Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendments
The amended claims 1-5, 8-13, 15, 16, 18, 19 and 21 – 23 were considered under 35 USC 112, 101 and 103 for patentability over closest and analogous prior arts Gorodissky et al (US 20190149572), hereafter Gor and Dowd et al (US 7315801), hereafter Dow have been fully considered and are persuasive. Claim(s) 6, 7, 14, 17 and 20 is/are cancelled.

Allowable Subject Matter
1.	Amended claims 1-5, 8-13, 15, 16, 18, 19 and 21 – 23 are allowed in light of applicant’s arguments, approved examiner’s proposed amendments and in light of prior art(s) made of record. 

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.  Authorization for this examiner’s amendment was given in an interview with Wesley Austin (attorney) for filed amended claims on 10-12-2021:
1. (Currently Amended): A system for generating a cyber-attack to penetrate a network, the system comprising: an identification module configured to identify at least one vulnerability of the network by examining at least one of a node of the network, data transmission within the network, or data received from a cyber defense mechanism; a generation module configured to generate a cyber-attack based on the at least one vulnerability of the network, and a goal to be achieved by the cyber-attack, wherein the generation module utilizes one or more machine learning techniques to generate the cyber-attack; a penetration module configured to penetrate the network with the cyber-attack, and determine an effectiveness rating of the penetration, wherein the effectiveness rating of the penetration is based on at least one of a success of the penetration, a technique used for penetration, and the goal to be achieved by the cyber-attack; and a feedback module configured to provide a feedback to the identification module based on at least the effectiveness rating of the penetration; and
a cyber defense mechanism configured to defend the network using a single defensive mechanism or a combination of defensive mechanisms based on the type of the reported cyber-attack and determining an effectiveness rating of the cyber defense mechanism based on the effectiveness of defending the network, wherein the effectiveness of the cyber defense mechanism is based on a combination of the effectiveness of each cyber defense mechanism to thwart a respective part of the cyber-attack; and providing feedback to the generation module and deployed in enterprise networks to help identify threats.
10. (Currently Amended): A method for generating a cyber-attack to penetrate a network, the method comprising: 
identifying at least one vulnerability of the network by examining at least one of a node of the network, data transmission within the network, or data received from a cyber defense mechanism; 
generating a cyber-attack based on the at least one vulnerability of the network, and a goal to be achieved by the cyber-attack, wherein the generation utilizes one or more machine learning techniques to generate the cyber-attack; 
penetrating the network with the cyber-attack, and determining an effectiveness rating of the penetration, wherein the effectiveness rating of the penetration is based on at least one of a success of the penetration, a technique used for penetration, and the goal to be achieved by the cyber-attack; 
providing a feedback to the identification module based on at least the effectiveness rating of the penetration; and
a cyber defense mechanism configured to defend the network using a single defensive mechanism or a combination of defensive mechanisms based on the type of the reported cyber-attack and determining an effectiveness rating of the cyber defense mechanism based on the effectiveness of defending the network, wherein the effectiveness of the cyber defense mechanism is based on a combination of the effectiveness of each cyber defense mechanism to thwart a respective part of the cyber-attack; and providing feedback to the generation module and deployed in enterprise networks to help identify threats.
12. (Currently Amended): A system for generating a cyber defense mechanism to secure a network, the system comprising: 
a generation module configured to receive threat intelligence data, which provides information regarding cyber-attacks associated with the network, and generate the cyber defense mechanism to prevent against a cyber-attack associated with the threat intelligence data, wherein the generation module utilizes one or more machine learning techniques to generate the cyber defense mechanism; 
a rating module configured to determine whether the cyber defense mechanism is successfully able to prevent the cyber-attack, and rate the cyber defense mechanism based on its effectiveness; 
Attorney's Docket No. a feedback module configured to provide feedback to the generation module based on at least a rating of the effectiveness of the cyber defense mechanism; and
a cyber defense mechanism configured to defend the network using a single defensive mechanism or a combination of defensive mechanisms based on the type of the reported cyber-attack and determining an effectiveness rating of the cyber defense mechanism based on the effectiveness of defending the network, wherein the effectiveness of the cyber defense mechanism is based on a combination of the effectiveness of each cyber defense mechanism to thwart a respective part of the cyber-attack; and providing feedback to the generation module and deployed in enterprise networks to help identify threats.
22. (Currently Amended): A method for generating a cyber defense mechanism to secure a network, the method comprising: 
receiving threat intelligence data, which provides information regarding cyber threats associated with the network; 
generating the cyber defense mechanism to prevent against a cyber-attack associated with the threat intelligence data, wherein the generation module utilizes one or more machine learning techniques to generate the cyber defense mechanism; 
determining whether the cyber defense mechanism is successfully able to prevent the cyber-attack, and 
rating the cyber defense mechanism based on its effectiveness; and 
providing feedback ; and
a cyber defense mechanism configured to defend the network using a single defensive mechanism or a combination of defensive mechanisms based on the type of the reported cyber-attack and determining an effectiveness rating of the cyber defense mechanism based on the effectiveness of defending the network, wherein the effectiveness of the cyber defense mechanism is based on a combination of the effectiveness of each cyber defense mechanism to thwart a respective part of the cyber-attack; and providing feedback to the generation module and deployed in enterprise networks to help identify threats.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
As to the independent claim 1, the prior art of reference Gor teaches [0029] vulnerability identification is typically achieved by using a pre-compiled knowledge base about known vulnerabilities, that depends on characteristics of the given network node; [0011] functionality of an attack function executing in a server…, where the server attempts to attack the tested networked system for the purpose of verifying that it can be compromised, [0125] a look-up table is available to a penetration testing system for determining the extent of expected damage from using active validation for validating any given vulnerability; [0015] the attack function is performed by execution of attack function code [0050] using both active and passive validation methods during a penetration testing campaign, [0125] where the look-up table returns a damage `score` based on the expected extent or severity of damage from using active validation for the specific type of vulnerability.

