Prosecution Insights
Last updated: July 17, 2026
Application No. 18/914,032

APPARATUS AND METHOD FOR IMPLEMENTING A RECOMMENDED CYBER-ATTACK SECURITY ACTION

Non-Final OA §101§102§103§112
Filed
Oct 11, 2024
Priority
May 31, 2022 — provisional 63/347,389 +2 more
Examiner
LOPEZ, MIGUEL ALEXANDER
Art Unit
Tech Center
Assignee
As0001 Inc.
OA Round
1 (Non-Final)
8%
Grant Probability
At Risk
1-2
OA Rounds
1y 4m
Est. Remaining
20%
With Interview

Examiner Intelligence

Grants only 8% of cases
8%
Career Allowance Rate
2 granted / 26 resolved
-52.3% vs TC avg
Moderate +12% lift
Without
With
+12.5%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
26 currently pending
Career history
60
Total Applications
across all art units

Statute-Specific Performance

§101
0.4%
-39.6% vs TC avg
§103
73.1%
+33.1% vs TC avg
§102
18.9%
-21.1% vs TC avg
§112
4.9%
-35.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 26 resolved cases

Office Action

§101 §102 §103 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Priority Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 119(e) as follows: The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994). The disclosure of the prior-filed applications, Application No. 63/457,671, 63/347,389, and 18/203,630 fail to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application. None of the relied upon applications provide adequate written description support for the claim limitations “receive a cyber profile associated with a digital environment; receive a security posture associated with the cyber profile; determine a plurality of security actions to be implemented in the digital environment based on the cyber profile and the security posture, wherein the security posture includes a single point of failure data; determine a priority action of the plurality of security actions; implement the priority action in the digital environment; and generate a user interface data structure configured to display the implemented security action on a user interface” found in independent claims 1, 11, and 20. None of the relied upon applications provide adequate written description support for the claim limitations “wherein the cyber profile comprises digital asset profile data… and protective asset data associated with the digital environment” found in claims 2 and 12. None of the relied upon applications provide adequate written description support for the claim limitations “wherein the security posture comprises cyber-attack protection data, degree of single points of failure data, cyber-attack recovery protocol data, and a digital environment risk record” found in claims 3 and 13. None of the relied upon applications provide adequate written description support for the claim limitations “determining the priority security action using a machine learning model; and implementing the priority security action determine by the machine learning model” found in claims 4 and 14. None of the relied upon applications provide adequate written description support for the claim limitations “a cyber profile category security action for each category of the cyber profile” found in claims 5 and 15. None of the relied upon applications provide adequate written description support for the claim limitations “wherein the machine learning model is configured to determine a security posture category security action for each category of the security posture” found in claims 7 and 17. None of the relied upon applications provide adequate written description support for the claim limitations “receive at least one digital environment parameter from a user via the user interface; and modify the priority security action based on the at least one digital environment parameter” found in claim 10. Accordingly, claims 1- 20 are not entitled to the benefit of the prior-filed applications. Information Disclosure Statement The information disclosure statements (IDS) submitted on 10/11/2024, 11/18/2024, 03/03/2025, 09/29/2025, 12/05/2025, 03/19/2026, 05/03/2026, 05/07/2026, and 12/19/2024 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner. Drawings The drawings are objected to as failing to comply with 37 CFR 1.84(p)(4) because reference character “700” has been used to refer to different interfaces of Figures 7A-7J. Similarly, Figures 8A-8E utilize the same reference character “800” to refer to different interfaces, reference character “900” for Figures 9A-9H respectively, and so on. This deficiency is found in the following figures: Figures 7A-7J, 7L-7O, 8A-8E, 9A-9H, 10A-10E, 11A-11D, 13A-13E, 14A-14B, 15A-15G, 16A-16D, 18A-18C, 20A-20B, and 21A-21B with the respective reference characters 700, 800, 900, 1000, 1100, 1200, 1300, 1400, 1500, 1600, 1800, 2000, and 2100. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Specification The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification. The disclosure is objected to because of the following informalities: Paragraphs [0037] and [0041] refer to “Figure 1” generically, while there is no Figure 1 specifically, there is Figure 1A and Figure 1B. The citation to “Figure 1” should be amended such that it properly references the correct figures. The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the following is required: The specification fails to provide proper antecedent basis for the claim terms: Cyber profile Digital environment Security action Priority security action Single point of failure data Digital asset profile data Protective asset data Digital environment risk record Cyber profile category security action A security posture category