SUCI) DECONCEALMENT FOR SELECT APPLICATIONS
3y 5m to grant Granted Oct 28, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

2-3
Expected OA Rounds
74%
Grant Probability
99%
With Interview (+25.0%)
3y 5m (~1y 4m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 35 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month