Prosecution Insights
Last updated: July 17, 2026
Application No. 18/908,111

CLOUD-BASED CYBER SECURITY AND METHODS OF OPERATION

Non-Final OA §102§112
Filed
Oct 07, 2024
Priority
Oct 05, 2023 — provisional 63/542,708
Examiner
ZEE, EDWARD
Art Unit
2435
Tech Center
2400 — Computer Networks
Assignee
Darktrace Holdings Limited
OA Round
1 (Non-Final)
91%
Grant Probability
Favorable
1-2
OA Rounds
7m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 91% — above average
91%
Career Allowance Rate
817 granted / 901 resolved
+32.7% vs TC avg
Moderate +10% lift
Without
With
+10.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 4m
Avg Prosecution
16 currently pending
Career history
921
Total Applications
across all art units

Statute-Specific Performance

§101
3.4%
-36.6% vs TC avg
§103
42.0%
+2.0% vs TC avg
§102
20.8%
-19.2% vs TC avg
§112
8.3%
-31.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 901 resolved cases

Office Action

§102 §112
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is in response to the correspondence filed on 10/07/24. Claims 1-20 are still pending and have been considered below. Claim Objections Claim 11 is objected to because of the following informalities: line 11 should be amended to recite, “…risk value associated with at least the first ephemeral…”. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 11-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 11 recites the limitation "and any relationship links between" in line 16, which renders the claim indefinite in that it is unclear as to which exact claimed elements (if any) the relationships links are “between”, so to speak. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claim(s) 1, 2, 4, 5, 11, 14, 15 and 20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Mradul et al. (2024/0394377). Claim 1: Mradul et al. discloses a cloud security system configured to protect a cloud environment associated with a network, comprising: a cloud asset enumeration component configured to (i) identify a plurality of cloud assets associated with a cloud architecture and (ii) collect information associated with each of the plurality of cloud assets(scans cloud infrastructure to identify sensitive assets by examining metadata and content of the assets) [page 2, paragraph 0021 | page 4, paragraph 0035]; and an asset management component configured to conduct analytics on information associated with the plurality of cloud assets in order to detect misconfiguration of one or more cloud assets of the plurality of cloud assets forming the cloud architecture(assessing and/or reassessing risk score in response to configuration changes to determine asset configuration risk of misconfiguration) [page 4, paragraph 0044 | page 6, paragraph 0057 | page 8, claim 3], wherein the plurality of cloud assets comprises ephemeral, cloud-based components or services(organization’s assets hosted in cloud infrastructure) [page 2, paragraphs 0018-0019]. Claim 2: Mradul et al. discloses the cloud security system of claim 1, wherein the cloud asset enumeration component is further configured to conduct access mapping operations by at least determining which cloud asset of the plurality of cloud assets have access to one or more other cloud assets of the plurality of cloud assets(hierarchical relationships of assets) [page 6, paragraphs 0059-0060]. Claim 4: Mradul et al. discloses the cloud security system of claim 1, wherein the cloud asset enumeration component is further configured to (i) create a group of cloud assets from the plurality of cloud assets and (ii) generate an interactive, customer-specific cloud architecture that represents relatedness and interconnectivity of the group of cloud assets(provide structure for visualization of hierarchical structure) [page 6, paragraphs 0059-0060 | page 7, paragraph 0069]. Claim 5: Mradul et al. discloses the cloud security system of claim 4 communicatively coupled to a cyber security appliance to generate a first Artificial Intelligence (AI) model based on normal or expected behaviors of the group of cloud assets(calculate baseline at-rest risk scores and filtering incidents based on them) [pages 2-3, paragraphs 0023-0024]. Claim 11: Mradul et al. discloses a computerized method comprising: identifying a plurality of cloud assets within a cloud environment of a customer [page 2, paragraph 0021 | page 4, paragraph 0035]; collecting information associated with each of the plurality of cloud assets including metadata associated with a first ephemeral cloud asset of the plurality of cloud assets and metadata associated with a second ephemeral cloud asset of the plurality of cloud assets [page 2, paragraph 0021 | page 4, paragraph 0035]; conducting analytics on the metadata associated with the first ephemeral cloud asset and the metadata associated with the second ephemeral cloud asset in order to detect misconfiguration of the first ephemeral cloud asset or the second ephemeral cloud asset [page 4, paragraph 0044 | page 6, paragraph 0057 | page 8, claim 3]; determining an estimated risk value associated with at least first ephemeral cloud asset and the second ephemeral cloud asset, wherein the estimated risk value associated with the first ephemeral cloud represents a potential risk of the first ephemeral cloud asset being misconfigured and subject to a cyber threat(security posture manager will have obtained configuration risk assessments for sensitive assets and then surfaces the filtered incidents) [page 4, paragraphs 0039 & 0041 & 0044]; generating a visualization of the cloud environment including the first ephemeral cloud asset, the second ephemeral cloud asset, and any relationship links between along with different visualization of the first ephemeral cloud asset and the second ephemeral cloud asset based on the estimated risk values of the first ephemeral cloud asset and the second ephemeral cloud asset(provide structure for visualization of hierarchical structure and updating visualization of incidents based on calculated risk assessment values) [page 4, paragraph 0041 | page 6, paragraphs 0059-0060 | page 7, paragraph 0069]. Claim 14: Mradul et al. discloses the computerized method of claim 11, wherein the collecting of the information associated with each of the plurality of cloud assets further comprises (i) creating a group of ephemeral cloud assets including the first ephemeral cloud asset and the second ephemeral cloud asset from the plurality of cloud assets and (ii) generating an interactive, customer-specific cloud architecture visualization that represents relatedness and interconnectivity of the group of ephemeral cloud assets [page 6, paragraphs 0059-0060 | page 7, paragraph 0069]. Claim 15: Mradul et al. discloses the computerized method of claim 14 further comprising: providing information to a cyber security appliance to generate a first Artificial Intelligence (AI) model based on normal or expected behaviors of the group of ephemeral cloud assets [pages 2-3, paragraphs 0023-0024]. Claim 20: Mradul et al. discloses a non-transitory storage medium including software that, upon execution by a processor, is configured to protect a cloud environment associated with a network by detection of misconfigurations of a cloud asset or potential cyber threat against the cloud asset, the software comprises: a cloud asset enumeration component configured to (i) identify a plurality of cloud assets associated with a cloud architecture and (ii) collect information associated with each of the plurality of cloud assets [page 2, paragraph 0021 | page 4, paragraph 0035]; and an asset management component configured to conduct analytics on information associated with the plurality of cloud assets in order to detect misconfiguration of one or more cloud assets of the plurality of cloud assets forming the cloud architecture [page 4, paragraph 0044 | page 6, paragraph 0057 | page 8, claim 3], wherein the plurality of cloud assets comprises ephemeral, cloud-based components or services [page 2, paragraphs 0018-0019]. Allowable Subject Matter Claims 3, 6-10, 12, 13 and 16-19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Hamdi (2018/0124072). Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD ZEE whose telephone number is (571)270-1686. The examiner can normally be reached Monday-Friday 9AM-5PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /EDWARD ZEE/Primary Examiner, Art Unit 2435
Read full office action