security action Digital environment parameter Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Regarding Claims 1, 11, and 20: Independent claim 1, 11, and 20 recite the limitations “receive a cyber profile associated with a digital environment; receive a security posture associated with the cyber profile; determine a plurality of security actions to be implemented in the digital environment based on the cyber profile and the security posture, wherein the security posture includes a single point of failure data; determine a priority security action of the plurality of security actions; implement the priority security action in the digital environment”. The limitations in question do not satisfy the written description requirement under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph. The specification does not describe the limitation in sufficient detail so that one of ordinary skill in the art would recognize that the applicant had possession of the claimed invention. The originally filed disclosure is devoid of any description regarding how the claimed invention performs the specialized claim functions of receiving “a cyber profile”, receiving a security posture associated with the cyber profile, determining security actions to be implemented based on the posture and digital environment, “single points of failure” data, and any description of determining and implementing “priority security actions”. The limitations, at most, only appear as repetitions of claim language in the abstract, or within the originally filed claims themselves, which is insufficient with regard to the requirements under § 112(a) as in MPEP 2161.01, "computer-implemented functional claim language must still be evaluated for sufficient disclosure under the written description". And MPEP 2161.01(I) "generic claim language in the original disclosure does not satisfy the written description requirement if it fails to support the scope of the genus claimed." For computer-implemented inventions, the determination of the sufficiency of disclosure will require an inquiry into the sufficiency of both the disclosed hardware and the disclosed software due to the interrelationship and interdependence of computer hardware and software. The critical inquiry is whether the disclosure of the application relied upon reasonably conveys to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date. As in MPEP 2161.01 (I), "The description requirement of the patent statute requires a description of an invention, not an indication of a result that one might achieve if one made that invention." It is not enough that one skilled in the art could write a program to achieve the claimed function because the specification must explain how the inventor intends to achieve the claimed function to satisfy the written description requirement. See, e.g., Vasudevan Software, Inc. v. MicroStrategy, Inc., 782 F.3d 671, 681-683, 114 USPQ2d 1349, 1356, 1357 (Fed. Cir. 2015). AS in MPEP 2161.01 “For instance, generic claim language in the original disclosure does not satisfy the written description requirement if it fails to support the scope of the genus claimed. Ariad, 598 F.3d at 1349-50, 94 USPQ2d at 1171 ("[A]n adequate written description of a claimed genus requires more than a generic statement of an invention’s boundaries.") (citing Eli Lilly, 119 F.3d at 1568, 43 USPQ2d at 1405-06); Enzo Biochem, Inc. v. Gen-Probe, Inc., 323 F.3d 956, 968, 63 USPQ2d 1609, 1616 (Fed. Cir. 2002) (holding that generic claim language appearing in ipsis verbis in the original specification did not satisfy the written description requirement because it failed to support the scope of the genus claimed); Fiers v. Revel, 984 F.2d 1164, 1170, 25 USPQ2d 1601, 1606 (Fed. Cir. 1993) (rejecting the argument that "only similar language in the specification or original claims is necessary to satisfy the written description requirement").” “The Federal Circuit has explained that a specification cannot always support expansive claim language and satisfy the requirements of 35 U.S.C. 112 "merely by clearly describing one embodiment of the thing claimed." LizardTech v. Earth Resource Mapping, Inc., 424 F.3d 1336, 1346, 76 USPQ2d 1731, 1733 (Fed. Cir. 2005). The issue is whether a person skilled in the art would understand applicant to have invented, and been in possession of, the invention as broadly claimed. In LizardTech, claims to a generic method of making a seamless discrete wavelet transformation (DWT) were held invalid under 35 U.S.C. 112, first paragraph, because the specification taught only one particular method for making a seamless DWT and there was no evidence that the specification contemplated a more generic method. "[T]he description of one method for creating a seamless DWT does not entitle the inventor . . . to claim any and all means for achieving that objective." LizardTech, 424 F.3d at 1346, 76 USPQ2d at 1733.” Regarding Claims 4 and 14: Dependent claims 4 and 14 recite “determining the priority security action using a machine learning model; and implementing the priority security action determined by the machine learning model”. There is no support in the disclosure regarding how the inventor intended to perform these various claimed functionalities. The algorithm or steps/procedures for these claimed functions is not explained at all or is not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient) so that one of ordinary skill in the art would recognize that the applicant had possession of the claimed invention. The originally filed disclosure is silent with