Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

DETAILED ACTION
Claims 1-20 are presented for examination.


Information Disclosure Statement
No information disclosure statement (IDS) is submitted.

Drawings
The drawings filed on 10/30/2019 are accepted by the examiner.


Claim Rejections - 35 USC § 101
         35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim 19-20 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.            
Claim 19 recite “A machine-storage medium and storing a set of instructions that, when executed by a processor, causes a machine to perform operations comprising: receiving a message identifying …”, In specification of the instant application medium does not have a specific definition and does not limit the claimed medium from being a transitory medium such as signal.  Pending claims are interpreted as broadly as their terms reasonably allow. See In re Zletz, 893 F.2d 319 (Fed. Cir. 1989).  The broadest reasonable interpretation of a claim drawn to a machine-storage medium (also called machine readable medium and other such variations) typically covers forms of non-transitory tangible media and transitory propagating signals per se in view of the ordinary and customary meaning of computer readable media, particularly when the specification is silent (See MPEP 2111.01).  When the broadest reasonable interpretation of a claim covers a signal per se, the claim must be rejected under 35 U.S.C. §101 as covering non-statutory subject matter.  See In re Nuijten, 500 F.3d 1346, 1356-57 (Fed. Cir. 2007) (transitory embodiments are not directed to statutory subject matter) and Interim Examination Instructions for Evaluating Subject Matter Eligibility Under 35 U.S.C. § 101, Aug. 24, 2009; p. 2.
A claim drawn to such a machine-storage medium that covers both transitory and non-transitory embodiments may be amended to narrow the claim to cover only statutory embodiments to avoid a rejection under 35 U.S.C. § 101 by adding the limitation “non-transitory” to the claim.  Cf.  Animals – Patentability, 1077 Off. Gaz. Pat. Office 24 (April 21, 1987)

	
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


1.	Claims 1-4, 7-8, 10-13, 16-17, and 19-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Veselov et al. (US Patent No. 11,216,563, hereinafter “Veselov”).

Regarding claim 1, Veselov does disclose, a system comprising: at least one processor and memory having instructions that, when executed, cause the at least one processor to perform operations comprising: receiving a message identifying a software vulnerability (Veselov, (col. 6 lines 32-46), a user device 102 may transmit a request to the scanning service 110 for a particular security assessment of one or more instances of a virtual machine 112; (col. 21 lines 1-2), where … assessment result describing a security vulnerability); identifying a first plurality of snapshot images taken of a production machine and stored in a database (Veselov, (col. 7 lines 50-53), the snapshot data 146 may be stored with its own unique identifier as well as the identifier of the virtual machine instance from which the snapshot data 146 was derived; (col. 12 lines 27-28), where the virtual computing environment 304A may be a production environment), the first plurality of snapshot images including a first snapshot image including a first virtual machine, the identifying being based on the message (Veselov, (col. 8 lines 16-30), the scanning service 110 may obtain the snapshot data 146 from the snapshot storage service 146 and may process the snapshot data 146 to generate one or more assessment results. Processing the snapshot data 146 may require applying one or more rules, instructions, and/or transformations to the snapshot data 146. … … …. For example, the request to perform a security assessment may identify the desired security assessment, and the scanning service 110 may retrieve the security rules and other data for the identified assessment from the scan data store 130); identifying whether the first plurality of snapshot images includes the software vulnerability, the identifying including identifying whether the software vulnerability is included in the first virtual machine in the first snapshot image (Veselov, (col. 6 lines 66-67 – col. 7 lines 1-5), … enable the scanning service 110 to determine a timeline or history of modifications to the logical volume and/or virtual machine 112. For example, the scanning service 110 may use the timeline information to determine in which version of a logical volume  a particular setting was modified that exposed … a security vulnerability;  (col. 3 lines 1-18), the snapshot is prepared so that the security assessment produces the results that the scanning system otherwise would have obtained if the security assessment were performed on the original virtual machine instance. … … …. The scanning system may perform historical analysis of multiple sequential snapshots stored in a database, to identify changes in the virtual computing environment that may have caused or resolved certain vulnerabilities); and registering the software vulnerability in association with the first snapshot image in the database responsive to the identifying the first snapshot image of the first virtual machine includes the software vulnerability (Veselov, (col. 8 lines 38-50), request that the snapshot include only the subset of virtual machine instance data needed to perform the security assessment; determine whether to reconstitute an active duplicate virtual machine instance or to analyze the snapshot as a data file, as described below; … … … . The assessment results may be associated with the instance of the virtual machine 112 that was embodied in the snapshot data 146, and stored (i.e. registering) in a results data store 132 ….; (col. 10 lines 32-36),  if vulnerabilities are identified in the assessment results, comparing the assessment results to a remediation framework to identify one or more actions the user can take to address the vulnerabilities, and providing the identified actions to the user ).  

Regarding claim 2, Veselov further discloses, the system of claim 1, wherein the identifying the first plurality of snapshot images includes identifying the first plurality of snapshot images based on a timestamp associated with the software vulnerability (Veselov, (col. 6 lines 43-46), the virtualization layer 144 may be configured to, at the expiration of an interval of time, obtain and store snapshot data 146 of the virtual machine 112; (col. 7 lines 1-5), where the scanning service 110 may use the timeline information to determine in which version of a logical volume (e.g., boot volume) a particular setting was modified that exposed or repaired a security vulnerability).  

Regarding claim 3, Veselov further discloses, the system of claim 1, wherein the identifying the first plurality of snapshot images includes identifying the first plurality of snapshot images based on a configurable parameter (Veselov, (col. 15 lines 21-23), the security assessment is to be periodically repeated; and, a time period that serves as the interval between security assessments).  

