DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendments
	This office action responds to the amendments filed on October 13, 2020 for application 15/681,782.  Claims 61, 68, 76, and 94 were amended, claims 62-63, 66-67, and 69-70 were cancelled, and claims 142-147 were added as new claims.  Via the Examiner’s Amendment presented below, claims 61, 64-65, 68, 71, 76, and 143-147 were amended and claim 142 was cancelled.  Claims 61, 64-65, 68, 71-76, and 143-147 remain pending in the application.

Response to Arguments
	The Applicant’s arguments filed on October 13, 2020 have been fully considered, and the arguments are moot in view of the Examiner’s Amendment agreed upon by the Applicant.	

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Marc Van Dyke (Reg. No. 55,696) on January 11, 2020, and the authorization for the final version of the Examiner’s Amendment was received via e-mail on January 12, 2020.
The application has been amended as follows: 
61. 	(Currently Amended) A method of penetration testing of a networked system by a penetration testing system that is controlled by a user interface of a computing device so that a specific penetration testing campaign is executed according to one or more goals of an attacker which are explicitly selected for the specific penetration testing campaign, the method comprising:
receiving, by the penetration testing system and via the user interface of the computing device, one or more manually-entered inputs, the one or more manually-entered inputs explicitly selecting one or more goals of the attacker for the specific penetration testing campaign, wherein the one or more goals of the attacker serve as a criterion according to which it will be judged whether the attack was a success or a failure or to what extent the attack was a success or a failure, [[is selected from the group consisting of: 
i. a that is a node-count-maximizing goal that is associated with maximizing the number of network nodes satisfying a given condition that are being compromised in the specific penetration testing campaign; 
a that is a file-count-maximizing goal that is associated with maximizing the number of files satisfying a given condition;
iii. a that is a file-size-related goal that is associated with a file size of multiple files, wherein the combined size of the multiple files is required to be greater than a predefined size; and
iv. a that is a node-condition-based goal that is associated with a Boolean condition applying to network nodes of the networked system to create a subset of nodes, where the subset of nodes is defined as all the nodes of the networked system satisfying the Boolean condition; 
executing the specific penetration testing campaign, by the penetration testing system and according to the explicitly-selected one or more goals of the attacker, so as to test the networked system; and
reporting, by the penetration testing system, at least one security vulnerability determined to exist in the networked system by the executing of the specific penetration testing campaign, wherein the reporting comprises at least one of (i) causing a display device to display a report describing the at least one security vulnerability, and (ii) electronically transmitting a report describing the at least one security vulnerability. 

includes another goal that is a node-count-maximizing goal that is associated with maximizing the number of network nodes satisfying a given condition.

65. 	(Currently Amended) The method of claim 61 wherein the at least one goal includes another goal that is a file-count-maximizing goal that is associated with maximizing the number of files satisfying a given condition.

68. 	(Currently Amended) The method of claim 61 wherein the at least one goal includes another goal that is a file-size-related goal that is associated with a file size of multiple files, wherein the combined size of the multiple files is required to be greater than a predefined size.

71. 	(Currently Amended) The method of claim 61 wherein the at least one goal includes another goal that is a node-condition-based goal that is associated with a Boolean condition applying to network nodes of the networked system.

76. 	(Currently Amended) A system for penetration testing of a networked system, the system comprising:
a. a goals-selection user interface including one or more user interface components for explicit selection of one or more goals of an attacker of a specific penetration testing campaign, wherein the one or more goals of the attacker serve as a criterion according to which it will be judged whether the attack was a is selected from the group consisting of:
i. a goal that is a node-count-maximizing goal that is associated with maximizing the number of network nodes satisfying a given condition that are being compromised in the specific penetration testing campaign; 
ii. a goal that is a file-count-maximizing goal that is associated with maximizing the number of files satisfying a given condition;
iii. a goal that is a file-size-related goal that is associated with a file size of multiple files, wherein the combined size of the multiple files is required to be greater than a predefined size;
and
iv. a goal that is a node-condition-based goal that is associated with a Boolean condition applying to network nodes of the networked system to create a subset of nodes, where the subset of nodes is defined as all the nodes of the networked system satisfying the Boolean condition; 
b. a penetration-testing-campaign module programmed to perform the specific penetration testing campaign whose attacker has the one or more goals that are explicitly selected via the goals-selection user interface; and 


91. (Canceled)

94-96. (Canceled)

142. (Canceled)

143. 	(Currently Amended) The method of claim [[61 wherein the at least one goal is a node-count-maximizing goal [[of maximizing the number of network nodes that are compromised during the specific penetration testing campaign until a ratio of a number of already-compromised nodes to a number of not-yet-compromised nodes in the networked system exceeds a given threshold. 

