Prosecution Insights
Last updated: July 17, 2026
Application No. 19/012,397

GENERATING AN EFFICIENT GRAPH DATABASE FOR RELATIONSHIP QUERYING AND CYBERSECURITY ANALYSIS

Non-Final OA §101§103
Filed
Jan 07, 2025
Priority
Jan 08, 2024 — provisional 63/618,600
Examiner
DHRUV, DARSHAN I
Art Unit
2498
Tech Center
2400 — Computer Networks
Assignee
Veracode Inc.
OA Round
1 (Non-Final)
80%
Grant Probability
Favorable
1-2
OA Rounds
1y 1m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 80% — above average
80%
Career Allowance Rate
363 granted / 454 resolved
+22.0% vs TC avg
Strong +47% interview lift
Without
With
+46.9%
Interview Lift
resolved cases with interview
Typical timeline
2y 8m
Avg Prosecution
12 currently pending
Career history
468
Total Applications
across all art units

Statute-Specific Performance

§101
1.6%
-38.4% vs TC avg
§103
94.2%
+54.2% vs TC avg
§102
1.5%
-38.5% vs TC avg
§112
1.7%
-38.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 454 resolved cases

Office Action

§101 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This initial written action is responding to the communication dated on 01/07/2025. Claims 1-12 are submitted for examination. Claims 1-12 are pending. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Priority This application filed on January 07, 2025 claims priority of Provisional application 63/618,600 filed on January 08, 2024. Claim Objections Claim 1 objected to because of the following informalities: Claim 1 recites a limitation, “…..and generating a graph database based on the cataloged at least one package..”. There is an insufficient antecedent basis. Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites, “ identifying at least one new package in at least one source database; generating a download request associated with the at least one new package; based on the download request, downloading the at least one new package from the at least one source database associated with the at least one new package; preprocessing the at least one new package to define at least one text representation of the at least one new package; cataloging the at least one new package based on the at least one text representation; and generating a graph database based on the cataloged at least one package”. The limitations, identifying at least one new package, generating download request, downloading one new package, defining text representation of the at least one new package, cataloging the at least new package and generating a graph database. as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than saying “by a processor,” nothing in the claim element precludes the step from practically being performed in the mind. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application. In particular, the claim does not recites any additional elements that can integrate in to the practical application. Accordingly, there aren’t additional elements that integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor to perform steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible. Dependent claims 2-12 do not represent significantly more and are too directed to non-statutory subject matter. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-4 are rejected under 35 U.S.C. 103 as being unpatentable over Balber et al. (US PGPUB. # US 2023/0367911, hereinafter “Balber”), and further in view of Yan et al. (US PGPUB. # US 2023/0060127, hereinafter “Yan”). Regarding Claim 1, Balber teaches, A method for generating a graph database, comprising: identifying at least one new package in at least one source database; (¶30, “the set of expected scripted build instructions may include at least one of: accessing an external file, identifying a module used to download and install third-party packages, or building, tagging, and pushing an image to a container registry”, Fig. 4, ¶84, “a scripted build instruction may be a line of code in the build script that identifies a source to obtain other data for use in a build. Sources may include a docker image, a third-party package, an external container image, or any other source of data”, ¶85, “if the set of expected build instructions includes the name of a container image that needs to be pulled”, i.e. a container image (new package) is identified from a source) generating a download request associated with the at least one new package; (¶85, “if the set of expected build instructions includes the name of a container image that needs to be pulled and instructions to run the container, the expected build actions may include establishing a connection to the container image source through an IP address or port”, ¶87, “if the scripted build instructions include a command to download and install a third-party package, the expected build actions may include determining the connection requirements to access the external source”, ¶90, “Examples of tiered security policies may include allowing a connection to a repository containing an external file, granting permission to connect to a resource from which third-party packages will be downloaded, granting permission to generate folders or files associated with the third-party