DETAILED ACTION
Claims 1-5 and 7-20 are allowed.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Bhavani Rayaprolu (Reg. No. 56583) on May 20, 2022.
The application has been amended as follows: 

1.	(Currently Amended) A dynamic application testing and scoring system, comprising:
at least one processor;
a non-transitory processor readable medium storing machine-readable instructions that cause the processor to:
receive results from executing a plurality of tests on an application, wherein the plurality of tests test the application on tenets including security, compliance, compatibility and performance;
select one or more rulesets corresponding to criteria under each of the tenets, wherein the rulesets are selected based at least on a classification associated with the application;
determine outputs of the plurality of tests on the application, wherein the outputs indicate if the application has passed or failed each of the plurality of tests based at least on applying the rulesets to the results;
calculate an application trust score for the application based on the results, weightage of each of the tenets for the application, priority levels of the criteria and severity levels of the rulesets;
identify a position for the application on a scoring scale based on the application trust score, the position of the application being relative to a pair of trust threshold values 
receive feedback regarding the configured categorization of the application, wherein
if the feedback is not the same as the configured categorization, 
provide the feedback to a trained feedforward neural network that adjusts one or more of the pair of trust threshold values associated with the application on the scoring scale by:
for each of the rulesets implemented for the application,
	accessing historical data that includes categorizations provided by reviewers for a plurality of other applications;
	identifying from the historical data, severity levels of another application that implements the rulesets and the other application has same categorization in the historical data as the categorization of the application in the feedback; and
	adjusting the severity levels of the rulesets for the application to have identical values as the severity levels of the other application as obtained from the historical data; 
if the feedback is the same as the configured categorization,
initiate an automatic action

generate a report regarding the configured categorization of the application as provided in the feedback.

2.	(Currently Amended) The dynamic application testing and scoring system of claim 1, wherein to execute the automatic action the processor is to further:
upload the application to a publication database if the application is positioned above an upper trust threshold value of the pair of trust threshold values on the scoring scale; 
categorize the application for further analysis and development if the application is positionedbetween the upper trust threshold value and a lower trust threshold value of the pair of trust threshold values on the scoring scale; and
	reject the application for publication if the application is positioned below the lower trust threshold value on the scoring scale.

3.	(Currently Amended) The dynamic application testing and scoring system of claim 1, wherein to receive the feedback the processor is to further:
	provide determinations regarding the configured categorization of the application for validation to a reviewer
	

4.	(Currently Amended) The dynamic application testing and scoring system of claim 3, wherein the processor is to further:
	
	automatically adjust one or more of an upper trust threshold value and a lower threshold value of the pair of trust threshold values on the scoring scale, wherein the adjustment is based on output from the feedforward neural network in response to receiving the feedback.

5.	(Currently Amended) The dynamic application testing and scoring system of claim 4, wherein the processor is to further:
train the feedforward neural networkon the historical data that further includes determinations regarding publication, categorization for further development and rejection  of the plurality of other applications produced by the dynamic application testing and scoring system and validation data including feedback corresponding to the determinations from human reviewers for the plurality of other applications.

6.	(Canceled) 

7.	(Currently Amended) The dynamic application testing and scoring system of claim 1, wherein the pair of trust threshold values includes an upper trust threshold value and a lower trust threshold value that are configurable based on a degree of importance of each of the tenets configured for a particular classification of 

8.	(Original) The dynamic application testing and scoring system of claim 1, wherein the processor is to further:
	automatically update one or more of the rulesets in response to updates to one or more of the plurality of tests.

9.	(Original) The dynamic application testing and scoring system of claim [1]8, wherein the one or more of the plurality of tests are updated in response to reported Day 0 vulnerabilities that are detected for an operating system on which the application is installed.

10.	(Currently Amended) The dynamic application testing and scoring system of claim 1, wherein to execute the plurality of tests on the application the processor is to further:
	scan a file of the application for malware; and
	test

11.	(Currently Amended) The dynamic application testing and scoring system of claim 1, wherein to execute the plurality of tests on the application the processor is to further:
extract static image files included in files of the application by decompiling the files of the application; and
identify objects in the static image files by processing 

12.	(Original) The dynamic application testing and scoring system of claim 1, wherein to execute the plurality of tests on the application the processor is to further:
	test files of the application for device compatibility with one or more hardware platforms.

