Notice of Pre-AIA or AIA Status
present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This is in response to the amendments filed on 03/09/2026. Claims 1-2 and 8-9 have been amended. Claims 1-14 are pending and have been considered below.
Priority
The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994).
The disclosure of the prior-filed application, Application No. 63/592,047, fails to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application.
Regarding claims 1 and 8: the disclosure of the nonprovisional application does not provide support for the following limitations ”providing the text-based transcription of the session recording into a pre-trained LLM which has been fine-tuned to detect anomalies in the text; prompting the LLM to look for anomalies in the text-based transcription using in-context learning; the LLM outputting detected anomalies based on its training and fine tuning; presenting the anomalies to a system administrator or sending the anomalies as alerts to the system administrator”
The disclosure of the no-provisional application also fails to provide support for dependent claims 2-7 and 9-14. Therefore the priority date nonprovisional application will not covert the provisional application,
Drawings
The drawings filed on 10/21/2024 are accepted.
Specification
The specification filed on 10/21/2024 is accepted.
Response to Arguments
Applicant's arguments with respect to newly amended independent claims such as the prior art or record ether alone or in combination fails to the limitation of “prompting the LLM to look for anomalies in the text-based transcription using in-context learning”, remarks pages 5-8 have been fully considered but they are not persuasive because:
Hecht et al teaches (see par. 6 and 21) steps of dynamically reviewing managed session activity using machine learning models. identifying a managed session between a network identity and a target resource; performing a reviewal process for the managed session, including identifying session data associated with the managed session; providing the session data and a context data as an input to at least one machine learning model; obtaining an output from the at least one machine learning model based on an analysis of the session data and the context data; and determining, based on the output, whether to perform a security action associated with the managed session. Hecht et al further teaches(see par.48) the session data are provided directly to the LLM. The model may be trained to identify indications of malicious activity in this session data. In some embodiments, the model may also receive context data as an input, which may improve the detection of malicious activity. For example, certain activities may seem malicious in some contexts, but may be benign in other contexts. Accordingly, the model may leverage this context data in identifying malicious activity. The disclosed techniques thus provide significant improvements over the other techniques described above. Hecht et al further teaches par. 97 “ the context data may include historical managed session data. In other words, the context data may include session data, semantic data, or other data associated with a previous managed session.
The examiner notes that in context learning has been defined in the publish specification see par. 47 as “The prompt for in-context-learning could also include an IT ticket for more context on what the purpose was of the administrative remote session.” which meet the limitations of “prompting the LLM to look for anomalies in the text-based transcription using in-context learning ” in light of the specification.
Lat et al also teaches see par.43 as a prompt, the organization may provide the LLM with a list of all model breaches and their triggers then ask the LLM to provide a summary and prioritization of the breaches based on the parameters known about those breaches. Lat et al further teaches see par.36-37 For example, the cybersecurity system can use LLM(s), operating as the model health analysis component, to provide the breach context data to a model refinement component. Based on the breach context data, which meet the limitations of “prompting the LLM to look for anomalies in the text-based transcription using in-context learning ” in light of the specification.
Therefore the examine noted that the combination background art, Lal et al and Hecht et al teaches the newly amended claims as presented.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2 and 8-9 are rejected under 35 U.S.C. 103 as being unpatentable over Hecht et al U.S. 2025/0371135 A1 in view of Lal et al U.S. 2024/0403428 A1.