packages, granting permission to connect to a container registry, or granting permission to execute a specific set of system call commands”, i.e. a download request is generated) based on the download request, downloading the at least one new package from the at least one source database associated with the at least one new package; (¶92, “an example of a build action may be the command “pip install <<PACKAGE_NAME>> “that may be invoked to install a third party package. In such a case, a first sub-action may be “go to ‘server X’ and download a specific package.” “Server X” may be, for example, a package manager or a package index such as “PyPi™”, ¶95, “Enforcing the security policy may include permitting the build machine to perform the expected build actions, such as connecting to a repository containing an external file, connecting to a resource from which third-party packages will be downloaded, generating folders or file structures associated with certain third-party packages, connecting to a container registry, or executing a specific set of system call commands”, i.e. a new container image (package) is downloaded) Balber does not teach explicitly, preprocessing the at least one new package to define at least one text representation of the at least one new package; cataloging the at least one new package based on the at least one text representation; and generating a graph database based on the cataloged at least one package. However, Yan teaches, preprocessing the at least one new package to define at least one text representation of the at least one new package; (Balber teaches, preprocessing and generating a graph database (¶76), Yan teaches, Fig. 2, ¶37-¶39, ¶40, “the processing flow 200 may include performing one or more operations or transformations on the data and apply graph algorithms on the datasets. The obtained data may be in a raw data format and may be parsed and transformed by the system 102 into proper nodes and edges for ingestion by the system 106”, Fig. 4, ¶52-¶53, i.e. new data is preprocessed) cataloging the at least one new package based on the at least one text representation; (¶41, “one or more rules may link or define edges between different data types, such as relationships between business issues and different lines of business. In another example, the rules may include user-defined relationships, e.g., a user may utilize an input device to define links between nodes”, ¶42-¶43, “system 102 may apply a cosine similarity analysis to each of the structured data and/or unstructured data to measure the similarity in the text to determine connection information and elements of nodes, ¶44, Fig. 4, ¶54 i.e. structured and unstructured data (package) is cataloged based on a text representation) and generating a graph database based on the cataloged at least one package. (Fig. 2, ¶45, “at block 206 processing flow 200 may include running a graph algorithm and generating a graph model. The graph model may be generated based on the identified elements and connection information determined from one or more of the analyses performed”, ¶47, i.e. a graph database is generated). As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness. It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Yan with the invention of Balber. Balber teaches, identifying a container image in a source database and downloading the container image based on generated download request. Yan teaches, generating a graph database by analyzing and cataloging the received data. Therefore, it would have been obvious to generate a graph database by analyzing and cataloging the received data of Yan with identifying a container image in a source database and downloading the container image based on generated download request of Balber to store data that is highly connected to provide flexibility in adding data, running faster relationship-based searches, and indexing by relationships. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). Regarding Claim 2, rejection of Claim 1 is included and for the same motivation Balber does not teach explicitly, The method of claim 1, further comprising: receiving at least one query associated with a context of data of the at least one text representation in the graph database; and analyzing, based on the at least one query, the data to define a contextual summary. However, Yan teaches, The method of claim 1, further comprising: receiving at least one query associated with a context of data of the at least one text representation in the graph database; (Fig. 8, ¶65, “receiving and processing a query for information in a graph database”, i.e. a query for a graph database is received) and analyzing, based on the at least one query, the data to define a contextual summary. (Fig. 8, ¶66-¶67, i.e. graph database is analyzed based on the received query). Regarding Claim 3, rejection of Claim 2 is included and for the same motivation Balber does not teach explicitly, The method of claim 2, wherein analyzing the data in the graph database includes generating a concrete syntax tree associated with the data. However, Yan teaches, The method of claim 2, wherein analyzing the