Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Applicant’s submission for RCE filed on 2/24/2021 has been entered. Applicant has amended claims 1-3, 5, 7, 11, 13-15 and 19-23 and canceled claims 4 and 16. Currently claims 1-3, 5-7, 9-11, 13-15, 18-23 are pending in this application. 

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Mr. Mohamed K Miled on Feb 23, 2021.
Application should be amended as follows:
(Previously Presented) A system comprising:
one or more processors and a memory configured to:
receive a plurality of specification profiles representing at least one of architecture data or configuration data of a computer network including a plurality of assets, each of the specification profiles defines one or more specification variables of the computer network or an asset thereof; 
receive vulnerability data from a vulnerability scanner configured to scan the computer network for vulnerabilities, the vulnerability data indicative of one or more vulnerabilities associated with the computer network;

query each asset of the subset of assets for respective profiling data indicative of a current state of operation of each asset of the subset of assets, the current state of operation of the asset indicative of whether or not the asset is exhibiting abnormal behavior in terms of connectivity or usage of processing or communication resources; 
receive, from one or more computing devices associated with the subset of assets, profiling data for the subset of assets; and
compute, for each asset of the plurality of assets of the computer network, a respective priority ranking value using the plurality of specification profiles, the vulnerability data and the profiling data for the subset of assets, the respective priority ranking value associated with the asset indicative of a priority level, compared to other assets of the computer network, for fixing a vulnerability affecting the asset.

(Previously Presented) The system of claim 1, wherein the one or more processors are further configured to provide the respective priority ranking value of at least one asset for display on a display device. 

(Previously Presented) The system of claim 1, wherein the one or more processors are further configured to transmit a set of executable instructions for patching a vulnerability affecting an asset to a computing device associated with the asset according to an order defined based on the priority ranking value. 
 
(Cancelled) 
 
(Previously Presented) The system of claim 1, wherein the one or more processors are configured to update the vulnerability data using the profiling data for the subset of assets. 

(Original) The system of claim 1, wherein the plurality of specification profiles include at least one of a service level agreement (SLA) profile, security profile, redundancy profile, risk profile, legal profile, ownership profile, and compliance profile.

(Previously Presented) The system of claim 1, wherein the profiling data for the subset of assets includes at least one of a connectivity status parameter, memory usage parameter, processing power usage parameter, or network resource usage parameter.

(Cancelled) 

(Previously Presented) The system of claim 1, wherein the one or more processors are further configured to:
receive, from one or more remote resources, data associated with published vulnerabilities; and 
supplement the vulnerability data received from the vulnerability scanner with the data associated with published vulnerabilities.

(Previously Presented) The system of claim 1, wherein the one or more processors are further configured to:
compress data including the vulnerability data, the specification profiles, the profiling data, and the priority ranking values; and 
provide the compressed data to a display device.

(Previously Presented) The system of claim 1, wherein the one or more processors are further configured to: 
determine functional dependencies between an asset and one or more other assets of the computer network based on at least one of the specification profiles, the vulnerability data, or the profiling data for the subset of assets; and
compute the priority ranking value based on the functional dependencies. 

(Cancelled) 

(Previously Presented) A method comprising:
receiving, by one or more computer servers communicatively coupled to a computer network including a plurality of assets, a plurality of specification profiles representing at least one of architecture data or configuration data of the computer network, each of the specification profiles defining one or more specification variables of the computer network or an asset thereof; 
receiving, by the one or more computer servers, vulnerability data from a vulnerability scanner configured to scan the computer network for vulnerabilities, the vulnerability data indicative of one or more vulnerabilities associated with the computer network;
identifying, by the one or more computer servers, a subset of assets of the plurality of assets, associated with discrepancies in the vulnerability data or discrepancies between the vulnerability data and the plurality of specification profiles, to query for profiling data;
querying, by the one or more computer servers, each asset of the subset of assets for respective profiling data indicative of a current state of operation of the asset, the current state of operation of the asset indicative of whether or not the asset is exhibiting abnormal behavior in terms of connectivity or usage of processing or communication resources;
receiving, by the one or more computer servers, profiling data for the subset of assets; and
computing, by the one or more computer servers, for each asset of the plurality of assets, a respective priority ranking value using the plurality of specification profiles, the vulnerability data and the profiling data for the subset of assets, the respective priority ranking value for the asset indicative of a priority level, compared to other assets of the computer network, for fixing a vulnerability affecting that asset.

