Notice of Pre-AIA  or AIA  Status
Claims 1-20 remain for examination.  The amendment filed 2/4/22 amended claims 1, 3-10, 13-15, 17, 18, & 20.  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments, see pages of the amendment filed 2/4/22, with respect to the rejection(s) of claim(s) 1-20 under Cole and/or Nandha Premnath have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of the newly discovered reference to Kim.

Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-3, 6-17, 19 & 20 are rejected under 35 U.S.C. 103 as being unpatentable over Cole in view of Kim in view of Nandha Premnath (U.S. Patent Publication 2018/0205749).

Regarding claims 1, 8, and 15:
Cole discloses a system, method, and corresponding non-transitory medium for assessing vulnerabilities of a networked system, comprising: a non-transitory memory (e.g. claim 37); and one or more hardware processors coupled with the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations (Ibid) comprising: monitoring, using a first device and based on a first perspective external to the networked system (external scanning disclosure at paragraphs 0349-0384) and determining a plurality of access points usable for gaining access to the networked system (paragraph 0417 & 0420); determining that a subset of the plurality of open access points corresponds to a first vulnerability among a plurality of known network vulnerabilities (Ibid); analyzing, using a second device and based on a second perspective internal to the networked system, a portion of the networked system accessible through the subset of the plurality of open access points (internal scanning disclosure at paragraphs 0385-0427; note paragraph 0390 which confirms that embodiments comprising both external and internal scanning are permitted); determining an impact of the first vulnerability to the networked system based at least in part on the analyzing (paragraph 0348, including the Impact element of the accompanying table); and determining a severity of the first vulnerability for the networked system based on the impact (calculating the Found Score, at e.g. paragraphs 0379-0380, & 0425-0427). 
Although Cole discloses detecting open access points, for the purpose of ensuring that they are properly configured to only allow authorized resources to connect to the network (paragraph 0420), this is construed by Cole as part of an internal perspective rather than an external perspective.  However, Nandha Premnath discloses a related invention for detecting rogue access points (e.g. paragraph 0020), i.e. open access points deployed by attackers in external public spaces to masquerade as a legitimate access point for one’s networks, intended to eavesdrop and steal confidential information (paragraph 0016), noting that his invention differs from other scanners in that scanners intended to be used internally may not be able to detect hostile external access points (paragraph 0019).  Thus, it would have been obvious prior to the effective filing date of the instant application for Cole to include a scan for rogue access points as part of his external scanning process, as this was a known option within the grasp of a person of ordinary skill in the art, in order to block external threats to the network (Ibid).
	Neither Cole nor Nandha Premnath disclose wherein the impact represents at least one of a potential exposure of a particular type of data or a potential interruption of a service due to an attack associated with the first vulnerability.  However, Kim discloses a related invention for detecting potential vulnerabilities in a network system wherein the impact of the potential vulnerabilities recorded in the vulnerability database may include inter alia interruption of normal service or leaking, modification, or deletion of data (Kim, paragraphs 0013, 0016 and 0038-0039).  Note also that although the preferred embodiment of Kim applies to firewalls, Kim teaches that it can be extended to apply to routers and gateways (i.e. access points: see Kim, paragraph 0042).  It would have been obvious prior to the filing date of the instant application to use the known impact of potential vulnerabilities as a factor in determining the severity of a vulnerability, as doing so can allow one to detect vulnerabilities in a quick manner without occupying excessive web server resources (Kim, paragraphs 0007 & 0038).

Regarding claim 2 and 16:	The combination further discloses wherein the first vulnerability is associated with a particular network communication protocol (Cole, e.g. paragraphs 0371-0372 & 0377). 
Regarding claims 3 and 17:	The combination further discloses wherein the first vulnerability is associated with the service provided by the networked system (Cole, paragraphs 0377-0378, 0383, 0418, & 0421). 

Regarding claim 6:	The combination further discloses wherein the analyzing the portion of the networked system further comprises determining a set of services provided by the networked system through the subset of the plurality of open access points (Cole, paragraphs 0417-0421). 

Regarding claim 7:	The combination further discloses wherein the determining the impact comprises determining a type of service that can be interrupted based on the attack on the networked system (Cole, paragraph 0348; see also protocol types of paragraph 0231). 