data in the graph database includes generating a concrete syntax tree associated with the data. (Fig. 3, Fig. 8, ¶66, Fig. 9, ¶69, i.e. a tree structure associated with related data is generated). Regarding Claim 4, rejection of Claim 3 is included and for the same motivation Balber does not teach explicitly, The method of claim 3, further comprising: defining the contextual summary based on the concrete syntax tree. However, Yan teaches, The method of claim 3, further comprising: defining the contextual summary based on the concrete syntax tree. (Fig. 8, ¶65-¶66, Fig. 9, ¶69-¶70). Claims 5-12 are rejected under 35 U.S.C. 103 as being unpatentable over Balber et al. (US PGPUB. # US 2023/0367911, hereinafter “Balber”), and further in view of Yan et al. (US PGPUB. # US 2023/0060127, hereinafter “Yan”), and further in view of Acheson et al. (US PAT. # US 11,657,088, hereinafter “Acheson”). Regarding Claim 5, rejection of Claim 1 is included and Balber does not teach explicitly, The method of claim 1, further comprising: receiving at least one query associated with the graph database; identifying at least one entry point based on the query and the graph database; determining associations associated with the graph database based on the at least one entry point; and generating, based on the associations, a subgraph associated with data in the graph database that is related to the at least one entry point, the subgraph associated with interrelations between data. However, Yan teaches, The method of claim 1, further comprising: receiving at least one query associated with the graph database; (Fig. 8, ¶65, “the processing flow 800 includes receiving and processing a query for information in a graph database”, ¶66) As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness. It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Yan with the invention of Balber. Balber teaches, identifying a container image in a source database and downloading the container image based on generated download request. Yan teaches, generating a graph database by analyzing and cataloging the received data. Therefore, it would have been obvious to generate a graph database by analyzing and cataloging the received data of Yan with identifying a container image in a source database and downloading the container image based on generated download request of Balber to store data that is highly connected to provide flexibility in adding data, running faster relationship-based searches, and indexing by relationships. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). Combination of Balber and Yan does not teach explicitly, identifying at least one entry point based on the query and the graph database; determining associations associated with the graph database based on the at least one entry point; and generating, based on the associations, a subgraph associated with data in the graph database that is related to the at least one entry point, the subgraph associated with interrelations between data. However, Acheson teaches, identifying at least one entry point based on the query and the graph database; (Fig. 5, CL(14), LN(14-19), Fig. 7, CL(16), LN(66-67), CL(17), LN(1-20), Fig. 8, CL(17), LN(35-55), i.e. an index (entry point) is identified). determining associations associated with the graph database based on the at least one entry point; (Fig. 5, CL(14), LN(14-19), Fig. 7, CL(16), LN(66-67), CL(17), LN(1-20), i.e. association with an entry point is determined), and generating, based on the associations, a subgraph associated with data in the graph database that is related to the at least one entry point, the subgraph associated with interrelations between data. (Fig. 8, CL(18), LN(10-32), “in response to receiving the query directed to the index object, the subset of data objects may be accessed according to the links of the index object in order to perform the query”). As per KSR vs Teleflex, combining prior art elements according to known methods (device, product) to yield predictable results may be used to create a prima facie case of obviousness. It would have been obvious to one of ordinary skill in the art before the effective filing date to have combined the teachings of Acheson with the invention of Balber in view of Yan. Balber in view of Yan teaches, identifying a container image in a source database and downloading the container image based on generated download request and generating a graph database by analyzing and cataloging the received data. Acheson teaches, creating an index in a graph database for a query to provide an entry point to retrieve related subset of data. Therefore, it would have been obvious to create an index in a graph database for a query to provide an entry point to retrieve related subset of data of Acheson in to the teachings of Balber in view of Yan to increase the speed at which queries to a graph data structure can be performed. KSR Int’l v. Teleflex Inc., 127 S. Ct. 1727, 1740-41, 82 USPQ2d 1385, 1396 (2007). Regarding Claim 6, rejection of Claim 5 is included and for the same motivation combination of Balber and Yan does not teach explicitly, The method of claim 5, wherein