respect to how the inventor intended to achieve the claimed desired function of configuring a machine learning model to preferably determine the priority security action and implement the priority security action. Dependent claims 5 and 15 recite “wherein the machine learning model is configured to determine a cyber profile category security action for each category of the cyber profile”. There is no support in the disclosure regarding how the inventor intended to perform these various claimed functionalities. The algorithm or steps/procedures for these claimed functions is not explained at all or is not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient) so that one of ordinary skill in the art would recognize that the applicant had possession of the claimed invention. The originally filed disclosure is silent with respect to how the inventor intended to achieve the claimed desired function of configuring a machine learning model to preferably determine a cyber profile category security action for each category of the cyber profile. Dependent claim 7 and 17 recite “wherein the machine learning model is configured to determine a security posture category security action for each category of the security posture”. The algorithm or steps/procedures for these claimed functions is not explained at all or is not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient) so that one of ordinary skill in the art would recognize that the applicant had possession of the claimed invention. The originally filed disclosure is silent with respect to how the inventor intended to achieve the claimed desired function of configuring a machine learning model to preferably determine a security posture category security action for each category of the security posture. Dependent claim 10 recites “modify the priority security action based on the at least one digital environment parameter”. The algorithm or steps/procedures for this claimed function is not explained at all or is not explained in sufficient detail (simply restating the function recited in the claim is not necessarily sufficient) so that one of ordinary skill in the art would recognize that the applicant had possession of the claimed invention. The originally filed disclosure is silent with respect to how the inventor intended to achieve the claimed desired function of modifying a priority security action based on a digital environment parameter. Respective dependent claims fall together accordingly. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. The terms “cyber profile, digital environment, security action, priority security action, single point of failure data, digital asset profile data, protective asset data, digital environment risk record, cyber profile category security action, a security posture category security action, and digital environment parameter” found throughout the original claims are terms which currently render the claims indefinite. The terms “cyber profile, digital environment, security action, priority security action, single point of failure data, digital asset profile data, protective asset data, digital environment risk record, cyber profile category security action, a security posture category security action, and digital environment parameter” are not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. One of ordinary skill would not be appraised of the scope of the broadest reasonable interpretation of the claim terms “cyber profile, digital environment, security action, priority security action, single point of failure data, digital asset profile data, protective asset data, digital environment risk record, cyber profile category security action, a security posture category security action, and digital environment parameter” because there are no definitions of the terms provided in the originally filed disclosure as of the current record. Dependent claims fall together accordingly. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to abstract idea without significantly more. Independent claim(s) 1 recite(s) [receive] a cyber profile associated with a digital environment; [receive] a security posture associated with the cyber profile; determine a plurality of security actions to be implemented in the digital environment based on the cyber profile and the security posture, wherein the security posture includes a single point of failure data; determine a priority security action of the plurality of security actions; implement the priority security action in the digital environment; and generate a user interface data structure configured to display the implemented security action on a user interface. Under the 2019 Revised Patent Subject Matter Eligibility Guidance (“2019 PEG”), effective January 7, 2019, independent claim 1 is directed to an abstract idea without being significantly more nor being integrated into a practical application. The claimed invention from a received “a cyber profile associated with a digital environment, and a received “a security posture associated with the cyber profile”, determines security actions to be implemented based on the profile and posture, “wherein the security posture includes a single point of failure data”, determines a priority security action, implements the security action in the digital environment, and generates a user interface to display the implemented security action. The claim limitations identified above, as drafted, under the broadest reasonable interpretation, are broad enough to encompass limitations that can practically be performed in the human mind, including