Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments, have been persuasive as claim 10 was not addressed in the previous office action.
Examiner has included the new claim limitation in the rejection of claims 1, 11, and 20, but the prior art remains the same.
New claim 21, has also been addressed.




Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 11, 20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Wright US 2018/0046796.


As per claims 1, 11, 20 Wright teaches A method comprising: initializing, by one or more processors, a media monitoring algorithm, wherein the media monitoring algorithm scans for one or more words relating to a data breach in publicly available reports; responsive to identifying a report from the publicly available reports relating to a vulnerability associated with the data breach, determining, by one or more processors, whether the vulnerability is associated with event data utilized for an authentication process; and responsive to determining the vulnerability is associated with a portion of the event data utilized for the authentication process, based on a time period fencing, by one or more processors, the portion of event data received during the 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


 Claims 2, 12, 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Wright US 2018/0046796 in view of Forman US 2008/0216172
As per claims 2, 12, 21 Wright teaches The method of claim 1, further comprising: receiving, by one or more processors, the event data for one or more applications operating on a device associated with the user, wherein the event data includes the portion of event data associated with the vulnerability; and storing, by one or more processors, the event data for the one or more applications operating on the device associated with the user, [0018][0019][0023] 
Wright does not explicitly teach generating an authentication question.

Forman teaches wherein a previous event from the event data is utilized for generating an authentication question. [0048][0087]  (teaches authentication question generation from event data) 
It would have been obvious to one of ordinary skill in the art to use the dynamic question generation of Forman with the previous art because it increases security.
Claims 3, 4, 7-9, 13, 14, 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Wright US 2018/0046796 in view of Forman US 2008/0216172
As per claims 3, 13 Wright teaches the method of claim 2, further comprising: responsive to determining the vulnerability has been resolved, removing, by one or more processors, the fence on the portion of event data associated with the vulnerability, wherein removing the fence allows utilization of the portion of event data for the authentication process. [0058][0060][0062] [0064] (access policies and remediation in combination with policies that allow credential usage after a period of time)As per claims 4, 14  Wright teaches The method of claim 2, further comprising: responsive to 

As per claims 7, 17 Wright teaches The method of claim 2, further comprising: responsive to determining the vulnerability is associated with an entity, fencing, by one or more processors, the portion of event data associated with the entity for a time period. [0036][0037][0053][0058][0059][0064] (teaches credential vulnerability and mitigating access/credentials associated with the user, and credentials associated with a time period and additionally changing access policies of credentials based on a time period/security policy based on a timer)As per claims 8, 18  Wright teaches The method of claim 2, further comprising: responsive to determining the vulnerability is associated with a technology system, fencing, by one or more processors, the portion of event data associated with the technology system, along with the device associated with the user operating the technology system. [0036][0037][0053][0058][0059] (teaches credential vulnerability and mitigating access/credentials associated with the user)

Claims 5, 6, 15, 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Wright US 2018/0046796 in view of Forman US 2008/0216172 in view of Sharp-Paul US 11,023,610
As per claims 5, 15 Sharp Paul teaches The method of claim 2, further comprising: responsive to flagging the one or more words relating to a data breach in the report from the publicly available reports, determining, by one or more processors, whether the report relates to the vulnerability or if the report with the one or more flagged words is extraneous. (Column 4 lines 28-55) (Column 6 lines 30-55) (teaches using keywords to determined data breaches/credentials, and also determining if the report does not imply an actual breach of data.  Examiner asserts that these means the keywords are extraneous, as implied in the Applicants specification, that general reports do not indicate a specific breach of data)


Sharp Paul teaches wherein the entity is selected from a group consisting of a company, a data center location, a mobile application, a program, and an operating system; identifying, by one or more processors, a sector associated with the vulnerability, wherein the sector represents a category in which the vulnerability occurred; and identifying, by one or more processors, a time period associated with the vulnerability, wherein the time period represents a time window in which the vulnerability occurred (Column 4 lines 13-25; 55-67) (breach profile includes a time period and a company/sector key search terms)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833.  The examiner can normally be reached on M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.