Claim 1: Hecht et al teaches a method for reducing the risk of unexpected or unintended actions during a Remote Desktop Protocol (RDP) or SSH (Secure Shell) session by automatically detecting anomalies using vaulted credentials (par.50, par.81, a managed session may refer to any session during which interactions between a user or other identity can be monitored and managed. For example, a managed session may include, but is not limited to, a Remote Desktop Protocol (RDP) session with a target Windows™ machine, a secure shell (SSH) connection for Linux servers, or any other form of session through which data may be exchanged between entities) comprising:
initiating a RDP/SSH session on a server (par.57, monitoring session activity as it occurs to identify potential security threats, par.67-68, reviewal process 320 may include monitoring live session activity within managed session 310 as it occurs (e.g., in real-time or near-real-time);
taking screenshots of the session (par. 88, session data 410 may include various images captured during managed session 310. For example, the images may include screenshots or frames of a video captured on computing device 110);
sending the screenshots to a system that uses a computer vision algorithm to transcribe the screen information into a text-based transcription of the session (par.88, Trained model 420 or various other image recognition algorithms may be configured to extract semantic data 322 from these images. FIG. 5 is an illustration of an example image 500 from which semantic information may be extracted, consistent with the disclosed embodiments. In this example, image 500 may be a screenshot or a frame of a video captured during managed session 310. In some embodiments, image 500 may represent session data and various information from an application window may be extracted as semantic data 322. For example, semantic data 322 may include a title of an application window, as a tab name, a filename, a username, a window position, information entered into an application window, a checkbox, lists or ordered elements, or any other information that may be displayed in image 500. Par , 70 further teaches graphical image data such as video recordings may be broken into single frames and text may be extracted from the frames (e.g., using Computer Vision (CV), Signal Processing, Object Character Recognition (OCR), or various other text extraction techniques );
providing the text-based transcription of the session recording into a pre-trained LLM which has been fine-tuned to detect anomalies in the text (par.70-72, 75, the session data may be processed according to its source and destination. semantic data 322 may be translated by another resource and process 300A may include accessing the translated data. While the various examples provided herein generally describe translating session data to semantic data before inputting it into an LLM) ;
Hecht et al fails to teach, however Lal et al in the same field of endeavor teaches
prompting the LLM to look for anomalies in the text-based transcription using in-context learning including a purpose for RDP/SSH session (par.43, as a prompt, the organization may provide the LLM with a list of all model breaches and their triggers then ask the LLM to provide a summary and prioritization of the breaches based on the parameters known about those breaches. For example, the prompt may state-“given there are 40 Breaches of moderate severity (e.g., score 60) for prescribed events that are new for the user, for users x, y, z at times a/b/c, provide me with a summary, any possible links between breaches, and also prioritize the order in which I should triage them par.87-88, These login events sus as a remote interactive login when a remote desktop protocol (RDP) session is established, a biometric login where physical characteristics are captured for authentication);
the LLM outputting detected anomalies based on its training and fine tuning (par.149, embodiment of a model adjustment component 500 deployed within the cybersecurity system 100 of FIG. 1 (e.g., within cyber threat detection engine 130, within the cybersecurity appliance 105, or separate therefrom), which is configured to create or adjust specific model(s) 360 (e.g., AI detection model 510 formed by or possibly utilizing LLMs) to improve cyber threat detection, is shown. Herein, the creation or adjustment of AI detection models is conducted in response to detection of a model breach alert and subsequent analysis on the health of the AI detection model(s) associated with the model breach alert.par.93, 112, further teaches A “model breach alert” corresponds to a condition in which a series of logical criteria, represented by the JSON element (data structure) of the AI detection model, have been satisfied to denote that the AI detection model associated with the alert may be “unhealthy,” where tuning or substitution of its operability may be needed);
presenting the anomalies to a system administrator or sending the anomalies as alerts to the system administrator (par.132, 93,112, the cyber threat detection engine 130 may also be configured with the user interface and formatting module 345, which may include an anomaly alert system configured to report out anomalous incidents and events as well as the cyber threat detected to a display screen viewable by a human cybersecurity professional).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of Hecht et al with the additional features of Lal et al in order to provide the ability for enhancing detection of cyber threats by a cybersecurity system through use of one or more Large Language Models (LLMs), as suggested by Lal et al par.10.
