Prosecution Insights
Last updated: July 17, 2026
Application No. 19/198,051

Agentless database protection

Non-Final OA §101§103
Filed
May 04, 2025
Priority
Dec 31, 2024 — provisional 63/740,361
Examiner
HUSSEIN, HASSAN A
Art Unit
2497
Tech Center
2400 — Computer Networks
Assignee
Dbdome Ltd.
OA Round
1 (Non-Final)
59%
Grant Probability
Moderate
1-2
OA Rounds
1y 9m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 59% of resolved cases
59%
Career Allowance Rate
80 granted / 135 resolved
+1.3% vs TC avg
Strong +55% interview lift
Without
With
+54.6%
Interview Lift
resolved cases with interview
Typical timeline
3y 0m
Avg Prosecution
26 currently pending
Career history
168
Total Applications
across all art units

Statute-Specific Performance

§101
0.6%
-39.4% vs TC avg
§103
97.7%
+57.7% vs TC avg
§102
0.8%
-39.2% vs TC avg
§112
0.2%
-39.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 135 resolved cases

Office Action

§101 §103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This office action is in response to the application filed on 05/04/2026. In which, claims 1-25 are pending and being considered, claims 1, 12 and 20 are independent, claims 1-25 are rejected. Specification Applicant is reminded of the proper language and format for an abstract of the disclosure. The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details. The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc. In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided. The abstract of the disclosure is objected to because on line 1 of Abstract the applicant states “disclosed”. A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b). Claim Objections Claim 7, 10, 18 and 25 are objected to because of the following informalities: In Claims 7, 18, 25, the applicant recites the limitation “the result”, this is a typographical error and a lack of antecedent basis. Examiner states amending the claim by removing the phrase “the” in front of result. Appropriate correction is required. In Claims 7, 18, 25, the applicant recites the limitation “its assigned”, this is a typographical error and Examiner states amending the claim by removing the phrase “its”. Appropriate correction is required. In Claim 10, the applicant recites the limitation “the owner”, this is a typographical error and a lack of antecedent basis. Examiner states amending the claim by removing the phrase “the” in front of result. Appropriate correction is required. In regards to Claim 25, the applicant recites the limitation “interogation”, this is a typographical error and the claim should read “interrogation”. Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 20-25 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter In regards to Claim 20, claim 20 is rejected under U.S.C. 101 because the claims are directed to non-statutory subject matter. Claim 20 is directed to “a computer program product” and recites “computer program product comprising a computer-readable storage medium having computer-executable instructions for”. Under a recent precedential opinion, the scope of the recited “computer readable storage medium” encompasses transitory media such as signals or carrier waves, whereas the specification fails to clarify and does not limits the computer readable storage medium to non-transitory forms See Ex parte Mewherter, 107 USPQ2d 1857, 1862 (PTAB 2013) (precedential) (holding recited machine-readable storage medium ineligible under § 35 U.S.C. 101 since it encompassed transitory media). The specifications state in Par. (0075) “non-transitory storage medium that may store instructions to perform operations and/or processes.”. The Examiner respectfully suggests that the claim be amended to either “a non-transitory computer readable storage medium” or “a computer storage device” to make the claim statutory under 35 USC 101. In regards to Claims 21-25, claim 21-25 are also rejected under 35 U.S.C 101 being directed to non-statutory subject matter for the same reasons. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-8 and 10-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Miller et al. (U.S Pub. No. 20210216666, hereinafter referred to as “Miller”) further in view of Gupta et al. (U.S Pub. No. 20160337400, hereinafter referred to as “Gupta”) In regards to Claim 1, Miller teaches a computer implemented method for protecting at least one or more databases installed on one or more servers from security threats, the method comprising: (Par. (0194); data protection of storage systems from security threat)), (Par. (0068, 0072); storage nodes with servers and storage nodes installed) interrogating the one or more databases by a monitoring database installed on a monitoring server to identify security threats to the one or more databases, (Par. (0505-0507); determining security threat to one or more databases (storage system) by interrogating the one or more databases by a monitoring database (system 400) continuously applies data protection based on targeted security threat to storage system), (Par. (0035); monitoring database (system 400 data protection at storage level) with monitoring server (server with data protection system) wherein the monitoring server is different from the one or more servers; and (Par. (0345); system 400 includes monitoring to storage system), (Par. (0035); monitoring server (server with data protection system) (Par. (0182); system 400 is different thanks storage servers and storage system) Miller does not explicitly teach once a security threat to a database of the one or more databases is identified, applying one or more countermeasures, respectively. Wherein Gupta teaches once a security threat to a database of the one or more databases is identified, (Par. (0041-0042); detecting injection attack on database) applying one or more countermeasures, respectively. (Par. (0005, 