Regarding claim 4, Veselov further discloses, the system of claim 3, wherein the configurable parameter includes a period of time (Veselov, (col. 15 lines 21-23), the security assessment is to be periodically repeated; and, a time period that serves as the interval between security assessments).  

Regarding claim 7, Veselov further discloses, the system of claim 1, wherein the message includes a software vulnerability identifier (Veselov, (col. 14 lines 66-67 – col. 15 lines 1-2), the scanning service 310 may obtain and present one or more rules packages that describe the security assessment tasks to be performed and vulnerabilities to be corrected to achieve a particular security goal for the target resources).  

Regarding claim 8, Veselov further discloses, the system of claim 1, wherein the software vulnerability includes a common vulnerability exposure (Veselov, (col. 14 lines 63-65), a commonly implemented security assessment, such as a Common Vulnerabilities and Exposures assessment).  

Regarding claim 10, the substance of the claimed invention is similar to that of claim 1. Accordingly, this claim is rejected under the same rationale.

Regarding claim 11, the substance of the claimed invention is similar to that of claim 2. Accordingly, this claim is rejected under the same rationale.

Regarding claim 12, the substance of the claimed invention is similar to that of claim 3. Accordingly, this claim is rejected under the same rationale.

Regarding claim 13, the substance of the claimed invention is similar to that of claim 4. Accordingly, this claim is rejected under the same rationale.

Regarding claim 16, the substance of the claimed invention is similar to that of claim 7. Accordingly, this claim is rejected under the same rationale.

Regarding claim 17, the substance of the claimed invention is similar to that of claim 8. Accordingly, this claim is rejected under the same rationale.

Regarding claim 19, the substance of the claimed invention is similar to that of claim 1. Accordingly, this claim is rejected under the same rationale.

Regarding claim 20, the substance of the claimed invention is similar to that of claim 2. Accordingly, this claim is rejected under the same rationale.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

2.	Claims 5-6, 9, 14-15, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Veselov et al. (US Patent No. 11,216,563, hereinafter “Veselov”) in view of Bernardini et al. (US Pub No. 2018/0336055, hereinafter “Bernardini”).

Regarding claim 5,  Veselov does disclose, the system of claim 1, wherein the registering the software vulnerability comprises: storing a virtual machine identifier in association with a software vulnerability identifier  in the database; [pushing patch information to first virtual machine in the production machine] based on the software vulnerability (Veselov, (col. 14 lines 41-46), various aspects of the security assessment(s) may be configured by user input, non-limiting examples of such aspects including: selection of the assessment target(s); parameters of the security assessment(s), such as tests or tasks to perform, types of vulnerabilities to evaluate; (col. 9 line 63), software patches applied). 
Veselov does not explicitly disclose but the analogous art Bernardini discloses, pushing patch information to first virtual machine in the production machine (Bernardini, (para, [0037]), the patch generator 224 can determine the set of relevant instance images (to apply the binaries to) based on the tracked modifications from the snapshots 230A-C and the list of changes associated with the patch. For example, assume that the patch includes an update to component A associated with image_meta 212. In this example, if the patch generator 224 determines from the snapshots of the instance images 210A-C that instance images 210A-B have component A but instance image 210C does not have component A (e.g., due to modification), the patch generator 224 may not apply the binary files to instance image 210C; (para, [0028]), security patches).  
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Veselov by including pushing patch information to first virtual machine in the production machine taught by Bernardini for the advantage of managing different virtual machine images 

Regarding claim 6,  the combination of Veselov-Bernardini does disclose, the system of claim 5, wherein the software vulnerability identifier identifies the software vulnerability (Veselov, (col. 14 lines 66-67 – col. 15 lines 1-2), the scanning service 310 may obtain and present one or more rules packages that describe the security assessment tasks to be performed and vulnerabilities to be corrected to achieve a particular security goal for the target resources) and wherein the virtual machine identifier identifies the first virtual machine (Veselov, (col. 7 lines 50-53), the snapshot data 146 may be stored with its own unique identifier as well as the identifier of the virtual machine instance from which the snapshot data 146 was derived).  

Regarding claim 9,  the combination of Veselov-Bernardini does disclose, the system of claim 1, wherein the message further includes patch information for remediating the software vulnerability and further comprising pushing the patch information to the production machine based on the software vulnerability (Bernardini, (para, [0037]), the patch generator 224 can determine the set of relevant instance images (to apply the binaries to) based on the tracked modifications from the snapshots 230A-C and the list of changes associated with the patch. For example, assume that the patch includes an update to component A associated with image_meta 212. In this example, if the patch generator 224 determines from the snapshots of the instance images 210A-C that instance images 210A-B have component A but instance image 210C does not have component A (e.g., due to modification), the patch generator 224 may not apply the binary files to instance image 210C; (para. [0028), the cloud management component 112 can receive available software updates that may apply to the virtual machines in the sub-cloud environments. Such software updates, for example, can include security patches, updated configurations, application changes, and so on).
Same motivation applies as to claim 5.

Regarding claim 14, the substance of the claimed invention is similar to that of claim 5. Accordingly, this claim is rejected under the same rationale.

Regarding claim 15, the substance of the claimed invention is similar to that of claim 6. Accordingly, this claim is rejected under the same rationale.

Regarding claim 18, the substance of the claimed invention is similar to that of claim 9. Accordingly, this claim is rejected under the same rationale.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MORSHED MEHEDI	whose telephone number is (571) 270-7640. The examiner can normally be reached on M - F, 8:00 am to 4:00 pm EST.    If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jeffrey L. Nickerson can be reach on (469) 295-9235. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from their Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (In USA or Canada) or 571-272-1000.

/MORSHED MEHEDI/Primary Examiner, Art Unit 2432