SYSTEM AND METHOD FOR DETECTION AND MITIGATION OF ELECTRONIC DATA VULNERABILITIES WITHIN A COMPUTING ENVIRONMENT

DETAILED ACTION Notice of Pre-AIA or AIA Status 1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 2.The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 3. Claim(s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Smith (US Pub.No.2018/0349611) in view of Bu (US Pub.No.2025/0291933). 4. Regarding claims 1,8 and 14 Smith teaches a system, a computer program product and a computer-implemented method for detection and mitigation of electronic data vulnerabilities within a computing environment, the system comprising: a processing device; a non-transitory storage device containing instructions when executed by the processing device, causes the processing device to perform the steps of: receiving deployment data associated with one or more software resources from one or more computing devices within a network environment; storing the deployment data within a software deployment database, wherein the software deployment database comprises one or more entries, wherein each of the one or more entries is associated with the one or more software resources; analyzing, the deployment data; detecting a vulnerability associated with at least one software resource of the one or more software resources based on analyzing the deployment data (Para:0007-0008 teaches facilitate vulnerability scanning of a software app after deployment thereof. This is achieved, at least in part, by integrating a component (sometimes referred to as vulnerability scanning component or a self-scanning component) with the software app, where the component is configured to detect one or more conditions associated with the deployment of the software app. Such conditions may include the initial deployment and/or upgrade to a new version and/or change/upgrade in the version of a component of the deployed app. The conditions may also include elapsing of a selected time after the initial deployment and/or after the last vulnerability scanning of the deployed app. When one or more conditions are determined to be true, the self-scanning component collects one or more of source-code file(s), script(s), executable(s), and/or partially compiled and/or interpretable object code file(s) associated with the app, and transmits them for vulnerability scanning thereof. The results of the vulnerability scanning may be reported to the app owner/app developers and/or to the app user. The vulnerability scanning results may be integrated with a log file generated during routine execution of the software app. Para:0009 teaches detecting the occurrence of a condition corresponding to deployment of the software application includes determining that a particular version of the software application has been deployed initially. Detecting the occurrence of a condition corresponding to deployment of the software application may also include determining that a user-configurable or specified time period has elapsed since a particular version of the software application was: (i) deployed initially, or (ii) last analyzed for vulnerabilities therein. In some embodiments, detecting the occurrence of a condition corresponding to deployment of the software application includes determining that a particular version of the software application as deployed has been modified, e.g., by applying a patch to an installed version, by replacing one of the components with a different component or version thereof, etc. The set of code files, which is transmitted to a scanner, may include one or more files associated with the modification); and transmitting an information to a computing device associated with the vulnerability (Para:0007 teaches the results of the vulnerability scanning may be reported to the app owner/app developers and/or to the app user. The vulnerability scanning results may be integrated with a log file generated during routine execution of the software app. Para:0011 and Para:0017 teaches the vulnerability analysis report includes generating a first log event or notification indicating whether a vulnerability scan was completed successfully. Additionally, or in the alternative, presenting the vulnerability analysis report may include generating a second log event or notification indicating whether the software application: (a) has a vulnerability, (b) has no detected vulnerabilities, (c) is not compliant with a specified vulnerability profile, and (d) is compliant with the specified vulnerability profile. In some embodiments, presenting the vulnerability analysis report includes writing the first and/or second log events into an application log file. In some embodiments, presenting the vulnerability analysis report includes displaying (e.g., in an app window or a pop-up window) the first and/or second notifications during execution of the application). Smith teaches all the above claimed limitations, but do not expressly teach analyzing, using an artificial intelligence engine, the deployment data; detecting a vulnerability associated with at least one software resource of the one or more software resources based on analyzing the deployment data; and transmitting a remediation plan to a computing device associated with the vulnerability. Bu teaches analyzing, using an artificial intelligence engine, the deployment data; detecting a vulnerability associated with at least one software resource of the one or more software resources based on analyzing the deployment data; and transmitting a remediation plan to a computing device associated with the vulnerability (Para:0012 teaches determining a remediation strategy (e.g., a software patch deployment) for responding to a security deficiency (e.g., a security vulnerability and/or exposure) using a generative machine learning model. A remediation strategy may be contrasted with a mitigating response associated with the security deficiency in that a mitigation response aims to reduce risk exposure