0075, 0079, 0088); after detecting attack a remediation action is performed)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of detecting vulnerabilities in a system to create more coping and detection mechanisms to detect presence of malware in a timely fashion and discourage attacks on financials and sensitive data. (Gupta Par. (0002)) In regards to Claim 2, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 1, wherein the interrogation of the one or more databases is performed in an agentless manner. (Par. (0505-0507); integration of the one or more databases (determining security threat to one or more databases (storage system) by interrogating the one or more databases by a monitoring database (system 400) and continuously applies data protection based on targeted security threat to storage system)), (Par. (0351-0354); is performed in an agentless manner. (system 400 not an agent performed determination and integration (concurrent performing of security threat detection) (Examiner Note: The specification is silent on what agentless manner includes or is described as therefore it will be broadly and reasonably interpreted that if there is no agent used to perform the interrogation the claim limitation will be met.) In regards to Claim 3, the combination of Miller and Gupta teach the method of claim 1, Gupta further teaches wherein the interrogation is performed by sending SQL queries issued by the monitoring database to the one or more databases. (Par. (0008-0009, 0011); sending and capturing queries determined to be injection attack on database by monitoring database (system that checks queries), queries may be an SQL injection attack)), (Par. (0041-0042, 0045); sending SQL queries issued by the monitoring database to the one or more databases. (monitoring database (application server) extracts and sends captured queries to analysis engine then to database when consistent) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of creating remediation and detection for SQL injection attacks to capture invalid web request and identify possible harm. (Gupta (Par. (0004-0006)) In regards to Claim 4, the combination of Miller and Gupta teach the method of claim 1, Gupta further teaches wherein the interrogation is performed online. (Par. (0005, 0042-0043); interrogation (determining and detecting attacks on database) is performed online (web request corresponding to detection)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of detecting vulnerabilities in a system to securely protect credit card transactions, payments and sensitive data on web request to distinguish valid web request from invalid and securely protect the system. (Gupta Par. (0002 and 0005-0006)) In regards to Claim 5, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 1, wherein the monitoring server is a multitasking server configured to allow multiple interrogation processes to be performed at the same time. (Par. (0354); monitoring server (system 400 with server); is a multitasking server configured to allow multiple interrogation processes to be performed at the same time (performed determination of security threat concurrently)), (Par. (0035); monitoring server (server with data protection system) In regards to Claim 6, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 1, further comprising obtaining one or more sets of rules, (Par. (0143); applying and taking set of rules), (Par. (0372-0374); obtaining and reading data that specifies rule)) wherein the interrogation of the one or more databases is performed according to the one or more sets of rules, and (Par. (0143); interrogation (monitoring of security threats) is performed according to a set of rules (predetermined set of rules associated with interrogation (monitoring of security threats)) wherein one or more rules of the one or more sets of rules are based on one or more metrics. (Par. (0143); predetermined set of rules based on metrics) In regards to Claim 7, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 6, wherein each metric of the one or more metrics is assigned with one or more thresholds and (Par. (0363); metric corresponding to threshold associated with security threat) wherein the security threats are identified by comparing the result of the metric to its assigned one or more thresholds. (Par. (0360-0363); security threat is indicated by comparing result of metric (data, write traffic and amount) to assigned threshold (threshold of time of difference ) In regards to Claim 8, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 7, wherein the one or more thresholds of each metric are determined in a dynamic manner. (Par. (0360-0363); threshold in dynamic manner (representative of a certain rate i.e. minute, hour, second etc.) (Examiner Note: In the instant application the specification states on Par. (0095) that a dynamic manner includes a predefined time interval. Therefore it will be broadly and reasonably interpreted as such). In regards to Claim 10, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 1, wherein the monitoring server is installed on the premises of the owner of the one or more databases or installed on a cloud as a Software as a Service (SaaS). (Par. (0105); monitoring server (system) installed on a cloud as a Software as a Service (SaaS) (software as a service used of authentication of databases (storage systems)), (Par. (0035); monitoring server (server with data protection system) In regards to Claim 11, the combination of Miller and Gupta teach the method of claim 1, Miller further teaches the method according to claim 1, wherein the interrogation is performed in a continuous manner. (Par. (0505-0507); wherein the interrogation is performed (determining security threat to one or more databases (storage system)) by continuous manner (continuously