DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s remarks filed on 02/09/2022 have been fully considered. 
Regarding claim[s] 1 – 20 under the various obviousness rejections, applicant’s remarks are moot because the new ground of rejection does not rely on all of reference[s] applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Therefore, see the office action below. 
The examiner will answer all other remarks that do not concern the prior art rejections, if any, will be answered in the office action below. 
Applicant states on page[s] 7 of the remarks as filed: “As a preliminary matter, Applicant respectfully submits that Li fails to teach or disclose an end point scanning service, nor does Li teach or disclose client end points, as described within the application as filed.”

In response the examiner points out that applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
***The examiners remarks above applies to the same or similar remarks made on page[s] 8 regarding base claim[s] 8, 15 in the remarks as filed. 

Applicant states on page[s] 7 of the remarks as filed: “Applicant further submits that Li is not analogous art in that Li is not within the field of endeavor of the current application, nor is Li reasonably pertinent to the problem the application is addressing.”

In response the examiner points out that applicant's argument that the prior art of Li is non-analogous art, it has been held that a prior art reference must either be in the field of applicant’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the applicant was concerned, in order to be relied upon as a basis for rejection of the claimed invention.  See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992).  
***The examiners remarks above applies to the same or similar remarks made on page[s] 8 regarding base claim[s] 8, 15 in the remarks as filed. 

Applicant states on page[s] 7 and 8 of the remarks as filed: “As described within the Specification of the instant Application, client end points, which are “created as a result of custom web applications or third-party applications,” may not be secure and can be vulnerable to attack techniques. Clients may expose “REST APIs to the public internet to service many different types of customer requests. [Such REST APIs are] a commonly attacked threat vector by malicious actors that aim to hurt the business.” [0015] of the Application as filed.”

In response the examiner points to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e.,……client end points, which are “created as a result of custom web applications or third party applications,” may not be secure and can be vulnerable to attack techniques. Clients may expose “REST APIs to the public internet to service many different types of customer requests. [Such REST APIs are]…….etc.) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
***The examiners remarks above applies to the same or similar remarks made on page[s] 8 regarding base claim[s] 8, 15 in the remarks as filed. 

Applicant states on page[s] 8 of the remarks as filed: “Conversely, Li appears to be directed to physical security systems, such as home monitoring systems and tools used therein, such as cameras, audio sensors, LIDAR sensors, and the like.
Indeed, in showing a teaching of “end point scanning services”, the Office Action cites to Li where the “sensor feed can display a visual representation of a plurality of different types of sensor data, such as weather data, facial recognition data, optical character recognition data, thermal data, LIDAR data, and audio data”. 
Applicant respectfully submits that none of this sensor data can be said to teach or
disclose “end point scanning services” when read in light of the Specification, where such end point scanning services are disclosed in the realm of attacks on end points such as websites and other end points accessible via the internet. As such, Applicant respectfully submits that Li cannot be said to teach or disclose such an embodiment, and further that Li is non-analogous art.”

	In response the examiner points to the prior art of Li. Specifically, at Figures 3, and Col. 15, lines 36 - 52 and Figure # 6, and col. 17, lines 12 – 17, FIG. 6 illustrates a UI for a sensor feed of security data, in accordance with embodiments. The sensor feed can display a visual representation of a plurality of different types of sensor data, such as weather data, facial recognition data, optical character recognition data, thermal data, infrared data, LIDAR data, and audio data [i.e. applicant’s a selectable list of a plurality of end point scanning services]. The feed may include the raw sensor data, processed data, and/or analytics performed on the sensor data (e.g., by the security data system). In some embodiments, the UI [i.e. applicant’s user portal] presents a real-time sensor feed of security data, thus enabling a security analyst to monitor and/or respond to occurrences at a remote location in real-time. 
***The examiners remarks above applies to the same or similar remarks made on page[s] 8 regarding base claim[s] 8, 15 in the remarks as filed. 

***The examiner further notes that applicant didn’t make any specific remarks regarding dependent claim[s] 2 – 7, 9 – 14, 16 – 20 made on page[s] 8 of the remarks as filed. 