for example, observations, evaluations, judgments, and opinions. Except for an apparatus for implementing a cyber-attack security action, the apparatus comprising: at least one processor; and a memory communicatively coupled to the at least one processor, the memory containing instructions configuring the at least one processor to language in the preamble of independent claim 1, which does no more than generally link the use of the judicial exception to a particular technological environment or field of use. This judicial exception is not integrated into a practical application. The additional generically recited computer elements beyond the abstract idea, taken both individually and as a combination, in independent claim 1 does not integrate the judicial exception into a practical application. The limitations of implement the priority security action in the digital environment; and generate a user interface data structure configured to display the implemented security action on a user interface are recited at a high level of generality (i.e. in the context of these claims, as a general way of obtaining information (as claimed “receive”) and a generic GUI with a generic user interface data structure) and amounts to mere data gathering, which is a form of insignificant extra-solution activity. See MPEP 2106.05(g). Insignificant extra-solution activity and mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. For example, the originally filed disclosure and claims do not recite a specific improvement to computer technology (a new or novel GUI or any recitation of a priority security action being defined or implemented). Accordingly, independent claim 1 is directed to an abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional computer elements of an apparatus comprising a processor and a memory, implementing a priority security action, and a generic user interface data structure amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claims are not patent eligible. Therefore, independent claim(s) 11 and 20 are rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter for the same reasons identified above for independent claim 1. Thus, the claims 1-20 are rejected under 35 U.S.C. § 101 as being directed to non-statutory subject matter as the claims do not contain any element or combination of elements that is sufficient enough to ensure that the patent in practice amounts to significantly more than a patent upon the ineligible concept itself. Dependent claims 2 and 12 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe what the previously recited cyber profile further comprises. Dependent claims 3 and 13 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe what the previously recited security posture further comprises. Dependent claims 4 and 14 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe that the priority security action is determined “using a machine learning model” and implementing the priority security action determined by the machine learning model; which amounts to further data gathering, which is a form of insignificant extra-solution activity, further additional observations, evaluations, judgments, and opinions that can be practically performed in the human mind, and further mere instructions to apply an exception using a generic computer component. Dependent claims 5 and 15 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe that the machine learning model determines “a cyber profile category security action for each category of the cyber profile” which amounts to further data gathering, which is a form of insignificant extra-solution activity, further additional observations, evaluations, judgments, and opinions that can be practically performed in the human mind. Dependent claims 6 and 16 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe the claimed invention being able to receive “a user selection of the cyber profile category security action to be implemented” by a generic user interface which amounts to further data gathering, which is a form of insignificant extra-solution activity, further additional observations, evaluations, judgments, and opinions that can be practically performed in the human mind, and further mere instructions to apply an exception using a generic computer component. Dependent claims 7 and 17 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe that the “machine learning model is configured to determine a security posture category security action for each category of the security posture” which amounts to further data gathering, which is a form of insignificant extra-solution activity, further additional observations, evaluations, judgments, and opinions that can be practically performed in the human mind. Dependent claims 8 and 18 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe that the claimed invention is configured to receive “a user selection of the security posture category security action to be implemented” by a generic user interface which amounts to further data gathering, which is a form of insignificant extra-solution activity, further additional observations, evaluations, judgments, and opinions that can be practically performed in the human mind, and further mere instructions to apply an exception using a generic computer component. Dependent claims 9 and 19 do not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because they only describe that the generic user interface is configured to receive “a user selection of the at least one security action to be implemented” which amounts to further data gathering, which is a form of insignificant extra-solution activity, further additional observations, evaluations, judgments, and opinions that can be practically performed in the human mind, and further mere instructions to apply an exception using a generic computer component. Dependent claims 10 does not contain any element or combination of elements sufficient to incorporate the abstract idea into a practical application because it only describes that the claimed invention is configured to receive “at least one digital environment parameter from a user” through a generic user interface, and “modify the priority security action based on the at least one digital environment parameter” which amounts to no more than mere instructions to apply the exception using generic computer components. