Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Application
This office action is in response to the most recent filings filed by applicants on 10/23/20. 
Claims 1, 13 and 20 are amended
No claims is/are cancelled
No claims are added
Claims 1-27 are pending

Continuation Application
The present application is a continuation of application # 15/046318, 15/198560, and PCT/US17/15483. 
Both application # 15/046318 (patent # 10268976) and 15/198560 (patent # 10515328) have been issued as patents. 

Double Patenting
Claims 1-27 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 4-8, 13, 16-19, 23, and 26-29 of U.S. Patent No. 10,268,976. Although the claims at issue are not identical, they are not patentably distinct from each other because the independent claims 1, 13 and 20 in the present independent claims 1, 13 and 23 of U.S. Patent No. 10,268,976.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper time wise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). Here, in the case of the present application compared to the parent application # 15/046318 (patent # 10268976), the claims in the present application are broader than the parent applications. 
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

101 Rejection
As discussed in the Notice of Allowance for U.S. Patent No. 10,268,976 mailed on 02/20/19, the claims are eligible under 35 U.S.C. 101. 
In both parent applications, # 15/046318 (patent # 10268976) and 15/198560 (patent # 10515328) the claims have been found to be eligible under 35 U.S.C. 101. Please see page 7 of the Notice of Allowance for 15/046318 (patent # 10268976) for further explanation on why the claims are eligible under 35 U.S.C. 101.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 6, 8-15, 19-22, 25 and 27 is/are rejected under 35 U.S.C. 103 as being unpatentable over Banerjee; Anirban et al. (US 2010/0186088), further in view of Mauseth; Michael Jon et al. (US 2008/0270209), CHITNIS; UPENDRA et al. (US 2009/0210419) and Otey; Matthew Eric et al. (US 8,595,240).

* In light of the Double Patenting Rejection above, since the claim limitations in the present application are broader in scope than the parent applications, the prior art reads on the claim limitations discussed in this application as seen below:

As per claims 1, 13 and 20: Banerjee shows:
A method for adjusting a cybersecurity risk score of a first company based on a cybersecurity posture of one or more vendors (Banerjee shows: abstract, Fig. 3), the method comprising:
A non-transitory computer-readable storage medium storing instructions that, when executed by one or more processors (Banerjee shows: abstract, Fig. 3), cause the one or more processors to perform operations comprising:
A system for adjusting a cybersecurity risk score of a first company based on a cybersecurity posture of one or more vendors that have a relationship with the first company through non-intrusive analysis of content of one or more vendor websites containing information that relates to the first company (Banerjee shows: abstract, Fig. 3), the system comprising:
a memory (Banerjee shows: [0075]-[0077]: shows memory); and 
one or more processors coupled to the memory, the one or more processors configured to (Banerjee shows: [0075]-[0077]: shows memory):
non-intrusively searching, by one or more processors, for information that is indicative of a relationship between the first company and the one or more vendors (Banerjee shows: abstract, Fig. 3, [0075]-[0077]);
Regarding the claim limitations below:
“generating a set of candidate universal resource locators (URLs) associated with a first vendor of the one or more vendors, where at least one candidate URL in the set of candidate URLs comprises first information corresponding to a website attributable to the first vendor and second information corresponding to the first company where the first vendor and the first company are different entities” 
The claim limitation above is discussed in applicants’ originally submitted specification in [0035]-[0036], in light of this description:
Banerjee shows in [0044] Undesirable websites can be grouped according to their role and function as follows.  [0045] Typosquatting or URL hijacking sites: An entity registers a website name similar to that of a popular site in order to "poach" the users who mistype the name.  For example, goole.com prompts users to query ask.com a direct competitor of google.com.  [0046] Phishing, pharming, and identity theft sites: Often enabled by email spam, which contains hyperlinks to web-pages that attempt to steal the users identity.  The email and the sites usually masquerade as financial institutions and use clever techniques to coerce the user, e.g. "Your checking account will be frozen unless you act immediately".  [0047] Virus-propagating sites: Bogus sites that are created to contaminate the computers of users that visit them.  Such sites can also use email spam to attract users.  [0048] Code-injection sites: Legitimate sites that themselves have been compromised and behave like virus propagation sites without the knowledge of their owner, or that display unsafe web advertisements. [0049] Sites with undesirable or offensive content: Sites use typosquatting, as described above, to "push" undesirable content to unsuspecting users.  An example is dosney.com, which ultimately leads to an adult content site, in stark contrast to the intended site disney.com. [0051] The present system provides an efficient system and method to identify rogue websites.  The present system is capable of being integrated into current software systems such as email clients or servers, web-browsers, search-engine mechanisms.  It can also form the basis of a stand-alone tool that can assess the safety of a web-site. [0052] The present system allows individual users to customize and implement the level of security they each require and the level of detail to which they desire to be informed with regard to the security status of a website. 
Banerjee shows [0068] Another object of the present system is to assess the problem of typosquatting for a given website.  According to one embodiment, given a website name (whether in use or under consideration before use) the present system provides a detailed report which includes: (a) a list of all possible similar names with 1 to k letter variations, where k is a user defined parameter, and variations include additions, removal, and substitutions of letters in the name; (b) a list of all registered and non registered names among that set of names; and (c) a classification of the registered names as: legitimate or incidentally similar and the type of business they are in, or as rogue web-sites and the type of threat they represent, including malware spreading, identity-theft, and parked domains (parked domains are domain names that are registered, but they do not point to a specific site, but instead point to a dynamically created site). This reads on the above claim limitation, specifically the claim limitation “generating a set of candidate universal resource locators (URLs) associated with”
Banerjee further shows Abstract, [0004]: where the first input includes URL for a webpage. Further, Banerjee shows website registration date and entity name check, it also shows checking for the name of the company that owns the site [0133]. The company that owns the website or URL reads on the "company" in the claim. Further, in [0081]-[0082] of Banerjee shows checking of links for advertisements on the website. Here, the entity that provides these advertisements for its products or services may read on "first vendor" in the claim. 
It should be noted that even though Banerjee shows checking for advertisement links (see [0024], [0025], [0028, [0044], [0081]-[0082], [0094]-[0098]), Banerjee does not explicitly show a merchant who is advertising these links for products and services on the company website. As such, Banerjee does not show “first vendor” to a level of anticipation of the functional limitation “first vendor” based on the description of this claim term in the specification. 
However, Mauseth shows “first vendor” at least in Fig. 1, [0031]. Further, [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
“The combination of familiar elements according to known methods is obvious when it does no more than yield predictable results.”  KSR Int’l Co. v. Teleflex, Inc., 550 U.S. 398, 416 (2007).  Modifying the “advertising links analysis” of Banerjee to include the “merchant scoring” as described by Mauseth when performing the identification of phishing, phony and malicious websites of Banerjee yields the predictable result of a method that integrates merchant scoring functionality when analyzing advertising links to more efficiently and effectively identify phishing, phony and malicious websites. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.
 “determining if the at least one candidate URL resolves to a website of the first vendor”
It should be noted that applicants originally submitted specification describes the above limitation in [0040]: websites of a company hosted by salesforce.com – “for a particular vendor (e.g., the owner of the domain "genericwebsite.com"), and may indicate that the set of candidate URLs included one thousand candidate URLs (each associated with a different company) of a second template type (e.g., https://<company>.my.salesforce.com)”
Banerjee shows in [0003]: looking at fake websites that often look legitimate through phishing activities. However, Banerjee does not explicitly show the step of checking if a company uses a service offered by the vendor. 
Further, [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.
Regarding the claim limitations below:
determining a cybersecurity posture for the first vendor ([0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website. [0054]: where Banerjee analyzes websites and their contents to determine risk score for a particular site as well as other measures of safety);
adjusting, by the one or more processors, a cybersecurity risk score of the company based, at least in part, on the determined cybersecurity posture for the first vendor (In applicants originally submitted specification the “cybersecurity posture” is described in the original spec as [0055]-[0057]. In [0136] - [0138]: where Banerjee investigates the reliability of other related sites to determine sub-scoring or weighting of the cyber risk of the company being examined. [0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website; [0054]: where Banerjee analyzes websites and their contents to determine risk score for a particular site as well as other measures of safety; Fig. 1 and [0077], regarding the structure of the system of the invention. [0028] - [0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website. [0054]: where Banerjee analyzes websites and their contents to determine risk score for a particular site as well as other measures of safety).