applies data protection based on targeted security threat to storage system)) In regards to Claim 12, Miller teaches a system for protecting one or more databases installed on one or more servers from security threats, the system comprising: (Par. (0194); data protection of storage systems from security threat)), (Par. (0068, 0072); storage nodes with servers and storage nodes installed) at least one controller; (Par. (0026); controller) at least one computer readable storage device storing instructions for execution by the at least one controller, the instructions, when executed, cause the system to: (Par. (0068); processor and computer readable medium) continuously interrogate the one or more databases by a monitoring database installed on a monitoring server different from the one or more servers, to identify security threats to the one or more databases; and (Par. (0505-0507); determining security threat to one or more databases (storage system) by interrogating the one or more databases by a monitoring database (system 400) continuously applies data protection based on targeted security threat to storage system), (Par. (0354); continuously interrogate the one or more databases (concurrently perform security threat determination of storage system) (Par. (0035); monitoring database (system 400 data protection at storage level) with monitoring server (server with data protection system) Miller does not explicitly teach once a security threat to a database of the one or more databases is identified, apply one or more countermeasures, respectively. Wherein Gupta teaches once a security threat to a database of the one or more databases is identified, (Par. (0041-0042); detecting injection attack on database) apply one or more countermeasures, respectively. (Par. (0005, 0075, 0079, 0088); after detecting attack a remediation action is performed)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of detecting vulnerabilities in a system to create more coping and detection mechanisms to detect presence of malware in a timely fashion and discourage attacks on financials and sensitive data. (Gupta Par. (0002)) In regards to Claim 13, the combination of Miller and Gupta teach the system of claim 12, Miller further teaches the system according to claim 12, further comprising the monitoring server and the monitoring database. (Par. (0035); monitoring database (system 400 data protection at storage level) with monitoring server (server with data protection system) In regards to Claim 14, the combination of Miller and Gupta teach the system of claim 12, Miller further teaches the system according to claim 12, wherein the interrogation of the one or more databases is performed in an agentless manner. (Par. (0505-0507); integration of the one or more databases (determining security threat to one or more databases (storage system) by interrogating the one or more databases by a monitoring database (system 400) and continuously applies data protection based on targeted security threat to storage system)), (Par. (0351-0354); is performed in an agentless manner. (system 400 not an agent performed determination and integration (concurrent performing of security threat detection) (Examiner Note: The specification is silent on what agentless manner includes or is described as therefore it will be broadly and reasonably interpreted that if there is no agent used to perform the interrogation the claim limitation will be met.) In regards to Claim 15, the combination of Miller and Gupta teach the system of claim 12, Gupta further teaches wherein the interrogation is performed by sending SQL queries issued by the monitoring database to the one or more databases. (Par. (0008-0009, 0011); sending and capturing queries determined to be injection attack on database by monitoring database (system that checks queries), queries may be an SQL injection attack)), (Par. (0041-0042, 0045); sending SQL queries issued by the monitoring database to the one or more databases. (monitoring database (application server) extracts and sends captured queries to analysis engine then to database when consistent) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of creating remediation and detection for SQL injection attacks to capture invalid web request and identify possible harm. (Gupta (Par. (0004-0006)) In regards to Claim 16, the combination of Miller and Gupta teach the system of claim 12, Gupta further teaches wherein the interrogation is performed online. (Par. (0005, 0042-0043); interrogation (determining and detecting attacks on database) is performed online (web request corresponding to detection)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of detecting vulnerabilities in a system to securely protect credit card transactions, payments and sensitive data on web request to distinguish valid web request from invalid and securely protect the system. (Gupta Par. (0002 and 0005-0006)) In regards to Claim 17, the combination of Miller and Gupta teach the system of claim 12, Miller further teaches the system according to claim 12, wherein the monitoring server is a multitasking server configured to allow multiple interrogation processes to be performed at the same time. (Par. (0354); monitoring server (system 400 with server); is a multitasking server configured to allow multiple interrogation processes to be performed at the same time (performed determination of security threat concurrently)), (Par. (0035); monitoring server (server with data protection system) In regards to Claim 18, the combination of Miller and Gupta teach the system of claim 12, Miller further teaches the system according to claim 12, wherein the instructions, when executed, further cause the system to obtain one or more sets of rules, (Par. (0143); applying and taking set of rules), (Par. (0372-0374); obtaining