144. 	(Currently Amended) The method of claim [[61 wherein the at least one goal is a file-count-maximizing goal that is one of maximizing the number of files exported out of the networked system during the specific penetration testing campaign and 

145. 	(Currently Amended) The method of claim [[61 wherein the at least one goal is a file-size-related goal that is one of exporting out of the networked system multiple files whose combined size is greater than the predefined size [[and encrypting multiple files whose combined size is greater than the predefined size.

146. 	(Currently Amended) The method of claim [[61 wherein the at least one goal is a node-condition-based goal [[of compromising a given number of network nodes that are members of [[the subset of the nodes of the networked system

147. 	(Currently Amended) The method of claim [[61, wherein the at least one goal is a node-condition-based goal [[of compromising all network nodes that are members of [[the subset of the nodes of the networked system

Allowable Subject Matter
Claims 61, 64-65, 68, 71-76, and 143-147 are allowed as amended.

6. “McAlear” (US 9,900,326), 7. “Boggs” (US 10,069,854), 8. “Vincent” (US 9,223,972), 9. “Brisebois” (US 10,326,748), 10. “Russ” (US 2008/0256638), 11. “Strom” (US 2017/0006055), 12. “Mendelev” (US 2015/0264074), 13. “Margel” (US 9,674,202), and 14. “Sharma” (NPL, “Detecting Data Exfiltration by Integrating Information Across Layers”).  
Schultz discloses a system and method for forecasting the risk of cyber-attacks on targeted networks, where method and system involves the forecasting of the likelihood of behaviors of an attacker attempting to execute one or more sub-goals before reaching the main goal leading to asset loss, thus extending the scope of the model beyond pure penetration testing approaches.  Kotler discloses a system for analyzing a computing system for potential breach points, including the use of criteria for validating successfully executed malicious actions based upon the goals of the attacker.  Ramalingam discloses a system for identifying malicious activity or other data usage through the use of active decoy data.  Mendelev discloses techniques for performing testing of applications, such as web applications, including the situation where the goal of the attacker is a denial of service attack.  Margel discloses techniques related to preventing large-scale data breaches involving the exfiltration on the order of terabytes of data.  Strom discloses a method for simulating a network attack where modification to client computer systems involves the installation of programs and the addition or deletion of data from files.  Russ discloses a system and Brisebois discloses a dynamic event-based authentication system, wherein the system stores files that can be classified based upon file type.  Cohen discloses systems and methods for risk detection and analysis in a computer network, including the manual input of data.  McAlear discloses an apparatus for use with a computer to secure the computer's stored data against malware in the computer's central processing unit and to prevent an attacker from encrypting data on a system.  Boggs discloses a methods and system for evaluating layered computer security products, including those situations involving an attacker targeting a particular operating system or version of an operating system.  Vincent discloses a malicious content detection system that involves the situation where an attacker targets a specific file type.  Cheng discloses techniques for assessing the risks associate with IoT devices.  Sharma discloses data exfiltration and the goal of the attacker to maximize the exfiltrated data via the exfiltration of data as quickly as possible.
What is missing from the prior art is a method and system with the following characteristics.  The method and system includes the penetration testing of a networked system by a penetration testing system that is controlled by a user interface of a computing device so that a specific penetration testing campaign is executed according to one or more goals of an attacker that are explicitly selected for the specific penetration testing campaign.  The method and system includes receiving, by the penetration testing system and via the user interface of the computing device, one or more manually-entered inputs that explicitly select one or more goals of the attacker for 

Any comments considered necessary by Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
	
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405.  The examiner can normally be reached on Monday-Friday 8:00-5:00 MT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.




/D'Arcy Winston Straub/Examiner, Art Unit 2491                                                                                                                                                                                                        
/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491