As per claims 2, 14 and 21: 
where the first information corresponds to a domain of the first vendor and the second information corresponds to a subdomain that is associated with the first company and is within the domain of the first vendor.
Applicants originally submitted specification shows the above claim at least in 0040 – websites of a company hosted by salesforce.com – “for a particular vendor (e.g., the owner of the domain "genericwebsite.com"), and may indicate that the set of candidate URLs included one thousand candidate URLs (each associated with a different company) of a second template type (e.g., https://<company>.my.salesforce.com).
In light of this description, Banerjee in view of Mauseth and Chitnis does not explicitly show “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period”.
Banerjee shows website registration date and entity name check, it also shows checking for the name of the company that owns the site ([0133], [0004]). The company that owns the website or URL reads on the "company" in the claim. Further, in [0081]-[0082] of Banerjee shows checking of links for advertisements on the website. Here, the entity that provides these advertisements for its products or services reads on "first vendor" in the claim. 
It should be noted that even though Banerjee shows checking for advertisement links (see [0024], [0025], [0028, [0044], [0081]-[0082], [0094]-[0098]), Banerjee does not explicitly show a merchant who is advertising these links for products and services on the company website. As such, Banerjee does not show “first vendor” to a level of anticipation of the functional limitation “first vendor” based on the description of this claim term in the specification. However, Mauseth shows “first vendor” at least in Fig. 1, [0031]. Further, [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.
However, Myers shows “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period” at least in FIG. 2A, par 40 – FIG. 2A shows URL as https://company.cloudstorageprovider.com.
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Meyers in the system of Banerjee, in order to provide URLs to documents on known cloud storage providers typically have recognizable patterns which may be identified utilizing the pattern matching techniques described above.  A configurable list of supported cloud storage providers and their URL textual patterns may be maintained in the registry or other settings configuration file, as is well-known in the art as taught by Meyers can be made more efficient and effective.

As per claims 3, 15 and 22: Banerjee shows:
appending the first information corresponding to the domain of the first vendor to the second information corresponding to the subdomain that is associated with the first company to form a first candidate URL.
Applicants originally submitted specification shows the above claim at least in 0040 – websites of a company hosted by salesforce.com – “for a particular vendor (e.g., the owner of the domain "genericwebsite.com"), and may indicate that the set of candidate URLs included one thousand candidate URLs (each associated with a different company) of a second template type (e.g., https://<company>.my.salesforce.com).
In light of this description, Banerjee in view of Mauseth and Chitnis does not explicitly show “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period”.
Banerjee shows website registration date and entity name check, it also shows checking for the name of the company that owns the site ([0133], [0004]). The company that owns the website or URL reads on the "company" in the claim. Further, in [0081]-[0082] of Banerjee shows checking of links for advertisements on the website. Here, the entity that provides these advertisements for its products or services reads on "first vendor" in the claim. 
It should be noted that even though Banerjee shows checking for advertisement links (see [0024], [0025], [0028, [0044], [0081]-[0082], [0094]-[0098]), Banerjee does not explicitly show a merchant who is advertising these links for products and services on the company website. As such, Banerjee does not show “first vendor” to a level of anticipation of the functional limitation “first vendor” based on the description of this claim term in the specification. However, Mauseth shows “first vendor” at least in Fig. 1, [0031]. Further, [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.
However, Myers shows “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period” at least in FIG. 2A, par 40 – FIG. 2A shows URL as https://company.cloudstorageprovider.com.
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Meyers in the system of Banerjee, in order to provide URLs to documents on known cloud storage providers typically have recognizable patterns which may be identified utilizing the pattern matching techniques described above.  A configurable list of supported cloud storage providers and their URL textual patterns may be maintained in the registry or other settings configuration file, as is well-known in the art as taught by Meyers can be made more efficient and effective.

As per claims 6 and 25: Banerjee shows:
where determining, by the one or more processors, if the at least one candidate URL resolves to a website of the first vendor comprises one or more of analyzing: source code of the website, image content included of the website, text content of the website.
In [0081]-[0082]: where Banerjee shows code-centric website profile analysis, [0081]-[0082]: shows analysis of images and videos, [0093]: shows analysis of web content, [0102]: where hyperlinks embedded in a host website are analyzed, [0081]-[[0082].
However, Banerjee does not explicitly show the step of checking if a company uses a service offered by the vendor.  
Further, [0069], [0120]-[0121], [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.