and reading data that specifies rule)) wherein: the interrogation of the one or more databases is performed according to the one or more sets of rules, one or more rules of the one or more sets of rules are based on one or more metrics, (Par. (0143); interrogation (monitoring of security threats) is performed according to a set of rules (predetermined set of rules associated with interrogation (monitoring of security threats)), (Par. (0143); predetermined set of rules based on metrics) each metric of the one or more metrics is assigned with one or more thresholds, and (Par. (0363); metric corresponding to threshold associated with security threat) the security threats are identified by comparing the result of the metric to its assigned one or more thresholds. (Par. (0360-0363); security threat is indicated by comparing result of metric (data, write traffic and amount) to assigned threshold (threshold of time of difference ) In regards to Claim 19, the combination of Miller and Gupta teach the system of claim 12, Miller further teaches the system according to claim 18, wherein the one or more thresholds of each metric are determined in a dynamic manner. (Par. (0360-0363); threshold in dynamic manner (representative of a certain rate i.e. minute, hour, second etc.) (Examiner Note: In the instant application the specification states on Par. (0095) that a dynamic manner includes a predefined time interval. Therefore it will be broadly and reasonably interpreted as such) In regards to Claim 20, Miller teaches a computer program product comprising a computer-readable storage medium having computer-executable instructions for: (Par. (0068); processor and computer readable medium) interrogating one or more databases installed on one or more servers by a monitoring database installed on a monitoring server to identify security threats to the one or more databases, (Par. (0505-0507); determining security threat to one or more databases (storage system) by interrogating the one or more databases by a monitoring database (system 400) continuously applies data protection based on targeted security threat to storage system), (Par. (0035); monitoring database (system 400 data protection at storage level) with monitoring server (server with data protection system) wherein the monitoring server is different from the one or more servers; and (Par. (0345); system 400 includes monitoring to storage system), (Par. (0035); monitoring server (server with data protection system) (Par. (0182); system 400 is different thanks storage servers and storage system) Miller does not explicitly teach once a security threat to a database of the one or more databases is identified, applying one or more countermeasures, respectively. Wherein Gupta teaches once a security threat to a database of the one or more databases is identified, (Par. (0041-0042); detecting injection attack on database) applying one or more countermeasures, respectively. (Par. (0005, 0075, 0079, 0088); after detecting attack a remediation action is performed)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of detecting vulnerabilities in a system to create more coping and detection mechanisms to detect presence of malware in a timely fashion and discourage attacks on financials and sensitive data. (Gupta Par. (0002)) In regards to Claim 21, the combination of Miller and Gupta teach the computer program product of claim 20, Miller further teaches the computer program product according to claim 20, wherein the interrogation of the one or more databases is performed in an agentless manner. (Par. (0505-0507); integration of the one or more databases (determining security threat to one or more databases (storage system) by interrogating the one or more databases by a monitoring database (system 400) and continuously applies data protection based on targeted security threat to storage system)), (Par. (0351-0354); is performed in an agentless manner. (system 400 not an agent performed determination and integration (concurrent performing of security threat detection) (Examiner Note: The specification is silent on what agentless manner includes or is described as therefore it will be broadly and reasonably interpreted that if there is no agent used to perform the interrogation the claim limitation will be met.) In regards to Claim 22, the combination of Miller and Gupta teach the computer program product of claim 20, Gupta further teaches wherein the interrogation is performed by sending SQL queries issued by the monitoring database to the one or more databases. (Par. (0008-0009, 0011); sending and capturing queries determined to be injection attack on database by monitoring database (system that checks queries), queries may be an SQL injection attack)), (Par. (0041-0042, 0045); sending SQL queries issued by the monitoring database to the one or more databases. (monitoring database (application server) extracts and sends captured queries to analysis engine then to database when consistent) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of creating remediation and detection for SQL injection attacks to capture invalid web request and identify possible harm. (Gupta (Par. (0004-0006)) In regards to Claim 23, the combination of Miller and Gupta teach the computer program product of claim 20, Gupta further teaches wherein the interrogation is performed online. (Par. (0005, 0042-0043); interrogation (determining and detecting attacks on database) is performed online (web request corresponding to detection)) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller to incorporate the teaching of Gupta to utilize the above feature because of the analogous concept of security detection on storage and database system based on security threats, with the motivation of detecting vulnerabilities in a system to securely