Regarding claim 9:	The combination further discloses wherein the networked system is configured to provide a set of services via the one or more of the plurality of open access points, and wherein a first impact determined for a network vulnerability in the subset of the plurality of network vulnerabilities represents an amount of time that the set of services will be interrupted based on a potential attack on the networked system by exploiting the first network vulnerability (Cole: paragraphs 0377-0378, 0383, 0418, & 0421). 
Regarding claim 10:	The combination further discloses: determining a correlation between a first network vulnerability and one or more of the plurality of open access points, wherein the correlation indicates that the one or more of the plurality of access points are usable to exploit the first network vulnerability within the networked system (paragraphs 0417 & 0420); and in response to determining the correlation, including the first network vulnerability in the subset of the plurality of network vulnerabilities (Cole: Ibid). 

Regarding claim 11:	The combination further discloses presenting, on a device within the networked system, the ranking of the subset of the plurality of network vulnerabilities (Cole: e.g. Figures 10 & 27). 

Regarding claim 12:	The combination further discloses re-configuring the networked system based on the ranking of the subset of the plurality of network vulnerabilities (Cole: e.g. paragraph 0444). 

Regarding claim 13:	The combination further discloses wherein the re-configuring the networked system comprises modifying a security policy associated with at least one of the plurality of open access points (Cole: paragraph 0418). 

Regarding claim 14:	The combination further discloses wherein the re-configuring the networked system comprises closing at least one of the plurality of open access points (Cole: paragraph 0420). 

Regarding claim 19:
	The combination further discloses re-configuring the networked system based on the severity of the first vulnerability (Cole, e.g. paragraph 0444).

Regarding claim 20:
	The combination further discloses wherein the re-configuring the network system comprises at least one of modifying a security policy associated with accessing a data storage associated with a first network vulnerability or closing an access point to the networked system (Cole, paragraphs 0418-0420).

Claims 4, 5, & 18 are rejected under 35 U.S.C. 103 as being unpatentable over Cole in view Kim in view of Nandha Premnath as applied to claims 1 & 15 above, and further in view of Basavapatna (U.S. Patent Publication 2013/0191919).

Regarding claims 4 and 18:	Neither Cole, Kim, nor Nandha Premnath disclose wherein the operations further comprise determining a likelihood that an attack associated with the first vulnerability will occur based on at least one of the following factors: a number of available computer tools configured to exploit the first vulnerability, an amount of communication associated with the first vulnerability, a duration of time that the first vulnerability has been disclosed, or a number of previous attacks based on the first vulnerability, and wherein the severity of the first vulnerability is further based on the likelihood of the attack.  However, Basavapatna discloses a related invention for vulnerability assessment wherein that invention is capable of evaluating the risk to a network asset [i.e. the likelihood of it being attacked] via either or both of threat-centric analyses [i.e. known exploits for vulnerabilities] and vulnerability-centric analysis [i.e. what the Cole invention does] (paragraph 0072).  Of particular interest is that Basavapatna teaches calculating a risk score for a particular vulnerability with multiple known threat vectors by averaging out the individual risk scores for each threat, which necessarily entails knowing the number of available computer tools configured to exploit the vulnerability (paragraph 0081).  Thus, it would have been obvious prior to the effective filing date of the instant application to add a threat-based analysis to the vulnerability-based analysis performed by Cole, as doing so was a known option within the grasp of a person of ordinary skill in the art, as each approach has its own advantages (threat-centric approaches are easier for system administrators to implement, while vulnerability-centric approaches account for risks that threat-centric approaches might miss: Basavapatna, paragraph 0072).

Regarding claim 5:	The combination further discloses wherein the determining the severity comprises using a machine learning model to estimate the severity of the first vulnerability based on at least one of the factors and the determined impact of the first vulnerability to the networked system (Nandha Premnath, paragraphs 0020-0021). 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: U.S. Patent Publication 2020/0380160 (Kraus).
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THOMAS A GYORFI whose telephone number is (571)272-3849. The examiner can normally be reached 10:00am - 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

THOMAS A. GYORFI
Examiner
Art Unit 2435



/THOMAS A GYORFI/Examiner, Art Unit 2435                                                                                                                                                                                                        5/4/22

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435