As per claims 8, 19 and 27: Banerjee shows:
method further comprising: determining a risk factor based on the use, by the first company, of a service offered by the first vendor where the risk factor represents a risk that a breach of the first vendor's cybersecurity will expose sensitive data of the first company; and determining a weighting factor associated with the risk factor where the cybersecurity risk score of the first company is adjusted based, at least in part, on the risk factor and the weighting factor ([0136]-[0138]: where Banerjee investigates the reliability of other related sites to determine sub-scoring or weighting of the cyber risk of the company being examined. [0028] - [0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website).

As per claims 9: Banerjee shows:
further comprising: 
identifying one or more additional vendors that are different from the first vendor and that offer additional services that are used by the first company ([0136]-[0138]: where Banerjee investigates the reliability of other related sites to determine sub-scoring or weighting of the cyber risk of the company being examined); 
determining cybersecurity postures for each of the one or more additional vendors ([0135]-[0139]: where Banerjee investigates the reliability of other related sites to determine sub-scoring or weighting of the cyber risk of the company being examined); and 
adjusting the cybersecurity risk score of the first company based, at least in part, on the cybersecurity postures determined for each of the one or more additional vendors ([0136]-[0138]: where Banerjee investigates the reliability of other related sites to determine sub-scoring or weighting of the cyber risk of the company being examined).

As per claims 10: Banerjee shows:
further comprising: generating a graph that depicts relationships between the first company and the first vendor and between the first company and each of one or more additional vendors where a relationship between the first company and a particular vendor, as depicted by the graph, indicates that the first company uses a service of the particular vendor.
It should be noted that the above limitations are shown in [0031] of applicants originally submitted specification as “user interface adapter 167 may, in certain embodiments, enable a user to interact with the user station 160.”
This is shown by Banerjee at least in [0078], [0092], [0091]: Where Banerjee shows user-specific preferences and prior history for a final answer or output 214 using machine learning and other techniques, [0125] (show representing the site as in a graph) and [0140] (“The decision logic module 1100 provides and receives feedback 1105 to and from the user/operator through the interface.”).
Further, Mauseth shows modeling of relationship, risk and scoring at least in [0297]-[0300], [0305]-[0306]. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.

As per claim 11: Banerjee shows:
further comprising: 
in response to the determination that the at least one candidate URL resolves to a website of the first vendor, generating, by the one or more processors, a plurality of additional candidate URLs where each of the plurality of additional candidate URLs comprises the first information and different second information, and where the different second information corresponds to a particular company that is different from the first company
In [0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website reads on the claim limitations above.
Further, [0069], [0120]-[0121], [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above.
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective. 
determining 
if one or more candidate URLs of the plurality of additional candidate URLs resolves to additional websites of the first vendor ([0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website); and 
if at least one validated candidate URLs of the plurality of additional candidate URLs resolves to a website of the first vendor ([0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website. [0054]: where Banerjee analyzes websites and their contents to determine risk score for a particular site as well as other measures of safety);
adjusting, by the one or more processors, cybersecurity risk scores for each of one or more additional companies associated with validated candidate URLs of the plurality of additional candidate URLs based on the cybersecurity posture of the first vendor to produce an adjusted cybersecurity risk score for each of the one or more additional companies ([0091]-[0092]: where scores are adjusted using additional criteria. [0131] - [0139]).