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claim(s) 1-3, 9-13, and 19-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Bender et. al. (US Publication No. US 2015/0242619 A1) hereinafter Bender. Regarding Claims 1, 11, and 20: Claim 1. Bender discloses an apparatus for implementing a cyber-attack security action, the apparatus comprising: at least one processor; and a memory communicatively coupled to the at least one processor, the memory containing instructions configuring the at least one processor to (Bender [0049], [0092], [0108-0113]): receive a cyber profile associated with a digital environment (Bender [0045] “The system provides expansive security coverage with controls and measures that span an organization's operations, infrastructure, and people-based processes. The system supports the organization in both reactive and proactive manners, thereby allowing the organization to both address incidents as they occur, as well as take steps to minimize the risk of security incidents based on industry and specific organization profile”); receive a security posture associated with the cyber profile (Bender [0040-0041] security posture enumerated, [0044], [0093] and Fig. 10 “a screenshot of an exemplary portal home screen 1000, or landing page, provided by the system interface which may be tailored to a specific user for presenting security-related information, as well as security posture management tools and options”); determine a plurality of security actions to be implemented in the digital environment based on the cyber profile and the security posture (Bender [0070] “The security program system 22 is configured to process both sets of data (business entity data and industry data) so as to correlate the sets of data with one another. Based on the correlation, the security program system 22 is configured to generate and provide outputs of information presented to end users regarding their current security profile with supporting details of actions to be taken (e.g., work instructions) for improvements and/or resolving security issues”), wherein the security posture includes a single point of failure data (Bender Fig. 9 906 critical inventory and [0087-0089]; [0102] Table 1 “Critical Resource Identification Designation and monitoring of the most critical resources across the enterprise governing response and escalation procedures and protocols”); determine a priority security action of the plurality of security actions (Bender Fig. 17 example of an asset replacement having the criticality field set as “HIGH”, [0104] “As shown in FIG. 17, a user may utilize the asset management tool to accomplish the action of replacing and deploying a new drive 1028”; [0095] “The portal 1000 is configure to provide fresh, updated content with each visit that is designed to facilitate action and accomplishment of tasks and workflows. For example, upon accessing the interface 20 the portal 1000, a user may be presented with notifications 1004, which may include new content, task attention, workflow attention, and consultation response. Accordingly, the notifications 1004 generally provide a user with a quick reference to the action items that require their attention. The portal 1000 further provides user interfaces designed to provide easy and ready access to the tools 1006 most commonly used by a particular user. The tool 1006 are generally user-specific access management tools for allowing a user to navigate various aspects of the security management system 12. The notifications 1004 and tool 1006 are generally displayed based on priority or prominence, those items needing action or attention, while other tools and functions are available when needed. As shown, a user may select incident response tool, as indicated by 1007. Upon initiating the incident response tool, the portal may present specific information related to a particular ticket generated for an incident, as indicated by arrow 1010, in which a user may response to the ticket. Furthermore, the portal 1000 may provide an overview or history of tickets (both outstanding and completed), in which the user may sort the tickets based on priority, status, data, and subject, for example”); implement the priority security action in the digital environment (Bender [0063] fulfilling security program actions; Fig. 17 and [0104] “As shown in FIG. 17, a user may utilize the asset management tool to accomplish the action of replacing and deploying a new drive 1028”; [0095]); and generate a user interface data structure configured to display the implemented security action on a user interface (Bender [0060] interface enumerated; [0095]). Claim 11 and 20 contain substantially the same content and are therefore rejected under the same rationales. Bender further discloses a method (Bender