Response to Amendment
Status of the instant application: 
Claim[s] 1 – 20 are pending in the instant application. 
Regarding claim[s] 1- 20 under the various obviousness rejections, applicant’s claim amendments have been considered, therefore, the rejections are withdrawn.
However, there are new prior art rejections on the claims to address applicant’s newly added claim amendments. See the office action below. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the 

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim[s] 1, 5, 8, 12, 15, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. [US PAT # 10514837] in view of Nessland et al. [US PGPUB # 2008/0313005], further in view of Carpenter et al. [US PGPUB # 2016/0050225]
As per claim 1. Li does teach a system for abstracted analysis system design for a dynamic API scanning service [col. 1, lines 31 – 37, In some embodiments, the security systems described herein obtain security data from a plurality of security data sources, analyze the security data (e.g., to detect and/or predict the occurrence security events), and provide the analysis results to one or more customers of the security services.], comprising:
a cloud-based infrastructure comprising an autonomous transaction processing (ATP) database service [col. 9, lines 36 – 37, In some embodiments, such resources may include distributed ("cloud") computing resources. Where at col. 10, lines 6 – 11, The security data system 102 can be connected to the security data sources 104 using any suitable method, including wired or wireless communication (e.g., local cloud networks, WiFi, Ethernet, etc.). Where at col. 8, lines 65 – 67, and col. 9, lines 1 – 2, In some embodiments, the security data system uses the security data as a basis for controlling one or more autonomous data machines. For example, the system can command an autonomous data machine to monitor a specified environment, e.g., by collecting sensor data of the environment.];
a user portal [Figures: 3, 6,13,14, and col. 15, lines 36 – 41, FIG. 3 illustrates a control center interface for a security analyst, in accordance with embodiments. The interface can be used by the security analyst to view security data and/or analysis results, analyze data, monitor and/or direct the activity of various surveillance apparatus (e.g., autonomous data machines), and/or communicate with user entities.]; and
a database store [col. 3, lines 47 – 50, In some embodiments, the plurality of data sources comprises the security database, and the security database comprises historical security data for the monitored environment.];
wherein the ATP database service provides, via the user portal, a selectable list of a plurality………..scanning services [Figures 3, and Col. 15, lines 36 - 52 and Figure # 6, and col. 17, lines 12 – 17, FIG. 6 illustrates a UI for a sensor feed of security data, in accordance with embodiments. The sensor feed can display a visual representation of a plurality of different types of sensor data, such as weather data, facial recognition data, optical character recognition data, thermal data, infrared data, LIDAR data, and audio data [i.e. applicant’s a selectable list of a plurality of end point scanning services]. The feed may include the raw sensor data, processed data, In some embodiments, the UI [i.e. applicant’s user portal] presents a real-time sensor feed of security data, thus enabling a security analyst to monitor and/or respond to occurrences at a remote location in real-time.];
wherein the ATP database service runs containerized versions of the selection of each of the one or more……..scanning services targeted to a client end point [col. 8, lines 36 – 39, The security data obtained by one or more security data sources can be transmitted to a security data system. In some embodiments, the security data system receives data from a plurality of different data sources. Then at Figures 3, and Col. 15, lines 36 - 52 and Figure # 6, and col. 17, lines 12 – 17, FIG. 6 illustrates a UI for a sensor feed of security data, in accordance with embodiments. The sensor feed can display a visual representation of a plurality of different types of sensor data [i.e. containerized], such as weather data, facial recognition data, optical character recognition data, thermal data, infrared data, LIDAR data, and audio data. The feed may include the raw sensor data, processed data, and/or analytics performed on the sensor data (e.g., by the security data system). In some embodiments, the UI presents a real-time sensor feed of security data, thus enabling a security analyst to monitor and/or respond to occurrences at a remote location in real-time. The data can be obtained from one or more sensors of an autonomous data machine, as previously mentioned.]; and
wherein the ATP database service stores the results of the containerized versions of the selection of each of the one or more………scanning services at the database store [col. 3, lines 47 – 50, In some embodiments, the plurality of data 
	Li does not clearly teach wherein the ATP database service receives, via the user portal, a selection of one or more of the plurality of……….scanning services. 
	However, Nessland does teach wherein the ATP database service receives, via the user portal, a selection of one or more of the plurality of end point scanning services [paragraph: 0151, lines 18 – 23, a drop-down list of services 28 offered by the selected human resource (defined using the services list 20 in the human resource management form); and a list of packages currently on file for the selected customer.]. 
	It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Li and Nessland in order for the monitoring of security data of an environment by a autonomous data machine of Li to include real – time monitoring of Nessland. This would allow for the autonomous data machine to monitor the environment in real time and interact with the analysis of the collected security data instantly. See paragraph: 0024, lines 4 – 11, and paragraph: 0006 of Nessland. 
	Li and Nessland do not teach clearly application programming interface (API). 
However, Carpenter does teach application programming interface (API) [Figure # 1 and paragraph: 0037, lines 7 – 18, The data a user accesses is generally stored in the security database 116. To clarify, the UI module 123 (or an end user) [i.e. applicant’s user portal] cannot generally access the security database 116 [i.e. applicant’s ATP database service provides..etc.] directly as there is typically an access layer between the UI module 123 and the security database 116 generally being called the Web application programming interface (API) [i.e. applicant’s application programming interface (API)] that is a framework for building Hypertext Transfer Protocol (HTTP) services which functions as an access layer. The Web API [i.e. applicant’s application programming interface (API)] handles the authentication of a requesting user to see if they have permissions to view the security data, and returns the security data [i.e. applicant’s ] to the user if authorized.].
	It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Li as modified and Carpenter in order for the monitoring of security data of an environment by an autonomous data machine of Li as modified to include near real – time continuous monitoring of the environment to aggregate cyber-security state information and cyber-security risk data of Carpenter. This would allow for the autonomous data machine to monitor the environment in continuous manner and single point of interaction with the cyber-security data for formulating an threat analysis that provides: environment awareness, threat/vulnerability assessment, pre-emptive mitigation operations/techniques for the user. See paragraph: 0008, lines 1 – 12, and paragraph: 0009, lines 2 – 6 of Carpenter. 
As per claim 5. Li as modified does teach the system of claim 1, wherein, prior to the ATP database service storing the results of the containerized versions of the selection of each of the one or more API [Carpenter, Figure # 1 and paragraph: 0037, lines 7 – 18, Web API] scanning services at the database store, the results are normalized [Li, Figure # 1, and col. 10, lines 19 – 31, The security data system 102 can be implemented as a repository for storing and/or organizing security data originating from the security data sources 104 [i.e. normalizing]. The data may be stored in the data storage 108 of the system 102. For example, data obtained by the autonomous data machines 110 can be transmitted to the system 102 (e.g., as a real-time data stream) and accumulated within the data storage 108. The system 102 may be used to store all of the data obtained from the data sources 104.].
As per method claim 8 includes the same or similar claim limitations as system claim 1, and is similarly rejected. 
***The examiner further notes that applicant’s recited: “computer,” “microprocessor,” “memory,” and “cloud infrastructure,” are taught by the prior art of Li at col. 35, lines 59 – 67 and col. 36, lines 1 – 14. 
As per method claim 12 includes the same or similar claim limitations as system claim 5, and is similarly rejected. 