As per claims 12: Banerjee shows:
further comprising:
in response to the determination that the at least one candidate URL resolves to a website of the first vendor, generating by the one or more processors, a plurality of additional candidate URLs where each of the plurality of additional candidate URLs comprises different first information and the second information, and where, for each of the plurality of additional candidate URLs, the different first information corresponds to a vendor other than the first vendor
In [0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website reads on the claim limitations above.
Further, [0069], [0120]-[0121], [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above.
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective; 
determining if: 
one or more candidate URLs of the plurality of additional candidate URLs resolves to a website of a particular vendor other than the first vendor, and at least one candidate URL of the plurality of additional candidate URLs resolves to a website of a particular vendor ([0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website): 
determining, by the one or more processors, a cybersecurity posture for each particular vendor associated with one of at least one validated candidate URLs of the plurality of additional candidate URLs ([0028]-[0034]: where Banerjee analyzes the content of the website and also any links that are associated with the website. [0054]: where Banerjee analyzes websites and their contents to determine risk score for a particular site as well as other measures of safety); and 
adjusting, by the one or more processors, the cybersecurity risk score of the first company based, at least in part, on the cybersecurity posture for each particular vendor ([0091]-[0092]: where scores are adjusted using additional criteria. [0131] - [0139]).

Claims 4-5, 16-17 and 23-24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Banerjee; Anirban et al. (US 2010/0186088), further in view of Mauseth; Michael Jon et al. (US 2008/0270209), CHITNIS; UPENDRA et al. (US 2009/0210419), Otey; Matthew Eric et al. (US 8,595,240) and Meyers, JR.; David Lloyd et al. (US 2015/0154156).

As per claims 4, 16 and 23: Banerjee shows:
where the first information corresponds to a domain of the first vendor and the second information corresponds to a directory that is associated with the first company and is within the domain of the first vendor.
Applicants originally submitted specification shows the above claim at least in 0040 – websites of a company hosted by salesforce.com – “for a particular vendor (e.g., the owner of the domain "genericwebsite.com"), and may indicate that the set of candidate URLs included one thousand candidate URLs (each associated with a different company) of a second template type (e.g., https://<company>.my.salesforce.com).
In light of this description, Banerjee in view of Mauseth and Chitnis does not explicitly show “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period”.
In [0068]: where Banerjee shows a list or menu of options to choose from this reads on "directory" in the claim.
However, Myers shows “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period” at least in FIG. 2A, par 40 – FIG. 2A shows URL as https://company.cloudstorageprovider.com.
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Meyers in the system of Banerjee, in order to provide URLs to documents on known cloud storage providers typically have recognizable patterns which may be identified utilizing the pattern matching techniques described above.  A configurable list of supported cloud storage providers and their URL textual patterns may be maintained in the registry or other settings configuration file, as is well-known in the art as taught by Meyers can be made more efficient and effective.

As per claims 5, 17 and 24: Banerjee shows:
further comprising: appending the second information corresponding to the directory that is associated with the first company to the first information corresponding to the domain of the first vendor to form a first candidate URL in which the first information is followed by the second information.
Applicants originally submitted specification shows the above claim at least in 0040 – websites of a company hosted by salesforce.com – “for a particular vendor (e.g., the owner of the domain "genericwebsite.com"), and may indicate that the set of candidate URLs included one thousand candidate URLs (each associated with a different company) of a second template type (e.g., https://<company>.my.salesforce.com).
In light of this description, Banerjee in view of Mauseth and Chitnis does not explicitly show “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period”.
In [0068]: where Banerjee shows a list or menu of options to choose from this reads on "directory" in the claim.
However, Myers shows “in which the second information is followed by the first information, and wherein the second information is separated from the first information by a period” at least in FIG. 2A, par 40 – FIG. 2A shows URL as https://company.cloudstorageprovider.com.
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Meyers in the system of Banerjee, in order to provide URLs to documents on known cloud storage providers typically have recognizable patterns which may be identified utilizing the pattern matching techniques described above.  A configurable list of supported cloud storage providers and their URL textual patterns may be maintained in the registry or other settings configuration file, as is well-known in the art as taught by Meyers can be made more efficient and effective.

Claims 7, 18 and 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Banerjee; Anirban et al. (US 2010/0186088), further in view of Mauseth; Michael Jon et al. (US 2008/0270209), CHITNIS; UPENDRA et al. (US 2009/0210419), Otey; Matthew Eric et al. (US 8,595,240) and Fox; Barbara Ann (US 2011/0035287).