claim 11, [0076], [0109]). Bender further discloses anon-transitory computer-readable medium (CRM) (Bender [0054-0055]; [0108-0110]). Regarding Claims 2 and 12: Claim 2. Bender further discloses the apparatus of claim 1 (Bender [0049], [0092], [0108-0113]), wherein the cyber profile comprises digital asset profile data, user data, and protective asset data associated with the digital environment (Bender Fig. 9 and 16-17, [0088-0089], [0104] asset management enumerated). Claim 12 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claims 3 and 13: Claim 3. Bender further discloses the apparatus of claim 1 (Bender [0049], [0092], [0108-0113]), wherein the security posture comprises cyber-attack protection data, degree of single points of failure data, cyber-attack recovery protocol data, and a digital environment risk record (Bender [0067-0068] rules governing protection of data confidentiality and security; Fig. 9 906 critical inventory; Fig. 13 status and severity are marked as “HIGH”; Fig. 17 criticality is set to “HIGH”; [0087-0089]; [0102] Table 1 “Critical Resource Identification Designation and monitoring of the most critical resources across the enterprise governing response and escalation procedures and protocols”; [0064-0065] and Fig. 3B risk indicators and risk factors). Claim 13 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claims 9 and 19: Claim 9. Bender further discloses the apparatus of claim 1 (Bender [0049], [0092], [0108-0113]), wherein the memory contains further instructions configuring the at least one processor to receive, by the user interface, a user selection of the at least one security action to be implemented (Bender Fig. 17, [0104] “As shown in FIG. 17, a user may utilize the asset management tool to accomplish the action of replacing and deploying a new drive 1028”). Claim 19 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claim 10: Bender further discloses the apparatus of claim 1 (Bender [0049], [0092], [0108-0113]), wherein the memory contains further instructions configuring the at least one processor to: receive at least one digital environment parameter from a user via the user interface (Bender Fig. 18-19 and [0105] “As shown in FIG. 18, the user is a security user (see 1002 banner), thus the notifications 1004 and tools 1006 provided on the portal 1000 are specific to a security user. The security user may utilize a security program tool 1030 to provide supporting tasks, such as administration and organization, organize work efforts. The security user may further view program notifications 1032 and a current security program list 1034. As shown in FIG. 19, upon selecting a security program tool, the portal 1000 provides a user with the ability to manage security programs 1036. More specifically, the system 12 is configured to build the work packages based on the security program relations and matrix for the organization and highlights regulatory and industry requirements.”; [0107]); and modify the priority security action based on the at least one digital environment parameter (Bender Fig. 18-19 and [0105] “As shown in FIG. 18, the user is a security user (see 1002 banner), thus the notifications 1004 and tools 1006 provided on the portal 1000 are specific to a security user. The security user may utilize a security program tool 1030 to provide supporting tasks, such as administration and organization, organize work efforts. The security user may further view program notifications 1032 and a current security program list 1034. As shown in FIG. 19, upon selecting a security program tool, the portal 1000 provides a user with the ability to manage security programs 1036. More specifically, the system 12 is configured to build the work packages based on the security program relations and matrix for the organization and highlights regulatory and industry requirements.”; [0095], [0107]). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 4-8 and 14-18 are rejected under 35 U.S.C. 103 as being unpatentable over Bender in view of Hughes, Anthony Mitchell (US Publication No. US 2020/0175181 A1) hereinafter Hughes. Regarding Claims 4 and 14: Claim 4. Bender discloses the apparatus of claim 1 (Bender [0049], [0092], [0108-0113]). Bender does not explicitly disclose wherein implementing the priority security action further comprises: determining the priority security action using a machine learning model; and implementing the priority security action determined by the machine learning model. Hughes teaches wherein implementing the priority security action further comprises: determining the priority security action using a machine learning model (Hughes Fig. 18 and [0119-0120] select a security environment for the data access request based on a selection made by a supervised or unsupervised machine learning model); and implementing the priority security action determined by the machine learning model (Hughes Fig. 18 and [0123] process the data access request based in part on the selection of the selected security environment made prior by the machine learning model). It would have been obvious to one having ordinary skill in the art before the time the invention was effectively filed to combine the security framework disclosed by Bender with the use of machine learning to make selections of environments as taught by Hughes. The motivation for this combination would be to improve security by taking advantage of to distinguishing between more significant and less significant security actions by using a machine learning model as discussed by Hughes in the model’s