DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
1.	The following is an examiner’s statement of reasons for allowance: Applicant’s arguments filed on 2/08/2022 are persuasive and the absence of references that clearly teach the invention set forth in the claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Claims 1-17 and 19-21 are allowed.

EXAMINER’S AMENDMENT
Authorization for this examiner’s amendment was given in an interview with Carl Kukkonen on 2/15/2022.
The application has been amended as follows: 


monitoring a plurality of events associated with each of a plurality of computing nodes forming part of a network topology, the network topology comprising antivirus tools to detect malicious software prior to it accessing one of the computing nodes;
determining, using a plurality of machine learning models, that at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools, the plurality of machine learning models being embodied in a plurality of machine learning packs, each pack being separate and distinct and identifying different types of malicious activity; and
preventing, based on the determining, the malicious software from continuing to execute 
wherein at least a portion of the machine learning packs are selected from a library of available machine learning packs in response to a software tool providing recommended machine learning pack selections after automatically exploring the network topology.

20. (Currently Amended) A system comprising:
at least one data processor; and
memory storing instructions which, when executed by the at least one data processor, implement operations comprising:
the[[a]] plurality of computing nodes forming part of a network topology, the network topology comprising antivirus tools to detect malicious software prior to it accessing one of the computing nodes;
            
            determining, using at least one machine learning model, that at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools; and
            preventing, based on the determining, the malicious software from continuing to execute;
wherein at least a portion of the machine learning packs are selected from a library of available machine learning packs in response to a software tool providing recommended machine learning pack selections after automatically exploring the network topology.

21. (Currently Amended) The non-transitory computer program product of claim 19, wherein the operations further comprise:

deploying the machine learning packs in the network topology.



Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLUGBENGA O IDOWU whose telephone number is (571)270-1450. The examiner can normally be reached Monday-Friday 8am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/OLUGBENGA O IDOWU/Primary Examiner, Art Unit 2494