As per claims 7, 18 and 26: Banerjee shows:
further comprising: identifying additional services used by the first company and that are offered by additional vendors that are different from the first vendor based on other information sources where the other information sources comprise one or more of network footprints of one or more of the additional vendors, social network information, and press release information for one or more of the additional vendors.
Banerjee shows (([0003]), social network information ([0003]), press release information for one or more of the additional vendors, or a combination thereof ([0081]-[0085])).
However, Banerjee does not explicitly show the step of checking if a company uses a service offered by the vendor.  
Further, [0069], [0120]-[0121], [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.
It should be noted that Banerjee, Mauseth, and Chitnis do not show the claim limitations "based on other information sources, wherein the other information sources include network footprints of one or more of the additional vendors”.
However, Fox shows the above limitation at least in [0109]: which shows social media and digital footprints, [0169], [0213], [0243], [0231], [0353], [0409]. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Fox in the system of Banerjee, in order to provide for a system that enables the storing of data related to the creation and/or development, processing and/or fulfillment, publication and/or management of digital media commerce services based upon data and/or information regarding the digital media commerce user, including all histories of usage, commercial terms, payments, technical, and/or communications usage in conjunction with the digital media commerce service as taught by Fox so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.

Response to Arguments
Applicant’s Argument #1
Applicants argue on page(s) 11-13 of applicants remarks that the prior art does not show “generating a set of candidate universal resource locators (URLs) associated with a first vendor of the one or more vendors, where at least one candidate URL in the set of candidate URLs comprises first information corresponding to a website attributable to the first vendor and second information corresponding to the first company where the first vendor and the first company are different entities”. Further, applicants argue that (see applicants’ remarks for more details). 
Response to Argument #1
Applicants' arguments have been fully considered; however, the examiner respectfully disagrees.
Regarding the claim limitations below:
“generating a set of candidate universal resource locators (URLs) associated with a first vendor of the one or more vendors, where at least one candidate URL in the set of candidate URLs comprises first information corresponding to a website attributable to the first vendor and second information corresponding to the first company where the first vendor and the first company are different entities” 
The claim limitation above is discussed in applicants’ originally submitted specification in [0035]-[0036], in light of this description:
Banerjee shows in [0044] Undesirable websites can be grouped according to their role and function as follows.  [0045] Typosquatting or URL hijacking sites: An entity registers a website name similar to that of a popular site in order to "poach" the users who mistype the name.  For example, goole.com prompts users to query ask.com a direct competitor of google.com.  [0046] Phishing, pharming, and identity theft sites: Often enabled by email spam, which contains hyperlinks to web-pages that attempt to steal the users identity.  The email and the sites usually masquerade as financial institutions and use clever techniques to coerce the user, e.g. "Your checking account will be frozen unless you act immediately".  [0047] Virus-propagating sites: Bogus sites that are created to contaminate the computers of users that visit them.  Such sites can also use email spam to attract users.  [0048] Code-injection sites: Legitimate sites that themselves have been compromised and behave like virus propagation sites without the knowledge of their owner, or that display unsafe web advertisements. [0049] Sites with undesirable or offensive content: Sites use typosquatting, as described above, to "push" undesirable content to unsuspecting users.  An example is dosney.com, which ultimately leads to an adult content site, in stark contrast to the intended site disney.com. [0051] The present system provides an efficient system and method to identify rogue websites.  The present system is capable of being integrated into current software systems such as email clients or servers, web-browsers, search-engine mechanisms.  It can also form the basis of a stand-alone tool that can assess the safety of a web-site. [0052] The present system allows individual users to customize and implement the level of security they each require and the level of detail to which they desire to be informed with regard to the security status of a website. 
Banerjee shows [0068] Another object of the present system is to assess the problem of typosquatting for a given website.  According to one embodiment, given a website name (whether in use or under consideration before use) the present system provides a detailed report which includes: (a) a list of all possible similar names with 1 to k letter variations, where k is a user defined parameter, and variations include additions, removal, and substitutions of letters in the name; (b) a list of all registered and non registered names among that set of names; and (c) a classification of the registered names as: legitimate or incidentally similar and the type of business they are in, or as rogue web-sites and the type of threat they represent, including malware spreading, identity-theft, and parked domains (parked domains are domain names that are registered, but they do not point to a specific site, but instead point to a dynamically created site). This reads on the above claim limitation, specifically the claim limitation “generating a set of candidate universal resource locators (URLs) associated with”
Banerjee further shows Abstract, [0004]: where the first input includes URL for a webpage. Further, Banerjee shows website registration date and entity name check, it also shows checking for the name of the company that owns the site [0133]. The company that owns the website or URL reads on the "company" in the claim. Further, in [0081]-[0082] of Banerjee shows checking of links for advertisements on the website. Here, the entity that provides these advertisements for its products or services may read on "first vendor" in the claim. 
It should be noted that even though Banerjee shows checking for advertisement links (see [0024], [0025], [0028, [0044], [0081]-[0082], [0094]-[0098]), Banerjee does not explicitly show a merchant who is advertising these links for products and services on the company website. As such, Banerjee does not show “first vendor” to a level of anticipation of the functional limitation “first vendor” based on the description of this claim term in the specification. 
However, Mauseth shows “first vendor” at least in Fig. 1, [0031]. Further, [0198]-[0207] where Mauseth shows “hosting provider”, which reads on the claim above. 
“The combination of familiar elements according to known methods is obvious when it does no more than yield predictable results.”  KSR Int’l Co. v. Teleflex, Inc., 550 U.S. 398, 416 (2007).  Modifying the “advertising links analysis” of Banerjee to include the “merchant scoring” as described by Mauseth when performing the identification of phishing, phony and malicious websites of Banerjee yields the predictable result of a method that integrates merchant scoring functionality when analyzing advertising links to more efficiently and effectively identify phishing, phony and malicious websites. 
It would have been obvious to one of ordinary skill in the art at the time the invention was made to provide the teachings of Mauseth in the system of Banerjee, in order to provide for a system that analyzes a website and classifies it along several dimensions of danger and concerns, which include the likelihood of: [0029] compromising the computer of the user, [0030] conducting identity theft or financial-level misbehavior, [0031] annoying behavior, such as customer redirection away from the desired site, [0032] displaying an unsafe web advertisement, and [0033] exposure to undesirable or inappropriate content as taught by Mauseth so that the process of managing identification of malicious and phony websites as taught by Banerjee can be made more efficient and effective.