advantages in distinguishing between more significant data object relationships and less significant data object relationships (Hughes [0052-0053] “an innovative aspect of the present invention relates to utilizing relational awareness signals provided by the environment states for usage of a data interaction platform to generate relational awareness scores for particular data objects … This allows the data object to have an independent recognition of various data object relationships, including data object relationships that are typically modeled indirect data object relationships in traditional graph models, while being able to distinguish between more significant data object relationships (e.g., data object relationships having higher respective relational awareness scores) and less significant data object relationships (e.g., data object relationships having lower respective relational awareness scores)”). Claim 14 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claims 5 and 15: Claim 5. The combination of Bender and Hughes further teaches the apparatus of claim 4 (Bender [0049], [0092], [0108-0113]), wherein the machine learning model is configured to determine a cyber profile category security action for each category of the cyber profile (Hughes Fig. 18 and [0119-0120] select a security environment for the data access request based on a selection made by a supervised or unsupervised machine learning model). Claim 15 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claims 6 and 16: Claim 6. The combination of Bender and Hughes further teaches the apparatus of claim 5 (Bender [0049], [0092], [0108-0113]), wherein the memory contains further instructions configuring the at least one processor to receive, by the user interface, a user selection of the cyber profile category security action to be implemented (Bender Fig. 14 user interface disclosed showcasing a user selecting “GRC Management” actions; Fig. 15 user interface disclosed showcasing a user selecting “Asset Management” actions, etc.; [0102]). Claim 16 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claims 7 and 17: Claim 7. The combination of Bender and Hughes further teaches the apparatus of claim 4 (Bender [0049], [0092], [0108-0113]), wherein the machine learning model is configured to determine a security posture category security action for each category of the security posture (Hughes Fig. 18 and [0119-0120] select a security environment for the data access request based on a selection made by a supervised or unsupervised machine learning model). Claim 17 contains substantially the same content and is therefore rejected under the same rationales. Regarding Claims 8 and 18: Claim 8. The combination of Bender and Hughes further teaches the apparatus of claim 7 (Bender [0049], [0092], [0108-0113]), wherein the memory contains further instructions configuring the at least one processor to receive, by the user interface, a user selection of the security posture category security action to be implemented (Bender Figs. 13-17 screenshots of user interfaces and selections; [0095] “The portal 1000 is configure to provide fresh, updated content with each visit that is designed to facilitate action and accomplishment of tasks and workflows. For example, upon accessing the interface 20 the portal 1000, a user may be presented with notifications 1004, which may include new content, task attention, workflow attention, and consultation response. Accordingly, the notifications 1004 generally provide a user with a quick reference to the action items that require their attention. The portal 1000 further provides user interfaces designed to provide easy and ready access to the tools 1006 most commonly used by a particular user. The tool 1006 are generally user-specific access management tools for allowing a user to navigate various aspects of the security management system 12. The notifications 1004 and tool 1006 are generally displayed based on priority or prominence, those items needing action or attention, while other tools and functions are available when needed. As shown, a user may select incident response tool, as indicated by 1007. Upon initiating the incident response tool, the portal may present specific information related to a particular ticket generated for an incident, as indicated by arrow 1010, in which a user may response to the ticket. Furthermore, the portal 1000 may provide an overview or history of tickets (both outstanding and completed), in which the user may sort the tickets based on priority, status, data, and subject, for example”). Claim 18 contains substantially the same content and is therefore rejected under the same rationales. Conclusion The prior art made of record in the submitted PTO-892 Notice of References Cited and not relied upon is considered pertinent to applicant’s disclosure. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MIGUEL A LOPEZ whose telephone number is (703)756-1241. The examiner can normally be reached 8:00AM-5:00PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 5712727624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /M.A.L./ Examiner, Art Unit 2496 /JORGE L ORTIZ CRIADO/ Supervisory Patent Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

Oct 11, 2024
Application Filed
Jul 01, 2026
Non-Final Rejection mailed — §101, §102, §103 (current)

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
8%
Grant Probability
20%
With Interview (+12.5%)
3y 1m (~1y 4m remaining)
Median Time to Grant
Low
PTA Risk
Based on 26 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month