(Previously Presented) The method of claim 13 further comprising providing, by the one or more computer servers, the respective priority ranking value of at least one asset for display on a display device. 

(Previously Presented) The method of claim 13 further comprising transmitting, by the one or more computer servers, a set of executable instructions for patching a vulnerability affecting an asset to a computing device associated with the asset according to an order defined based on the priority ranking value. 
 
(Cancelled) 
 
(Cancelled) 

(Previously Presented) The method of claim 13 comprising:
receiving, by the one or more computer servers, data associated with published vulnerabilities from one or more remote resources; and 
supplementing, by the one or more computer servers, the vulnerability data with the data associated with published vulnerabilities.

(Previously Presented) The method of claim 13 further comprising:
determining, by the one or more computer servers, functional dependencies between an asset and at least one or more other assets of the computer network based on at least one of the specification profiles, the vulnerability data, or the profiling data for the subset of assets; and 
computing, by the one or more computer servers, the respective priority ranking value of the asset based on the functional dependencies.

(Previously presented) A computer-readable medium with computer code instructions stored thereon, the computer code instructions when executed by one or more processors cause the one or more processors to:

receive vulnerability data from a vulnerability scanner configured to scan the computer network for vulnerabilities, the vulnerability data indicative of one or more vulnerabilities associated with the computer network;
identify a subset of assets of the plurality of assets, associated with discrepancies in the vulnerability data or discrepancies between the vulnerability data and the plurality of specification profiles, for query for profiling data;
query each asset of the subset of assets for respective profiling data indicative of a current state of operation of the asset, the current state of operation of the asset indicative of whether or not the asset is exhibiting abnormal behavior in terms of connectivity or usage of processing or communication resources;
receive profiling data for the subset of assets from one or more computing devices associated with the subset of assets; and
compute, for each asset of the plurality of assets, a respective priority ranking value using the plurality of specification profiles, the vulnerability data and the profiling data, the respective priority ranking value for the asset indicative of a priority level, compared to other assets of the computer network, for fixing a vulnerability affecting the asset.

(Currently Amended) The system of claim 1, wherein in querying each asset of the subset of assets for respective profiling data, the one or more processors are configured to query the asset according to a hierarchical profiling scheme defining a plurality of profiling steps and a corresponding plurality of sequential profiling queries, each profiling step of the plurality of profiling steps associated with a corresponding profiling query that includes a corresponding set of parameters, associated with corresponding criteria or threshold values, to be requested.

(Previously presented) The method of claim 13, wherein querying each asset of the subset of assets for respective profiling data includes querying the asset according to a hierarchical profiling scheme defining a plurality of profiling steps and a corresponding plurality of sequential profiling queries, each profiling step of the plurality of profiling steps associated with a corresponding profiling query that includes a corresponding set of parameters, associated with corresponding criteria or threshold values, to be requested.

(Previously presented) The computer-readable medium of claim 20, wherein the computer code instructions when executed by one or more processors cause the one or more processors to query the each asset of the subset of assets according to a hierarchical profiling scheme defining a plurality of profiling steps and a corresponding plurality of sequential profiling queries, each profiling step of the plurality of profiling steps associated with a corresponding profiling query that includes a corresponding set of parameters, associated with corresponding criteria or threshold values, to be requested.

Allowable Subject Matter
Claims 1-3, 5-7, 9-11, 13-15, 18-23 are allowed.
The following is an examiner’s statement of reasons for allowance:
Applicant filed terminal disclaimer on 2/25/2021 to overcome non-statutory double patenting rejection. The terminal disclaimer was approved on 2/26/2021 and as a result non-statutory double patenting rejection is withdrawn.
Claims 1, 13 and 20 are allowed because the prior art does not teach the combination of limitations as submitted and discussed (See, Pages 9 and 10) in the response filed by applicant on 2/25/2021 and when taken into the context of the claim as a whole. Dependent claims are allowed due to dependency.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOGESH PALIWAL whose telephone number is (571)270-1807.  The examiner can normally be reached on M-F 9:00AM-5:00PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P. Hirl can be reached on 5712723685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.







/YOGESH PALIWAL/Primary Examiner, Art Unit 2435