Claim 8: Hecht et al teaches a system for reducing the risk of unexpected or unintended actions during a Remote Desktop Protocol (RDP) or SSH (Secure Shell) session by automatically detecting anomalies using vaulted credentials(par.50, par.81, a managed session may refer to any session during which interactions between a user or other identity can be monitored and managed. For example, a managed session may include, but is not limited to, a Remote Desktop Protocol (RDP) session with a target Windows™ machine, a secure shell (SSH) connection for Linux servers, or any other form of session through which data may be exchanged between entities) comprising:
a computer from which an administrator initiates an RDP/SSH session(par.57, monitoring session activity as it occurs to identify potential security threats, par.67-68, reviewal process 320 may include monitoring live session activity within managed session 310 as it occurs (e.g., in real-time or near-real-time), a second computer for being controlled by the RDP/SSH session an agent process which takes and assembles video from frames recorded during said Remote Desktop Protocol (RDP) or SSH (Secure Shell) session (par. 88, session data 410 may include various images captured during managed session 310. For example, the images may include screenshots or frames of a video captured on computing device 110 par.18 he session data may include a video of the managed session and the semantic data may include text extracted from the video. ) and provides remote session detection which causes the agent to produce a periodic trigger to initiate a screenshot handling process to capture screenshots from the second computer and assemble the video from said frames(par.88, Trained model 420 or various other image recognition algorithms may be configured to extract semantic data 322 from these images. FIG. 5 is an illustration of an example image 500 from which semantic information may be extracted, consistent with the disclosed embodiments. In this example, image 500 may be a screenshot or a frame of a video captured during managed session 310. In some embodiments, image 500 may represent session data and various information from an application window may be extracted as semantic data 322. For example, semantic data 322 may include a title of an application window, as a tab name, a filename, a username, a window position, information entered into an application window, a checkbox, lists or ordered elements, or any other information that may be displayed in image 500. Par , 70 further teaches graphical image data such as video recordings may be broken into single frames and text may be extracted from the frames (e.g., using Computer Vision (CV), Signal Processing, Object Character Recognition (OCR), or various other text extraction techniques);
a computer vision process which receives said video and transcribes the screenshots into a text-based transcription of the session using in-context including a purpose for RDP/SSH session (par.70-72, 75, the session data may be processed according to its source and destination. semantic data 322 may be translated by another resource and process 300A may include accessing the translated data. While the various examples provided herein generally describe translating session data to semantic data before inputting it into an LLM);
Hecht et al fails to teach, however Lal et al in the same field of endeavor teaches
a pre-trained LLM which receives the text-based transcription and is fine-tuned to detect anomalies in the text-based transcription (par.149, embodiment of a model adjustment component 500 deployed within the cybersecurity system 100 of FIG. 1 (e.g., within cyber threat detection engine 130, within the cybersecurity appliance 105, or separate therefrom), which is configured to create or adjust specific model(s) 360 (e.g., AI detection model 510 formed by or possibly utilizing LLMs) to improve cyber threat detection, is shown. Herein, the creation or adjustment of AI detection models is conducted in response to detection of a model breach alert and subsequent analysis on the health of the AI detection model(s) associated with the model breach alert.par.93, 112, further teaches A “model breach alert” corresponds to a condition in which a series of logical criteria, represented by the JSON element (data structure) of the AI detection model, have been satisfied to denote that the AI detection model associated with the alert may be “unhealthy,” where tuning or substitution of its operability may be needed);
wherein the detected anomalies are presented to a system administrator (par.132, 93,112, the cyber threat detection engine 130 may also be configured with the user interface and formatting module 345, which may include an anomaly alert system configured to report out anomalous incidents and events as well as the cyber threat detected to a display screen viewable by a human cybersecurity professional).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of Hecht et al with the additional features of Lal et al in order to provide the ability for enhancing detection of cyber threats by a cybersecurity system through use of one or more Large Language Models (LLMs), as suggested by Lal et al par.10.