Applicant’s Argument #2
Applicants argue on page(s) 12-14 of applicants remarks that the prior art and the other dependent claim limitations do not show the limitations argued in argument #1 (see applicants’ remarks for more details). 
Response to Argument #2
Applicants' arguments have been fully considered; however, the examiner respectfully disagrees.
Applicants arguments related to argument #1 have been addressed above in response to argument #1 as being unpersuasive. As such, the other arguments that are all based of argument #1 are also unpersuasive for the same reasons as above.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
(US 20010037253), Kensey, Lanard M. Secure format system for carrying out on-line purchasing of products. Here, particularly refer to at least [0021], [0026]-[0031].
(US 2005/0114484), Wilson, Richard Phillip et al. System and method for extensions to the current Domain Name System which include top level domains that create more available domain names. Here, particularly refer to at least [0011], [0025], [0054].
(US 2006/0218151) Adelman; Warren et al. Use of a database storing domain names and business operational areas. Here, particularly refer to at least [0007], claims 1-7.
(US 2008/0270203) Holmes; Robert et al. Assessment of Risk to Domain Names, Brand Names and the Like. Here, particularly refer to at least [0117], claims 1, 22, 23-25.
(US 2009/0171678) Zimmerman; Michael et al. PROTECTING DOMAIN NAMES FROM UNDESIRED TRANSFER. Here, particularly refer to at least [0004], claims 5, 10.
(US 2009/0234812) Gupta; Narendra et al. Using web-mining to enrich directory service databases and soliciting service subscriptions. Here, particularly refer to at least [0031], claims 4 and 14.
(US 2015/0039599), Carroll; James et al. METHODS AND SYSTEMS FOR RECOMMENDING TOP LEVEL AND SECOND LEVEL DOMAINS. Here, particularly refer to at least [0133]-[0143], [0150]-[0169].
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NANCY PRASAD whose telephone number is (571)270-3265.  The examiner can normally be reached on M-F: 8:00 AM - 4:30 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Patricia Munson can be reached on (571)270-5396.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/N.P/           Examiner, Art Unit 3624                                                                                                                                                                                             /PATRICIA H MUNSON/Supervisory Patent Examiner, Art Unit 3624