Further, a second prior art of record Dow teaches C5L20-23: simulation in real-time with the defender and attacker receiving feedback from the security modeling system based on current network status, time and resources expended, (C8L38-44) provides a score measuring a client's effectiveness which is based on their ability to attack identified critical resources, taking into account time and resources used. C5L11-17, 20-23: security modeling system scores the security system based on its effectiveness in defending critical resources based on its ability to defend critical resources with the least amount of time and resources expended; simulation in real-time with the defender and attacker receiving feedback from the security modeling system based on current network status, time and resources expended, (C8L38-44) provides a score measuring a client's effectiveness which is based on their ability to defend identified critical resources, taking into account time and resources used.

None of the other prior arts of record teach by themselves or in any combination, would have anticipated nor render obvious by combination the claimed invention of the present application at or before the time it was filed.  The prior arts of record fail to teach: a system for generating a cyber-attack to penetrate a network that includes an identification module configured to identify at least one vulnerability of the network by examining at least one of a node of the network, data transmission within the network, data received from a cyber defense mechanism; a generation module configured to generate a cyber-attack based on the at least one vulnerability of the network, and a goal to be achieved by the cyber-attack. The system includes a penetration module configured to penetrate the network with the cyber-attack and determine an effectiveness rating of the penetration; and a feedback module configured to provide a feedback to the identification module based on at least the effectiveness rating of the penetration.

Therefore, independent claim 1 and their corresponding dependent claims are allowed in light of applicant’s arguments, approved examiner’s amendments and prior arts of record. The same amendments and reasoning are applicable to independent claim(s) 10, 12 and 22 mutatis mutandis.  Claim(s) 6, 7, 14, 17 and 20 is/are cancelled.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See form PTO-892 Notice of References Cited.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Badri -- Champakesan whose telephone number is (571)270-3867.  The examiner can normally be reached on M-F: 7:45am-5pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T. Arani can be reached on 5712723787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/BADRINARAYANAN /Examiner, Art Unit 2496.