associated with the deficiency while a remediation strategy aims to eliminate the root cause of the security deficiency. For example, if a web application has an access control misconfiguration that allows unauthorized data access, a remediation strategy may involve correcting the access control rules to restrict access as intended. As another example, if a software library with known vulnerabilities is used within an application, a remediation strategy may involve upgrading or replacing the library.Para:0013 teaches determine a remediation strategy associated with a security deficiency (e.g., a security deficiency corresponding to a monitoring event captured by a monitoring component that monitors a software component), an example system may perform the following operations: (i) identifying a deficiency identifier (e.g., a Common Vulnerabilities and Exposures (CVE) identifier) associated with the security deficiency, (ii) retrieving one or more texts (e.g., advisories, solutions, remediation scripts, remediation tools, product notifications, threat intelligence reports, and/or the like.) that correspond to the deficiency identifier (e.g., by querying one or more databases such as a CVE database), (iii) generating a prompt for a generative machine learning model to process the texts to detect a remediation strategy, (iv) providing the prompt to the generative machine learning model, (v) receiving the output of the machine learning model, (vi) determine whether the output satisfies one or more output constraints (e.g., one or more output constraints specified by format and/or content requirements specified in the prompt), and (vii) if the output satisfies the output constraint(s), determine the remediation strategy based on the validated output). Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to modify Smith to include analyzing, using an artificial intelligence engine, the deployment data; detecting a vulnerability associated with at least one software resource of the one or more software resources based on analyzing the deployment data ; and transmitting a remediation plan to a computing device associated with the vulnerability, as taught by Bu, such a setup would determine a remediation strategy (e.g., a software patch deployment) for responding to a security deficiency using a generative machine learning model. A remediation strategy may be contrasted with a mitigating response associated with the security deficiency in that a mitigation response aims to reduce risk exposure associated with the deficiency while a remediation strategy aims to eliminate the root cause of the security deficiency (Para:0012). 5. Regarding claims 2,9 and 15 Smith teaches the system, the computer program product and the computer-implemented method wherein receiving the deployment data comprises: accessing storage devices of the one or more computing devices; and pulling the deployment data from the storage devices of the one or more computing devices (Para:0007-0008 teaches facilitating vulnerability analysis of a software application. The method includes configuring a software component that is integratable with a software application during compilation or execution thereof, and providing the software component (also referred to as a self-scanning component) to a software development environment of the software application. The software component is configured to: (i) determine occurrence of a condition corresponding to deployment of the software application; and (ii) transmit a set of code files associated with the software application to a vulnerability scanner. The software application can be a web application, a web service, or a client application. The deployment of the software application may include one or more of: (i) installation of a code file associated with the software application, in a runtime environment on a client device; (ii) execution of the code file in the runtime on the client device; and (iii) uploading the code file, for distribution thereof, to a distribution environment on another device). 6. Regarding claims 3,10 and 16 Bu teaches the system, the computer program product and the computer-implemented method, wherein receiving the deployment data comprises: presenting an online portal to the one or more computing devices, wherein the online portal comprises a graphical user interface, wherein the graphical user interface comprises one or more interface elements for receiving an input comprising the deployment data (Para:0012 teaches determining a remediation strategy (e.g., a software patch deployment) for responding to a security deficiency (e.g., a security vulnerability and/or exposure) using a generative machine learning model. A remediation strategy may be contrasted with a mitigating response associated with the security deficiency in that a mitigation response aims to reduce risk exposure associated with the deficiency while a remediation strategy aims to eliminate the root cause of the security deficiency. For example, if a web application has an access control misconfiguration that allows unauthorized data access, a remediation strategy may involve correcting the access control rules to restrict access as intended. As another example, if a software library with known vulnerabilities is used within an application, a remediation strategy may involve upgrading or replacing the library. Para:0013 teaches determine a remediation strategy associated with a security deficiency (e.g., a security deficiency corresponding to a monitoring event captured by a monitoring component that monitors a software component), an example system may perform the following operations: (i) identifying a deficiency identifier (e.g., a Common Vulnerabilities and Exposures (CVE) identifier) associated with the security deficiency, (ii) retrieving one or more texts (e.g., advisories, solutions, remediation scripts, remediation tools, product notifications, threat intelligence reports, and/or the like.) that correspond to the deficiency identifier (e.g., by querying one or more databases such as a CVE database), (iii) generating a prompt for a generative machine learning model to process the texts to detect a remediation strategy, (iv) providing the prompt to the generative machine learning model, (v) receiving the output of the machine learning model, (vi) determine whether the output satisfies one or more output constraints (e.g., one or more output constraints specified by format and/or content requirements specified in the prompt), and (vii) if the output satisfies the output constraint(s), determine the remediation strategy based on the validated output). 