the at least one entry point is stored in an entry point database. However, Acheson teaches, The method of claim 5, wherein the at least one entry point is stored in an entry point database. (Fig. 6, CL(14), LN(41-67), CL(15), LN(1-20), “Create index object request 630 may include a directory identifier, in various embodiments. The directory identifier may identify the directory structure in which the index object is to be included and may inform routing 232 of which storage node, storage node 620, is to perform the request (e.g., as storage node 620 may store some or all of the directory structure. Create index object request 630 may identify the attribute(s) to index”, i.e. index (entry point) is stored in a storage node database). Regarding Claim 7, rejection of Claim 5 is included and for the same motivation combination of Balber and Yan does not teach explicitly, The method of claim 5, wherein the at least one entry point can be associated with a plurality of data types. However, Acheson teaches, The method of claim 5, wherein the at least one entry point can be associated with a plurality of data types. (Fig. 6, CL(14), LN(56-67), CL(15), LN(1-20)). Regarding Claim 8, rejection of Claim 5 is included and for the same motivation combination of Balber and Yan does not teach explicitly, The method of claims 5, wherein the associations are associated with at least one of a package, social information, a file, open source exposure, or metadata. However, Acheson teaches, The method of claims 5, wherein the associations are associated with at least one of a package, social information, a file, open source exposure, or metadata. (Fig. 4, CL(11), LN(49-67), CL(12), LN(1-12), “A schema may be treated as a set of metadata which can be referred to from a variety of different locations (e.g., from different directory structures)”). Regarding Claim 9, rejection of Claim 5 is included and for the same motivation Balber does not teach explicitly, The method of claim 5, wherein the associations are nodes on the graph database. However, Yan teaches, The method of claim 5, wherein the associations are nodes on the graph database. (Fig. 2, ¶40-¶43, Fig. 3). Regarding Claim 10, rejection of Claim 9 is included and Balber does not teach explicitly, The method of claim 9, wherein cataloging the at least one new package includes identifying new associations based on the at least one new package and including the new associations as new nodes on the graph database. However, Yan teaches, The method of claim 9, wherein cataloging the at least one new package includes identifying new associations based on the at least one new package and including the new associations as new nodes on the graph database. (Fig. 2, ¶41, “one or more rules may link or define edges between different data types, such as relationships between business issues and different lines of business. In another example, the rules may include user-defined relationships, e.g., a user may utilize an input device to define links between nodes”, ¶42-¶43, “system 102 may apply a cosine similarity analysis to each of the structured data and/or unstructured data to measure the similarity in the text to determine connection information and elements of nodes, ¶44, Fig. 4, ¶54 i.e. new association is added as a new node on a graph database). Regarding Claim 11, rejection of Claim 5 is included and for the same motivation Balber teaches, The method of claim 5, wherein [the query] corresponds to a malicious information [query]. (Fig. 5, ¶102-¶103). Balber does not teach explicitly The method of claim 5, [wherein] the query [corresponds to a malicious information] query. However, Yan teaches, The method of claim 5, [wherein] the query ; (Fig. 8, ¶65, “receiving and processing a query for information in a graph database”, i.e. a query for a graph database is received) [corresponds to a malicious information] query ; (Fig. 8, ¶65). Regarding Claim 12, rejection of Claim 5 is included and for the same motivation combination of Balber and Yan does not teach explicitly, The method of claim 5, wherein the at least one entry point can be associated with at least one index associated with the graph database. However, Acheson teaches, The method of claim 5, wherein the at least one entry point can be associated with at least one index associated with the graph database. (Fig. 5, CL(14), LN(14-19), Fig. 7, CL(16), LN(66-67), CL(17), LN(1-20), Fig. 8, CL(17), LN(35-55), i.e. an entry point is associated with an index). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Refer to PTO-892, Notice of References Cited for a listing of analogous art. Berkovitz et al. (US PAT. # US 12,518,021) discloses, a cybersecurity system provides the ability to detect security risks in a cross-platform cloud solution. A unified data schema is used to abstract resources, principals and others across multiple platforms. A security graph is generated to present a unified view of cloud environments, which are then easily queried using the structure of the data schema. The solution allows a compact representation of cloud environments, which is scalable and multi-layered. Various enrichments may be added to the security graph, which are generated for example based on policies, and inspection of workloads in the cloud environment. The security graph allows for representation of production environments, staging environments, as well as code for deploying workloads in the cloud environment. Thus the solution is also able to present a complete picture of a user's entire cloud environment. Birru et al. (US PAT. # US 12,204,524) discloses, a method for electronic processing of user queries maintaining factual consistency during processing includes receiving a user query, executing a hybrid retrieval operation, generating a context information space that includes a set of paragraph output from the paragraph retrieval operation, a set of triplet output from the triplet retrieval operation, and a set of graphs output from the graph retrieval operation. Furthermore, generating a first prompt instruction to generate an intermediate rationale as explanation output and performing an automatic fact-checking operation to verify the explanation output and re-feeding the user query along with the generated explanation output to the generative language model to derive an answer output that is succinct in one or more language parameters as compared to the generated explanation output. The answer output includes a verified and evidence-supported answer and at least one fact reference from first set of factual information with reduced hallucinations and factual inconsistencies. Gandhi et al. (US PGPUB. # US 2024/0296145) discloses, representing and using metadata via graph database. In some aspects, a method includes receiving, at one or more computing devices, first metadata associated with data files from one or more data sources, the first metadata representing a plurality of features of associated data included in the data files, the plurality of features including at least one of a file name, a table name, an attribute, a row name, and a column name; determining relationships among the plurality of features to generate second metadata representing content of the data files; and generating a graph database representing the content of the data files, the graph database including a set of nodes and a set of edges, wherein each node in the set of nodes represents a feature of the plurality of features, and each edge represents a relationship between two nodes in the set of nodes. Vant et al. (US PGPUB. # US 2024/0211515) discloses, methods comprising determining a dataset of entries, each comprising an entity identifier and associated application identifier(s) are provided. One method comprises determining a set of application pairs from the dataset; determining a correlation score for each application pair based; responsive to the correlation score exceeding a threshold correlation value: determining application identifiers of the application pair as being correlated; providing a correlation write request comprising the applications identifiers of the pair to an app recommender database. Kramer (US PGPUB. # US 2024/0062076) discloses, a method for creating a graph database implemented knowledge mesh is disclosed. The method includes receiving, by a computer system, data from a plurality of different streams and identifying, by the computer system executing at least one machine learning model, a plurality of triples included in the data. The method also comprises filtering, by the computer system, the plurality of triples to identify a relevant subset of triples by applying an ontological filter, applying, by the computer system, a disambiguation routine to the relevant subset of triples to correlate entities included in the relevant subset to other entities in a graph database and determine a degree of confidence with each correlation, and creating, by the computer system, a knowledge mesh using the graph database. The knowledge mesh comprises the relevant subset of triples, each correlation identified by application of the disambiguation routine, and the degree of confidence with each correlation. Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316. The examiner can normally be reached M-F 9:00 AM-5:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /DARSHAN I DHRUV/ Primary Examiner, Art Unit 2498
Read full office action

Prosecution Timeline

Jan 07, 2025
Application Filed
Jun 03, 2026
Non-Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683997
DISTRIBUTED SYSTEM FOR CYBERSECURITY DATA COLLECTION AND TRAFFIC MASKING
3y 9m to grant Granted Jul 14, 2026
Patent 12671580
Image Sensor, Method and Host
2y 3m to grant Granted Jun 30, 2026
Patent 12645844
STORAGE DEVICE AND SYSTEM
2y 3m to grant Granted Jun 02, 2026
Patent 12634297
SYSTEMS AND METHODS FOR AUTONOMOUS PROGRAM DETECTION
4y 9m to grant Granted May 19, 2026
Patent 12632537
Executing Cryptographic Operations In A Secure Element Platform Runtime Environment
2y 5m to grant Granted May 19, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
80%
Grant Probability
99%
With Interview (+46.9%)
2y 8m (~1y 1m remaining)
Median Time to Grant
Low
PTA Risk
Based on 454 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month