Claims 2 and 9: the combination teaches
wherein said computer vision algorithm uses optical character recognition (OCR) on the screen information to obtain a text-based transcription of the session (Hecht et al, par. 70, video recordings may be broken into single frames and text may be extracted from the frames (e.g., using Computer Vision (CV), Signal Processing, Object Character Recognition (OCR), or various other text extraction techniques), and the LLM is prompted the LLM to look for and report the anomalies in the text-based transcription using in-context learning(Hecht et al, par.69, 85, Based on prompt 400, trained model 330 may generate an output assessing a security risk).
Claims 3-5 and 10-12 are rejected under 35 U.S.C. 103 as being unpatentable over Hecht et al U.S. 2025/0371135 A1 in view of Lal et al U.S. 2024/0403428 A1 in further view of Bulut et al U.S. 2024/0427879 A1.
Claims 3 and 10: the combination fails to teach, however Bulut et al in the same field of endeavor teaches
wherein the pre-trained LLM detects anomalies in the text-based transcription if there is any of an authentication failure message, a privilege failure messages, a deletion of any text in the transcription, any text indicating a download (par.24-29).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of Hecht et al with the additional features of Bulut et al in order to provide the ability for improving the speed, quality, and relevance of automated responses provided by a question answering system for security data, as suggested by Bulut et al abstract.
Claims 4 and 11: the combination teaches
returning a separate json object for each anomaly detected in the text-based transcription (Lal et al, par.150, 93, The AI detection model 510 defines a set of conditions that could be arranged as a JSON data structure, where the set of conditions may be directed to “pattern of life” anomaly detection, suspicious behavior represented by the one or more events (e.g., detected suspicious lateral movement of data within the enterprise).
The same motivation to modify Hecht et al in view of Bulut et al applied to claims 3 and 10 above applies here.
Claims 5 and 12: the combination teaches The method defined by claim 4
wherein each anomaly includes a timestamp indicating when the anomaly occurred, the text of the anomaly and an explanation of why the LLM determined that there was an anomaly (Lal et al , par,143-144, he embedding vector may correspond to a sequence of text data associated with the credential such as at least the user name or user path. Additionally, the sequence of text data may include, but it is not limited or restricted to permission level of the user (e.g., administrator, etc.), time of activity, activities conducted during the normal time of activity, addressing information to identify the computing devices being utilized the users and/or the geographical location of the user, or the like).
The same motivation to modify Hecht et al in view of Bulut et al applied to claims 4 and 11 above applies here.
Claims 6 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Hecht et al U.S. 2025/0371135 A1 in view of Lal et al U.S. 2024/0403428 A1 in further view of Asher et al. U.S. 2018/0359107 A1.
Claims 6 and 13: the combination fails to teach, however Asher et al in the same field of endeavor teaches
performing frame deduplication and noise reduction on the screenshots before sending them to the system that uses the computer vision algorithm (par.87-90, bandwidth consumption can be reduced by three orders or magnitude, as only the kilobytes of extracted textual data is transmitted over the network instead of the megabytes of screenshot image data 76-78 the screenshots captured by screenshot capture system 132 can be downscaled or otherwise reduced in size).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of Hecht et al with the additional features of Asher et al in order to provide automated content extraction and compilation from encrypted or access-restricted sources, as suggested by Asher et al par.1.
Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Hecht et al U.S. 2025/0371135 A1 in view of Lal et al U.S. 2024/0403428 A1 in further view of Hernandez et al. U.S. 2013/0275579 A1.
Claims 7 and 14: the combination fails to teach, however Hernandez et al in the same field of endeavor teaches
wherein the transcription includes recording keystrokes for a purpose of interpreting what the user is doing from the screenshots (par.138, Responsive to capturing the screenshot, process 1100 logs the session id, and any recorded keystroke or mouse events (step 1030), with the process terminating thereafter. The session id and the recorded keystroke or mouse events can be logged as audit logs 448 of FIG. 4.).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of Hecht et al with the additional features of Hernandez et al in order to provide the ability for a computer implemented method and data processing system control point in time access to a remote client device and auditing system logs of the remote client device by an auditing server device to determine whether monitored user activity on the remote client device associated with a work request was in compliance with one or more regulations, as suggested by Hernandez et al abstract.
