DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Examiner's Amendment
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given in a telephone interview with Ryan McCarthy (Reg. No. 50,636) on 11/30/2021. The application has been amended as follows: 
In the claims: 
Please amend claim 19 as follows:
--

Claim 19:
19. A system, comprising:
one or more computers; and
a computer-readable storage device coupled to the one or more computers and having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations for applying remediations for cyber security in enterprise networks, the operations comprising:
…

--------------------------------------END OF EXAMINER’S AMENDMENT----------------------------

Allowable Subject Matter
Claims 1-27 are allowed. The following is a statement of reasons for the allowance:
The prior art on record:

Prior art Keller (Pub. No.: US 2017/0163506) teaches notification of an event related to a performance degradation in a network node of a plurality of network nodes in a network is received. The notification is forwarded to a client device. Cache priming is performed based, at least in part, on a network graph that defines connectivity among at least some of the plurality of network nodes. Cache priming includes determining a set of impacted network nodes of the plurality of network nodes that is impacted by the performance degradation based on the connectivity defined by the network graph. 
Prior art Dominessy et al. (Patent No.: US 10,868,825) teaches a network security and threat assessment system is configured to determine, based on one or more events that have occurred during execution of one or more applications, a potential security vulnerability of a target computing system, where the one or more events correspond to a node represented in the hierarchical risk model. The system is further configured to identify, based on a mapping of the node represented in the hierarchical risk model to a node represented in a hierarchical game tree model, one or more actions that are associated with the potential security vulnerability and that correspond to the node represented in the hierarchical game tree model. 
However, none of cited prior art teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims. Specifically, the cited prior art on record does not specifically disclose, teach or suggest as a whole the limitation “providing, by a security platform, graph data defining a graph that is representative of an enterprise network, the graph comprising nodes and edges between nodes, a set of nodes representing respective assets within the 
determining, by the security platform, multiple sets of fixes for respective configurations, each fix in a set of fixes having a cost associated therewith;
incorporating, by the security platform, fix data representative of the multiple sets of fixes into the graph;
defining, by the security platform, a set of fixes comprising one or more fixes from the multiple sets of fixes by defining an optimization problem that identifies one or more impacts that are to be nullified and executing resolving the optimization problem to define the set of fixes, each fix in the set of fixes being associated with a respective configuration in the graph; and
scheduling, by the security platform, performance of each fix in the set of fixes based on one or more operational constraints” including all the other limitation recited in the independent claims.
The limitations of the independent claims were searched, but did not result in any applicable prior art.  Each of the independent claims as a whole are clearly distinguished from the prior art, and thus allowed.  
Dependent claims 2-9, 11-18 and 20-27 are also allowed for incorporating the allowable feature recited in the independent claims. 
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. See PTOL-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MENG LI/
Primary Examiner, Art Unit 2437