Prosecution Timeline

Oct 07, 2024
Application Filed
Jun 03, 2026
Non-Final Rejection mailed — §102, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682073
SYSTEM AND METHOD FOR IDENTIFICATION OF SECURITY VULNERABILITIES USING ARTIFICIAL INTELLIGENCE-BASED ANALYSIS OF COMPUTING ENVIRONMENT LOGS
2y 5m to grant Granted Jul 14, 2026
Patent 12683987
DYNAMIC NETWORK SECURITY FOR INDUSTRIAL SYSTEMS
2y 4m to grant Granted Jul 14, 2026
Patent 12682089
Information Management System and Information Management Method
2y 1m to grant Granted Jul 14, 2026
Patent 12676899
CONTEXT-AWARE SECURITY POLICIES AND INCIDENT IDENTIFICATION VIA AUTOMATED CLOUD GRAPH BUILDING WITH SECURITY OVERLAYS
1y 12m to grant Granted Jul 07, 2026
Patent 12675611
SECURE CONTROL CIRCUIT, OPERATING DEVICE AND METHOD THEREOF
1y 11m to grant Granted Jul 07, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
91%
Grant Probability
99%
With Interview (+10.3%)
2y 4m (~7m remaining)
Median Time to Grant
Low
PTA Risk
Based on 901 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month