Claims 1-2 and 8-9 are rejected under 35 U.S.C. 103 as being unpatentable over Background of the invention see applicant specification par,1-12 herein after background in view of Lal et al U.S. 2024/0403428 A1.
Claim 1: Background teaches a method for reducing the risk of unexpected or unintended actions during a Remote Desktop Protocol (RDP) or SSH (Secure Shell) session by automatically detecting anomalies using vaulted credentials (par.2) comprising:
initiating a RDP/SSH session on a server (par.5, initiates RDS/SSH session );
taking screenshots of the session (par. 6, capturing RDP?SSH session screenshots in real time);
sending the screenshots to a system that uses a computer vision algorithm to transcribe the screen information into a text-based transcription of the session (par.8, a computer vision algorithm for anomaly detection can be used. Implementing a computer vision algorithm involves capturing the RDP/SSH session screen in real-time. This can be achieved by continuously taking screenshots or video frames of the session. For anomaly detection, the core idea is to use computer vision techniques to analyze the visual content of these frames to detect unusual activities or anomalies. This could include detecting deviations from normal user behavior, such as unexpected mouse movements or keyboard inputs, identifying screen content that indicates unauthorized access, like unfamiliar applications being opened, and recognizing security threats such as visual indicators of malware or phishing attempts or error messages);
providing the text-based transcription of the session recording into a pre-trained LLM which has been fine-tuned to detect anomalies in the text (par.7-12, deploy the trained model to analyze frames in real-time, flagging any detected anomalies for further investigation.) ;
Background fails to teach, however Lal et al in the same field of endeavor teaches
prompting the LLM to look for anomalies in the text-based transcription using in-context learning including a purpose for RDP/SSH session (par.43, as a prompt, the organization may provide the LLM with a list of all model breaches and their triggers then ask the LLM to provide a summary and prioritization of the breaches based on the parameters known about those breaches. For example, the prompt may state-“given there are 40 Breaches of moderate severity (e.g., score 60) for prescribed events that are new for the user, for users x, y, z at times a/b/c, provide me with a summary, any possible links between breaches, and also prioritize the order in which I should triage them par.87-88, These login events sus as a remote interactive login when a remote desktop protocol (RDP) session is established, a biometric login where physical characteristics are captured for authentication);
the LLM outputting detected anomalies based on its training and fine tuning (par.149, embodiment of a model adjustment component 500 deployed within the cybersecurity system 100 of FIG. 1 (e.g., within cyber threat detection engine 130, within the cybersecurity appliance 105, or separate therefrom), which is configured to create or adjust specific model(s) 360 (e.g., AI detection model 510 formed by or possibly utilizing LLMs) to improve cyber threat detection, is shown. Herein, the creation or adjustment of AI detection models is conducted in response to detection of a model breach alert and subsequent analysis on the health of the AI detection model(s) associated with the model breach alert.par.93, 112, further teaches A “model breach alert” corresponds to a condition in which a series of logical criteria, represented by the JSON element (data structure) of the AI detection model, have been satisfied to denote that the AI detection model associated with the alert may be “unhealthy,” where tuning or substitution of its operability may be needed);
presenting the anomalies to a system administrator or sending the anomalies as alerts to the system administrator (par.132, 93,112, the cyber threat detection engine 130 may also be configured with the user interface and formatting module 345, which may include an anomaly alert system configured to report out anomalous incidents and events as well as the cyber threat detected to a display screen viewable by a human cybersecurity professional).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of background with the additional features of Lal et al in order to provide the ability for enhancing detection of cyber threats by a cybersecurity system through use of one or more Large Language Models (LLMs), as suggested by Lal et al par.10.