As per non-transitory medium claim 15 includes the same or similar claim limitations as system claim 1, and is similarly rejected.
***The examiner further notes that applicant’s recited “non-transitory computer readable storage medium,” is taught by the prior art of Li at col. 35, lines 59 – 67 and col. 36, lines 1 – 14.
As per non-transitory medium claim 19 includes the same or similar claim limitations as system claim 5, and is similarly rejected.

Claim[s] 2, 9, 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. [US PAT # 10514837] in view of Nessland et al. [US PGPUB # 2008/0313005] and Carpenter et al. [US PGPUB # 2016/0050225] as applied to claim[s] 1 above, and further in view of Kariv et al. [US PGPUB # 2011/0307947].
As per claim 2. Li and Nessland and Carpenter do teach what is taught in the rejection of claim # 1 above. 
Li and Nessland and Carpenter do not teach clearly the system of claim 1, wherein the ATP database service further receives one or more authentication tokens.
However, Kariv does teach the system of claim 1, wherein the ATP database service further receives one or more authentication tokens [paragraph: 0007, lines 11 – 18, The access gateway's access control decisions may be encapsulated in a security token generated by a security token service trusted by an access control component at the cloud facility. The user may submit this token to the access control component [i.e. applicant’s ATP database service] in the cloud as evidence that he is authorized to access the requested resource. If the access control component successfully verifies the security token, the user is granted access to the resource.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Li as modified and Kariv in order for the monitoring of security data of an environment by a autonomous data machine of Li as modified to include security policy of Kariv. This 
As per method claim 9 includes the same or similar claim limitations as system claim 2, and is similarly rejected. 

As per non-transitory medium claim 16 includes the same or similar claim limitations as system claim 2, and is similarly rejected.