7. Regarding claims 4, 11 and 17 Bu teaches the system, the computer program product and the computer-implemented method, wherein the input comprises information regarding an attempted remediation of the vulnerability associated with the at least one software resource (Para:0012-0013 teaches determining a remediation strategy (e.g., a software patch deployment) for responding to a security deficiency (e.g., a security vulnerability and/or exposure) using a generative machine learning model. A remediation strategy may be contrasted with a mitigating response associated with the security deficiency in that a mitigation response aims to reduce risk exposure associated with the deficiency while a remediation strategy aims to eliminate the root cause of the security deficiency. For example, if a web application has an access control misconfiguration that allows unauthorized data access, a remediation strategy may involve correcting the access control rules to restrict access as intended. As another example, if a software library with known vulnerabilities is used within an application, a remediation strategy may involve upgrading or replacing the library). 8. Regarding claims 5,12 and 18 Bu teaches the system, the computer program product and the computer-implemented method, wherein receiving the deployment data further comprises: transmitting a set of prompts to the one or more computing devices, wherein the set of prompts comprises one or more queries regarding the at least one software resource, wherein the input comprises one or more responses to the set of prompts (Para:0010 and Para:0012-0013 teaches determining a remediation strategy (e.g., a software patch deployment) for responding to a security deficiency (e.g., a security vulnerability and/or exposure) using a generative machine learning model. A remediation strategy may be contrasted with a mitigating response associated with the security deficiency in that a mitigation response aims to reduce risk exposure associated with the deficiency while a remediation strategy aims to eliminate the root cause of the security deficiency. For example, if a web application has an access control misconfiguration that allows unauthorized data access, a remediation strategy may involve correcting the access control rules to restrict access as intended. As another example, if a software library with known vulnerabilities is used within an application, a remediation strategy may involve upgrading or replacing the library. Para:0013 teaches determine a remediation strategy associated with a security deficiency (e.g., a security deficiency corresponding to a monitoring event captured by a monitoring component that monitors a software component), an example system may perform the following operations: (i) identifying a deficiency identifier (e.g., a Common Vulnerabilities and Exposures (CVE) identifier) associated with the security deficiency, (ii) retrieving one or more texts (e.g., advisories, solutions, remediation scripts, remediation tools, product notifications, threat intelligence reports, and/or the like.) that correspond to the deficiency identifier (e.g., by querying one or more databases such as a CVE database), (iii) generating a prompt for a generative machine learning model to process the texts to detect a remediation strategy, (iv) providing the prompt to the generative machine learning model, (v) receiving the output of the machine learning model, (vi) determine whether the output satisfies one or more output constraints (e.g., one or more output constraints specified by format and/or content requirements specified in the prompt), and (vii) if the output satisfies the output constraint(s), determine the remediation strategy based on the validated output). 9. Regarding claims 6,13 and 19 Smith teaches the system, the computer program product and the computer-implemented method, wherein the deployment data comprises at least one of names of the one or more software resources, version numbers of the one or more software resources, software resource types or categories, or device identifiers associated with the one or more computing devices (Para:0007 and Para:0033 teaches the deployment data comprises the names of the one or more software resources, version numbers of the one or more software resources). 10. Regarding claims 7 and 20 Bu teaches the system and the computer-implemented method, wherein the remediation plan comprises one or more remediation steps, wherein the one or more remediation steps comprise at least one of updating a version of the software resource, updating anti-malware definitions, or applying security updates (Para:0012 if a vulnerability allows remote code execution due to a buffer overflow flaw, a remediation strategy may involve patching the software to address the overflow. As another example, if a web application has an access control misconfiguration that allows unauthorized data access, a remediation strategy may involve correcting the access control rules to restrict access as intended. As another example, if a software library with known vulnerabilities is used within an application, a remediation strategy may involve upgrading or replacing the library). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri : 7:30 AM-5 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431