protect credit card transactions, payments and sensitive data on web request to distinguish valid web request from invalid and securely protect the system. (Gupta Par. (0002 and 0005-0006)) In regards to Claim 24, the combination of Miller and Gupta teach the computer program product of claim 20, Miller further teaches the computer program product according to claim 20, wherein the monitoring server is a multitasking server configured to allow multiple interrogation processes to be performed at the same time. (Par. (0354); monitoring server (system 400 with server); is a multitasking server configured to allow multiple interrogation processes to be performed at the same time (performed determination of security threat concurrently)), (Par. (0035); monitoring server (server with data protection system) In regards to Claim 25, the combination of Miller and Gupta teach the computer program product of claim 20, Miller further teaches the computer program product according to claim 20, wherein the computer-readable storage medium has further computer-executable instructions for obtaining one or more sets of rules, and (Par. (0068); processor and computer readable medium) (Par. (0143); applying and taking set of rules), (Par. (0372-0374); obtaining and reading data that specifies rule)) wherein: the interogation of the one or more databases is performed according to the one or more sets of rules, (Par. (0143); interrogation (monitoring of security threats) is performed according to a set of rules (predetermined set of rules associated with interrogation (monitoring of security threats)) one or more rules of the one or more sets of rules are based on one or more metrics, (Par. (0143); predetermined set of rules based on metrics) each metric of the one or more metrics is assigned with one or more thresholds, (Par. (0363); metric corresponding to threshold associated with security threat) the one or more thresholds of each metric are determined in a dynamic manner, and (Par. (0360-0363); threshold in dynamic manner (representative of a certain rate i.e. minute, hour, second etc.) (Examiner Note: In the instant application the specification states on Par. (0095) that a dynamic manner includes a predefined time interval. Therefore it will be broadly and reasonably interpreted as such). the security threats are identified by comparing the result of the metric to its assigned one or more thresholds. (Par. (0360-0363); security threat is indicated by comparing result of metric (data, write traffic and amount) to assigned threshold (threshold of time of difference) Claim(s) 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Miller et al. (U.S Pub. No. 20210216666, hereinafter referred to as “Miller”) and Gupta et al. (U.S Pub. No. 20160337400, hereinafter referred to as “Gupta”) further in view of Ratho et al. (U.S Pub. No. 20230305945, hereinafter referred to as “Ratho”) In regards to Claim 9, the combination of Miller and Gupta do not explicitly teach wherein each set of rules of the one or more sets of rules comprises a decision tree, and wherein each decision tree is configured to identify a certain database security problem in the one or more databases. Wherein Ratho teaches wherein each set of rules of the one or more sets of rules comprises a decision tree, and (Par. (0050); decision tree with rules) wherein each decision tree is configured to identify a certain database security problem in the one or more databases. (Par. (0050); decision tree used to find security failures when gaining access to record in database and error identified by decision tree) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Miller and Gupta to incorporate the teaching of Ratho to utilize the above feature because of the analogous concept of security detection associated with database and identifying security problems, with the motivation of identifying security issues and errors of records in database to identify possible failures and allow decision trees to resolve matters in the system. (Ratho Par. (0049-0051)) Relevant Prior Art The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Stute; Michael Roy (U.S Pub. No. 20180343279) “SYSTEMS AND METHODS OF NETWORK SECURITY AND THREAT MANAGEMENT”. Considered this reference because it addressed security threat on a database in a system. Blasak da Fonseca; (U.S Pub. No. 20190132349) “AUDITING DATABASES FOR SECURITY VULNERABILITIES”. Considered this application because it relates a detection entity identify security vulnerabilities in a system. Wright; Chasity Latrice (U.S Pub. No. 20230254331) “SYSTEMS AND METHODS FOR SECURING DEVICES IN A COMPUTING ENVIRONMENT”. Considered this application because it addressed security threat and monitoring devices. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /HASSAN A HUSSEIN/Examiner, Art Unit 2497
Read full office action

Prosecution Timeline

May 04, 2025
Application Filed
Jun 30, 2026
Non-Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682075
Security Configuration Optimizer Systems and Methods
2y 3m to grant Granted Jul 14, 2026
Patent 12657341
USING MULTI-PARTY COMPUTATION AND K-ANONYMITY TECHNIQUES TO PROTECT CONFIDENTIAL INFORMATION
3y 8m to grant Granted Jun 16, 2026
Patent 12657332
SYSTEMS AND METHODS FOR FACILITATING ON-DEMAND ARTIFICIAL INTELLIGENCE MODELS FOR SANITIZING SENSITIVE DATA
3y 8m to grant Granted Jun 16, 2026
Patent 12659146
SYSTEM AND METHOD USING BLOCKCHAIN ATOMIC RECORD TRANSACTION PROCESSING
3y 8m to grant Granted Jun 16, 2026
Patent 12659301
SYSTEM AND METHOD FOR FIELD PROVISIONING OF CREDENTIALS USING QR CODES
3y 6m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
59%
Grant Probability
99%
With Interview (+54.6%)
3y 0m (~1y 9m remaining)
Median Time to Grant
Low
PTA Risk
Based on 135 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month