DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in response to the correspondence filed on 10/07/24. Claims 1-20 are still pending and have been considered below.
Claim Objections
Claim 11 is objected to because of the following informalities: line 11 should be amended to recite, “…risk value associated with at least the first ephemeral…”. Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 11-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 11 recites the limitation "and any relationship links between" in line 16, which renders the claim indefinite in that it is unclear as to which exact claimed elements (if any) the relationships links are “between”, so to speak.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claim(s) 1, 2, 4, 5, 11, 14, 15 and 20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Mradul et al. (2024/0394377).
Claim 1: Mradul et al. discloses a cloud security system configured to protect a cloud environment associated with a network, comprising:
a cloud asset enumeration component configured to (i) identify a plurality of cloud assets associated with a cloud architecture and (ii) collect information associated with each of the plurality of cloud assets(scans cloud infrastructure to identify sensitive assets by examining metadata and content of the assets) [page 2, paragraph 0021 | page 4, paragraph 0035]; and
an asset management component configured to conduct analytics on information associated with the plurality of cloud assets in order to detect misconfiguration of one or more cloud assets of the plurality of cloud assets forming the cloud architecture(assessing and/or reassessing risk score in response to configuration changes to determine asset configuration risk of misconfiguration) [page 4, paragraph 0044 | page 6, paragraph 0057 | page 8, claim 3],
wherein the plurality of cloud assets comprises ephemeral, cloud-based components or services(organization’s assets hosted in cloud infrastructure) [page 2, paragraphs 0018-0019].
Claim 2: Mradul et al. discloses the cloud security system of claim 1, wherein the cloud asset enumeration component is further configured to conduct access mapping operations by at least determining which cloud asset of the plurality of cloud assets have access to one or more other cloud assets of the plurality of cloud assets(hierarchical relationships of assets) [page 6, paragraphs 0059-0060].
Claim 4: Mradul et al. discloses the cloud security system of claim 1, wherein the cloud asset enumeration component is further configured to (i) create a group of cloud assets from the plurality of cloud assets and (ii) generate an interactive, customer-specific cloud architecture that represents relatedness and interconnectivity of the group of cloud assets(provide structure for visualization of hierarchical structure) [page 6, paragraphs 0059-0060 | page 7, paragraph 0069].
Claim 5: Mradul et al. discloses the cloud security system of claim 4 communicatively coupled to a cyber security appliance to generate a first Artificial Intelligence (AI) model based on normal or expected behaviors of the group of cloud assets(calculate baseline at-rest risk scores and filtering incidents based on them) [pages 2-3, paragraphs 0023-0024].
Claim 11: Mradul et al. discloses a computerized method comprising:
identifying a plurality of cloud assets within a cloud environment of a customer [page 2, paragraph 0021 | page 4, paragraph 0035];
collecting information associated with each of the plurality of cloud assets including metadata associated with a first ephemeral cloud asset of the plurality of cloud assets and metadata associated with a second ephemeral cloud asset of the plurality of cloud assets [page 2, paragraph 0021 | page 4, paragraph 0035];
conducting analytics on the metadata associated with the first ephemeral cloud asset and the metadata associated with the second ephemeral cloud asset in order to detect misconfiguration of the first ephemeral cloud asset or the second ephemeral cloud asset [page 4, paragraph 0044 | page 6, paragraph 0057 | page 8, claim 3];
determining an estimated risk value associated with at least first ephemeral cloud asset and the second ephemeral cloud asset, wherein the estimated risk value associated with the first ephemeral cloud represents a potential risk of the first ephemeral cloud asset being misconfigured and subject to a cyber threat(security posture manager will have obtained configuration risk assessments for sensitive assets and then surfaces the filtered incidents) [page 4, paragraphs 0039 & 0041 & 0044];
generating a visualization of the cloud environment including the first ephemeral cloud asset, the second ephemeral cloud asset, and any relationship links between along with different visualization of the first ephemeral cloud asset and the second ephemeral cloud asset based on the estimated risk values of the first ephemeral cloud asset and the second ephemeral cloud asset(provide structure for visualization of hierarchical structure and updating visualization of incidents based on calculated risk assessment values) [page 4, paragraph 0041 | page 6, paragraphs 0059-0060 | page 7, paragraph 0069].
Claim 14: Mradul et al. discloses the computerized method of claim 11, wherein the collecting of the information associated with each of the plurality of cloud assets further comprises (i) creating a group of ephemeral cloud assets including the first ephemeral cloud asset and the second ephemeral cloud asset from the plurality of cloud assets and (ii) generating an interactive, customer-specific cloud architecture visualization that represents relatedness and interconnectivity of the group of ephemeral cloud assets [page 6, paragraphs 0059-0060 | page 7, paragraph 0069].
Claim 15: Mradul et al. discloses the computerized method of claim 14 further comprising: providing information to a cyber security appliance to generate a first Artificial Intelligence (AI) model based on normal or expected behaviors of the group of ephemeral cloud assets [pages 2-3, paragraphs 0023-0024].
Claim 20: Mradul et al. discloses a non-transitory storage medium including software that, upon execution by a processor, is configured to protect a cloud environment associated with a network by detection of misconfigurations of a cloud asset or potential cyber threat against the cloud asset, the software comprises:
a cloud asset enumeration component configured to (i) identify a plurality of cloud assets associated with a cloud architecture and (ii) collect information associated with each of the plurality of cloud assets [page 2, paragraph 0021 | page 4, paragraph 0035]; and
an asset management component configured to conduct analytics on information associated with the plurality of cloud assets in order to detect misconfiguration of one or more cloud assets of the plurality of cloud assets forming the cloud architecture [page 4, paragraph 0044 | page 6, paragraph 0057 | page 8, claim 3],
wherein the plurality of cloud assets comprises ephemeral, cloud-based components or services [page 2, paragraphs 0018-0019].
Allowable Subject Matter
Claims 3, 6-10, 12, 13 and 16-19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Hamdi (2018/0124072).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD ZEE whose telephone number is (571)270-1686. The examiner can normally be reached Monday-Friday 9AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/EDWARD ZEE/Primary Examiner, Art Unit 2435