Claim[s] 3, 4, 10, 11, 17, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. [US PAT # 10514837] in view of Nessland et al. [US PGPUB # 2008/0313005] and Carpenter et al. [US PGPUB # 2016/0050225] and Kariv et al. [US PGPUB # 2011/0307947] as applied to claim[s] 2 above, and further in view of Bauman et al. [US PAT # 6898711].
As per claim 3. Li and Nessland and Carpenter and Kariv do teach what is taught in the rejection of claim 2 above. 
Li and Nessland and Carpenter and Kari do not teach clearly the system of claim 2, wherein the one or more authentication tokens are received in conjunction with the selection of one or more of the plurality of……scanning services.
However, Carpenter does teach a Web based application programming interface (API) that authenticates an end user through a user interface (UI) before being given  [Figure # 1 and paragraph: 0037, lines 7 – 18], which meets applicant’s claim limitation of “API.”
However, Bauman does teach the system of claim 2, wherein the one or more authentication tokens are received in conjunction with the selection of one or more of the plurality of…….scanning services [col. 11, lines 47 – 51, Another technique to assist servers in detecting [i.e. applicant’s selection of one or more plurality of end point scanning services ] an attacker involves returning as much accurate information as possible regarding the reasons why a particular profile token [i.e. applicant’s authentication token] was considered invalid.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Li as modified and Bauman in order for the storing of the analysis of the security data of an environment by a autonomous data machine of Li as modified to include encrypting the analysis data of the monitored security data of Bauman. This would allow for a degree of protection of the analysis data while be while being stored. See col. 1, lines 58 – 62 of Bauman. 
As per claim 4. Li as modified does teach the system of claim 3, wherein the one or more authentication tokens are associated with the client end point [Kariv, paragraph: 0023, lines 1 – 11, In some embodiments, the access gateway may carry out an access control protocol with a user requesting access to a resource hosted in a cloud, and may communicate the outcome of the protocol to one or more access control components deployed in the cloud, which may ultimately grant or deny access to the if the user successfully completes an access request sequence, the access gateway may provide to the user a security token that the user can present to an access control component in the cloud as evidence that the user is authorized to access the requested resource.].
As per method claim 10 includes the same or similar claim limitations as system claim 3, and is similarly rejected. 

As per method claim 11 includes the same or similar claim limitations as system claim 4, and is similarly rejected. 

As per non-transitory medium claim 17 includes the same or similar claim limitations as system claim 3, and is similarly rejected.

As per non-transitory medium claim 18 includes the same or similar claim limitations as system claim 4, and is similarly rejected.

Claim[s] 6, 7, 13, 14, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. [US PAT # 10514837] in view of Nessland et al. [US PGPUB # 2008/0313005] and Carpenter et al. [US PGPUB # 2016/0050225] as applied to claim[s] 5 above, and further in view of Laverdiere-Papineau.
As per claim 6. Li and Nessland and Carpenter do teach what is taught in the rejection of claim # 5 above. 
Li and Nessland and Carpenter do not teach clearly the system of claim 5, wherein the normalized results are displayed, via the database stored, wherein the display comprises a list of found security vulnerabilities of the client end point.
However, Laverdiere – Papineau does teach the system of claim 5, wherein the normalized results are displayed, via the database stored, wherein the display comprises a list of found security vulnerabilities of the client end point [paragraph: 0027, lines 1 – 7, Once the static analysis tool 118 has detected security vulnerability in the program code, the IDE may use a vulnerability parser (not shown) to present the detected security vulnerability to the user. Once one or more security vulnerabilities are detected and presented to the user, the composer 120 may determine at least one set of security solutions.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Li as modified and Laverdiere - Papineau in order for the monitoring of the security data of an environment by an autonomous data machine of Li as modified to include monitoring specifications of Laverdiere-Papineau. This would allow for the autonomous data machine to monitor the security data of the environment based on a configured monitoring specification of the various types of environments that can be monitored by the autonomous data machine. See paragraph: 00013 of Laverdiere-Papineau. 
As per claim 7. Li as modified does teach the system of claim 6, wherein the normalized results are displayed, via the database stored, wherein the display further comprises a list of actionable remedies for the client end point
As per method claim 13 includes the same or similar claim limitations as system claim 6, and is similarly rejected. 

As per method claim 14 includes the same or similar claim limitations as system claim 7, and is similarly rejected. 

As per non-transitory medium claim 20 includes the same or similar claim limitations of the combination of system claim[s] 6 and 7, and is similarly rejected.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/          Primary Examiner, Art Unit 2434