Claim 8: Background teaches a system for reducing the risk of unexpected or unintended actions during a Remote Desktop Protocol (RDP) or SSH (Secure Shell) session by automatically detecting anomalies using vaulted credentials(2) comprising:
a computer from which an administrator initiates an RDP/SSH session (par.5, initiates RDS/SSH session), a second computer for being controlled by the RDP/SSH session an agent process which takes and assembles video from frames recorded during said Remote Desktop Protocol (RDP) or SSH (Secure Shell) session (par. 6, capturing RDP?SSH session screenshots in real time) and provides remote session detection which causes the agent to produce a periodic trigger to initiate a screenshot handling process to capture screenshots from the second computer and assemble the video from said frames (par.8, a computer vision algorithm for anomaly detection can be used. Implementing a computer vision algorithm involves capturing the RDP/SSH session screen in real-time. This can be achieved by continuously taking screenshots or video frames of the session. For anomaly detection, the core idea is to use computer vision techniques to analyze the visual content of these frames to detect unusual activities or anomalies. This could include detecting deviations from normal user behavior, such as unexpected mouse movements or keyboard inputs, identifying screen content that indicates unauthorized access, like unfamiliar applications being opened, and recognizing security threats such as visual indicators of malware or phishing attempts or error messages);
a computer vision process which receives said video and transcribes the screenshots into a text-based transcription of the session a text-based transcription of the session using in-context including a purpose for RDP/SSH session (par.70-72, 75, the session data may be processed according to its source and destination. semantic data 322 may be translated by another resource and process 300A may include accessing the translated data. While the various examples provided herein generally describe translating session data to semantic data before inputting it into an LLM);
Background fails to teach, however Lal et al in the same field of endeavor teaches
a pre-trained LLM which receives the text-based transcription and is fine-tuned to detect anomalies in the text-based transcription (par.149, embodiment of a model adjustment component 500 deployed within the cybersecurity system 100 of FIG. 1 (e.g., within cyber threat detection engine 130, within the cybersecurity appliance 105, or separate therefrom), which is configured to create or adjust specific model(s) 360 (e.g., AI detection model 510 formed by or possibly utilizing LLMs) to improve cyber threat detection, is shown. Herein, the creation or adjustment of AI detection models is conducted in response to detection of a model breach alert and subsequent analysis on the health of the AI detection model(s) associated with the model breach alert.par.93, 112, further teaches A “model breach alert” corresponds to a condition in which a series of logical criteria, represented by the JSON element (data structure) of the AI detection model, have been satisfied to denote that the AI detection model associated with the alert may be “unhealthy,” where tuning or substitution of its operability may be needed);
wherein the detected anomalies are presented to a system administrator (par.132, 93,112, the cyber threat detection engine 130 may also be configured with the user interface and formatting module 345, which may include an anomaly alert system configured to report out anomalous incidents and events as well as the cyber threat detected to a display screen viewable by a human cybersecurity professional).
Therefore, it would have been obvious to one ordinary skill in the art before the effective filling date of the invention to modify the disclosure of Hecht et al with the additional features of Lal et al in order to provide the ability for enhancing detection of cyber threats by a cybersecurity system through use of one or more Large Language Models (LLMs), as suggested by Lal et al par.10.
The following prior art are cited to further show the state of the art at the time of applicant’s invention.
Pullen III et al U.S. 2024/0323226 A1 teaches Snapshot Phishing Detection and Treat Analysis.
Ylonen et al U.S. 2019/0334950 Private Key operations.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FATOUMATA TRAORE whose telephone number is (571)270-1685. The examiner can normally be reached 6:30-3:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached at 5712724219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Thursday, April 16, 2026
/FATOUMATA TRAORE/Primary Examiner, Art Unit 2436
Prosecution Insights