Prosecution Insights
Last updated: July 17, 2026
Application No. 19/195,893

Multi Modal Application Segmentation Data Capture

Non-Final OA §103
Filed
May 01, 2025
Priority
Oct 13, 2021 — CIP of 12/348,525 +2 more
Examiner
CATTUNGAL, DEREENA T
Art Unit
Tech Center
Assignee
Zscaler Inc.
OA Round
1 (Non-Final)
80%
Grant Probability
Favorable
1-2
OA Rounds
1y 6m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 80% — above average
80%
Career Allowance Rate
224 granted / 279 resolved
+20.3% vs TC avg
Strong +30% interview lift
Without
With
+29.7%
Interview Lift
resolved cases with interview
Typical timeline
2y 9m
Avg Prosecution
23 currently pending
Career history
303
Total Applications
across all art units

Statute-Specific Performance

§101
1.8%
-38.2% vs TC avg
§103
85.4%
+45.4% vs TC avg
§102
6.3%
-33.7% vs TC avg
§112
4.3%
-35.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 279 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status 1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Double Patenting 2. The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on non-statutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) -706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-l.jsp. 3. Claims 1,7-11 and 17-20 of the instant application are rejected on the ground of non-statutory double patenting as being unpatentable claims 1-8 and 10-20 of the patent no. 12,348,525; claims 1-20 of the co-pending application 18/390,187; and claims 1-20 of co-pending application 18/098,464. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the current application encompass the same subject matter as the co-pending application claims [such as obtaining log data for a plurality of users of an enterprise where the log data relates to usage of a plurality of applications by the plurality of users; determining app-segments that are groupings of application of the plurality of applications and user-groups that are groupings of users of the plurality of users; and providing access policy of the plurality of applications based on the user-groups and the app-segments], but with obvious wording variations. "A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi 759 F.2d at 896, 225 USPQat651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness- type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). " ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001). Claim Rejections - 35 USC § 103 4.The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 5. Claim(s) 1-3 and 11-13 are rejected under 35 U.S.C. 103 as being unpatentable over of Chari (US Pub.No.2015/0242486) in view of Toh (US Pub.No.2020/0387956). 6. Regarding claims 1,11 Chari teaches a non-transitory computer-readable storage medium, a method having computer readable code stored thereon for programming at least one processor non-transitory computer-readable storage medium having computer readable code stored thereon for programming at least one processor to provide a Zero Trust Network Access (ZTNA) solution by performing steps of: obtaining application data for a plurality of applications of an enterprise, wherein the application data relates to applications present in an enterprises network; obtaining log data for a plurality of users of an enterprise where the user data relates to usage of the plurality of applications by the plurality of users (Fig.1, abstract and para:0024-0026 teaches resources 116 may be, for example, documents, software resources, such as applications and programs, hardware resources, such as processors and storage device, and/or network resources. The users of clients 110, 112, and 114 utilize clients 110, 112, and 114 to access resources 116. Resources 116 generate access logs 118. In other words, each resource in resources 116 generates its own access log. Alternatively, server 104 and/or server 106 may generate resource access logs 118 for resources 116 instead of or in addition to resources 116. Each access log associated with a particular resource records the name of the user that accessed the resource, the type of action performed by the user while accessing the particular resource, and the name of the particular resource accessed by the user. However, it should be noted that each access log in access logs 118 may record other information, such as, for example, date of access, time of access, role of user, security clearance level of user, permissions assigned to user, etc. Para:0026 and Para:0077 teaches the log data relates to usage of a plurality of applications/resources by the plurality of users); Chari teaches all the above claimed limitations but does not expressly teach providing access policy of the plurality of applications based on the user-groups and the app-segments. Toh teaches determining i) app-segments that are groupings of application of the plurality of applications and ii) user-groups that are groupings of users of the plurality of users; and providing access policy of the plurality of applications based on the user-groups and the app-segments (Para:0036 and Para:0050-0051 teaches an administrator of the application management can release or block features of the software applications of the software suite for the user group and according to a subscription or based on the user access right and log data). . Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filing to modify Chari to include providing access policy of the plurality of applications based on the user-groups and the app-segments as taught by Toh such a setup would monitor user activity and recognizes the application access pattern. 