Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

This action is in response to the communication filed on 9/17/20.
All objections and rejections not set forth below have been withdrawn.
Claims 1 – 3, 5 – 8, 10 – 13 are pending.


Allowable Subject Matter

Claims 1 – 3, 5 – 8, 10 – 13 are allowed.

The following is an examiner’s statement of reasons for allowance:
Regarding claim 1 (and similarly recited within claims 2 and 10), the closest prior art, Jones et al., US 2018/0063182 A1, discloses:
A computer-implemented method for automatic collection, analysis and reporting 
of a cybersecurity threat (e.g. Jones, Abstract; par. 13), the method comprising:
providing a graphical user interface (e.g. Jones, fig. 1:111; par. 30 – e.g. web based configuration dashboard) designed to receive (i) a selection of one or more types of forensic artifacts to collect relating to a departing employee and (ii) one or more data source designations, wherein the one or more data source designations correspond to data sources including forensic artifacts that can be searched and collected (e.g. Jones, par. 18, 19, 30, 31, 51, 52, 54, 63; figs. 2a – 2j);
creating a standalone executable computer program to collect forensic artifacts on a remote client system based on the selection of one or more types of forensic artifacts to collect and one or more data source designations (the “executable computer program”) (e.g. Jones, par. 30, 81 – e.g. configurable, compiled, and downloadable tool);
transmitting the executable computer program to a client computer to enable the client computer to execute the executable computer program on the client’s remote client system computer to automatically collect the forensic artifacts based on the selection of the one or more types of forensic artifacts and the one or more data source designations with the interface (e.g. Jones, par. 31, 81), wherein collecting the forensic artifacts comprises obtaining the forensic artifacts from archived data corresponding to system data from a date earlier than a date of an execution of the executable computer program (e.g. Jones, par. 15 – 18, 43, 44 – herein the tool may comprise one or more modules designed to collect information [i.e. “forensic artifacts”] that was stored [i.e. “archived” from “a date earlier”] on a target computer);
receiving from the client computer an encrypted data package, wherein the encrypted data package includes the forensic artifacts automatically collected by the executable computer program (e.g. Jones, par. 82);
decrypting the encrypted data package to produce decrypted forensic artifacts (e.g. Jones, par. 32, 83);
using a forensic toolset to automatically analyze the decrypted forensic artifacts (e.g. Jones, par. 33, 34, 83), wherein the forensic toolset comprises a set of forensic tools that output analysis results, wherein analyzing the decrypted forensic artifacts is based on one or more analytic routines and one or more custom queries comprising a departing employee analysis (e.g. Jones, par. 83 - 85 – herein, the system programmatically analyzes [i.e. “analytic routines”],  according to a plurality of user selected configurations [i.e. “custom queries”], the forensic data).
However, the prior art fails to disclose, as found recited in combination with all remaining claim limitations, the features of “presenting through the graphical user interface an option to select one or more of at least two types of output reports, wherein the two types of output reports comprise an output report customized for a plurality of different types of forensic investigations and an output report customized for the technical proficiency of a given plurality of different readers at the client”.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”




Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEFFERY L WILLIAMS whose telephone number is (571)272-7965.  The examiner can normally be reached on 7:30 am - 4:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 






/JEFFERY L WILLIAMS/Primary Examiner, Art Unit 2495