7. Regarding claims 2, 12 Chari teaches the non-transitory computer-readable storage medium and the method, wherein the obtaining application data is performed prior to deployment of the ZTNA solution (Para:0026, and Para:0077 teaches obtain log data relates to usage of a plurality of applications/resources by the plurality of users. Each access log associated with a particular resource/application records the name of the user that accessed the resource, the type of action performed by the user while accessing the particular resource, and the name of the particular resource accessed by the user. Each access log in access logs 118 may record other information, such as, for example, date of access, time of access, role of user, security clearance level of user, permissions assigned to user, etc.). 8. Regarding claims 3, 13 Chari in view of Toh teaches the non-transitory computer-readable storage medium and the method, wherein the obtaining application data is performed by employing a plurality of mechanisms adapted to collect application data (Chari: Para:0023, Para:0026, Para:0053 teaches monitoring the activity log or event log of users to access the resources. The log data relates to usage of a plurality of applications/resources by the plurality of users. Each access log associated with a particular resource/application records the name of the user that accessed the resource, the type of action performed by the user while accessing the particular resource, and the name of the particular resource accessed by the user. Each access log in access logs 118 may record other information, such as, for example, date of access, time of access, role of user, security clearance level of user, permissions assigned to user, etc. Toh: Para:0036 and Para:0050-0051 teaches accessing the software applications by a user group according to a subscription or based on the user access right and log data). 9. Claim(s) 4, 14 are rejected under 35 U.S.C. 103 as being unpatentable over of Chari (US Pub.No.2015/0242486) in view of Toh (US Pub.No.2020/0387956) as applied to claims 1,11 above and further in view of Weingarten (US Pub.No.2019/0052659). 10. Regarding claims 4, 14 Chari in view of Toh teaches all the above claimed limitations, but fails to teach the non-transitory computer-readable storage medium and the method, wherein the plurality of mechanisms includes deploying passive monitoring agents on user devices of the enterprise, collecting flow and log-based telemetry, building an inventory of services and applications, and performing active scanning of server subnets to collect application data of the enterprise Weingarten teaches the plurality of mechanisms includes deploying passive monitoring agents on user devices of the enterprise, collecting flow and log-based telemetry, building an inventory of services and applications, and performing active scanning of server subnets to collect application data of the enterprise (Para:0065, and Para: 0071 teaches the systems, devices, and methods disclosed herein can be designed around the concept of creating an initial "zero-trust" security architecture that can continuously collect endpoint data at various level of granularity within the system to persistently verify and establish the credibility of individual endpoints and the network as a whole. In some embodiments, this verification is established through artificial- intelligence (Al) driven analysis of individual endpoint, group, and network-wide usage patterns. In some embodiments, this analysis is centered on continuous monitoring and collection of data from endpoint devices, and the determination of a baseline usage of a user, endpoint device, group, subnetwork, network segment, or the network as a whole. Once established, baseline usage can be continuously updated and compared to current usage in order to authenticate users and endpoint devices on a persistent basis. Para: 0071 teaches In some embodiments, another central function of the system may be the creation, generation, and implementation of access policies, which can be based around determining a baseline usage or expectation of usage. In some embodiments, the generated access policies provide an outline for the endpoints, services, servers, programs, and the like). Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filing to modify Chari in view of Toh to include deploying passive monitoring agents on user devices of the enterprise, collecting flow and log-based telemetry, building an inventory of services and applications, and performing active scanning of server subnets to collect application data of the enterprise as taught by Weingarten such a setup/ technique would implement access policies in a zero trust network architecture (ZTNA) based on monitored and estimated metrics. 11. Claim(s) 5, 15 are rejected under 35 U.S.C. 103 as being unpatentable over of Chari (US Pub.No.2015/0242486) in view of Toh (US Pub.No.2020/0387956) as applied to claims 1,11 above and further in view of Gorlamandala (US Pub.No.2020/0356676). 12. Regarding claims 5 , 15 Chari in view of Toh teaches all the above claimed limitations, but fails to teach the non-transitory computer-readable storage medium, wherein the application data includes whether any of the plurality of applications are dormant applications. Gorlamandala teaches wherein the application data includes whether any of the plurality of applications are dormant applications (Para:0030 and Para:0039-0040 teaches checking the application accounts that are active and inactive) . Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filing to modify Chari in view of Toh to include the application data includes whether any of the plurality of applications are dormant applications as taught by Gorlamandala such a setup would monitor apps activities which results improved security and easier maintenance. 13. Regarding claims 6, 16 Gorlamandala teaches the non-transitory computer-readable storage medium, wherein the access policy includes blocking access to applications determined to be dormant (Para:0030 and Para:0039-0040 teaches restricting/removing access to inactive applications ) . 14. Regarding claims 7, 17 Gorlamandala teaches the non-transitory computer-readable storage medium, wherein the steps further comprise: providing a list of dormant applications to the enterprise for feedback; and providing access policy for the dormant applications based thereon (Para:0030 and Para: 0039-0040 teaches generating feedback/response and providing access policy for the dormant applications) . 15. Claim(s) 8 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over of Chari (US Pub.No.2015/0242486) in view of Toh (US Pub.No.2020/0387956) as applied to claims 1,11 above and further in view of Sankavaram (US Pub.No.2020/0252405). 16. Regarding claims 8,18 Chari in view of Toh teaches all the above claimed limitations but fails to teach the non-transitory computer-readable storage medium and the method wherein the log data is transformed to feature vectors, and wherein the determining includes clustering with the feature vectors. Sankavaram teaches the log data is transformed to feature vectors, and wherein the determining includes clustering with the feature vectors (Abstract, Para:0070 and Para:0075 teaches feature vectors are generated for the users based on the logs. Para:0083 and Para:0086 teaches clustering with feature vector). Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filing to modify Chari in view of Toh to include the log data is transformed to feature vectors, and wherein the determining includes clustering with the feature vectors as taught by Sankavaram such a setup would manage and/or adjust user access permission via cluster-based learning (Para:0002). 17. Claim(s) 9-10 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over of Chari (US Pub.No.2015/0242486) in view of Toh (US Pub.No.2020/0387956) as applied to claims 1,11 above and further in view of Janakiraman (US Pub.No.2021/0021621). 18. Regarding claim 9, 19 Chari in view of Toh teaches all the above claimed limitations but fails to teach the non-transitory computer-readable storage medium and the method wherein the determining is via a machine learning model that uses features including any of port and protocol usage pattern; the computer process that initiated the connection to the application; similarity based on domain names; an organization's network addressing structure; app location; user location; job title; department; manager; and behavior patterns. Janakiraman teaches determining is via a machine learning model that uses features including any of port and protocol usage pattern; the computer process that initiated the connection to the application; similarity based on domain names; an organization's network addressing structure; app location; user location; job title; department; manager; and behavior patterns (Figs. 1,3,4,6, Para:0028-0031 and Para:0040, Para:0048 and Para:0035-0036 teaches determining via model that uses features including port, IP address, access pattern, user/app location, job title; department; domain name etc.). Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filing to modify Chari in view of Toh to include determining via a machine learning model that uses features including any of port and protocol usage pattern; the computer process that initiated the connection to the application; similarity based on domain names; an organization's network addressing structure; app location; user location; job title; department; manager; and behavior patterns as taught by Janakiraman such a setup would help to detect anomalous or malicious user behavior in an enterprise network. 19. Regarding claims 10, 20 Janakiraman teaches the non-transitory computer-readable storage medium and the method, wherein the machine learning model includes an ensemble of different models (Para: 0026-0028 teaches training model). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri : 7:30 AM-5 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431
Read full office action

Prosecution Timeline

May 01, 2025
Application Filed
Jun 17, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683804
Hardened Encoded Message Check for RSA Signature Verification
2y 9m to grant Granted Jul 14, 2026
Patent 12664251
STATEMENT PROOF AND VERIFICATION
1y 8m to grant Granted Jun 23, 2026
Patent 12652180
METHOD, APPARATUS, DEVICE, AND STORAGE MEDIUM FOR DATA PROCESSING
1y 7m to grant Granted Jun 09, 2026
Patent 12645819
MANAGEMENT OF MULTIPLE DIGITAL IDENTITIES USING A CENTRALIZED DISTRIBUTED LEDGER
2y 5m to grant Granted Jun 02, 2026
Patent 12632608
INTEGRATED CIRCUIT DEVICE WITH PROTECTION AGAINST MALICIOUS ATTACKS
3y 4m to grant Granted May 19, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
80%
Grant Probability
99%
With Interview (+29.7%)
2y 9m (~1y 6m remaining)
Median Time to Grant
Low
PTA Risk
Based on 279 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month