13.	(Original) The dynamic application testing and scoring system of claim 1, wherein the processor is to further:
	receive the weightage to be assigned to each of the tenets and for each tenet, the priority levels to be assigned to each of the criteria under that tenet.

14.	(Original) The dynamic application testing and scoring system of claim 1, wherein a first ruleset of the rulesets assigned under the compliance governs types of content that can be included in the application and wherein a second ruleset of the rulesets assigned under the compliance enforces privacy laws of a geographic locale associated with the application.

15.	(Original) The dynamic application testing and scoring system of claim 1, wherein the application permits financial transactions and a higher severity is associated with one or more of the rulesets governing login requirements under the security tenet.

16.	(Currently Amended) A method of dynamically testing and scoring applications comprising:
	executing a plurality of tests on an application, wherein the plurality of tests test the application on security, compatibility, compliance and performance tenets;
	selecting one or more rulesets to be applied to results of the plurality of tests, wherein the one or more rulesets are selected based on a classification of the application and the one or more rulesets determine compliance of the application with one or more criteria under the tenets;
determining outputs of the plurality of tests on the application, wherein the outputs indicate if the application has passed or failed each of the plurality of tests based at least on applying the rulesets to the results;
	determining an application trust score for the application based on degrees of importance of the tenets, priority levels of the criteria and severity levels of the rulesets;
	categorizing the application into one of a plurality of trust categories that include vulnerable, potentially vulnerable and safe categories based on the application trust score that determines position of the application on a scoring scale relative to a pair of trust threshold values;
	receiving feedback to an output including the categorization of the application into one of the plurality of trust categories, wherein:
if the feedback changes the trust category of the application, [[;]]
	providing the feedback to a trained feedforward neural network that adjusts the pair of trust threshold values associated with the application on [a]the scoring scale by:
		for each of the rulesets implemented for the application,
	accessing historical data that includes categorizations provided by reviewers for a plurality of other applications;
	identifying from the historical data, severity levels s and the other application has same categorization in the historical data as the categorization of the application in the feedback; and
		adjusting the severity levels of the rulesets s to the severity levels of the other application as included in the historical data; 
if the feedback does not change the trust category of the application,
	initiating an automatic action;
and
	generating a report regarding the categorization of the application as provided in the feedback.

17.	(Original) The method of claim 16, further comprising:
	providing a user interface with controls that permit overriding the severity levels for the rulesets for the application.

18.	(Currently Amended) The method of claim 16, wherein the pair of trust threshold values include a lower trust threshold value and an upper trust threshold value and the lower trust threshold value is based on a number of the rulesets and a lower limit of absolute weightage of the rulesets and the upper trust threshold value is based on the number of the rulesets and an upper limit of absolute weightage of the rulesets wherein the absolute weightage of the rule sets is a cumulative quantity including the degrees of importance of the tenets, the priority levels of criteria under the tenets and the severity levels of the rulesets. 
	
19.	(Currently Amended) A non-transitory processor-readable storage medium comprising machine-readable instructions that cause a processor to:
receive results from executing a plurality of tests on an application, wherein the plurality of tests test the application on tenets including security, compliance, compatibility and performance;
select one or more rulesets corresponding to criteria under each of the tenets, wherein the rulesets are selected based at least on a classification associated with the application;
determine outputs of the plurality of tests on the application, wherein the outputs indicate if the application has passed or failed each of the plurality of tests based at least on applying the rulesets to the results;
calculate an application trust score for the application based on the results, weightage of each of the tenets for the application, priority levels of the criteria and severity levels of the rulesets;
identify a position for the application on a scoring scale based on the application trust score, the position of the application being relative to a pair of values 
receive feedback regarding the configured categorization of the application, wherein:
if the feedback is not the same as the configured categorization, 
provide the feedback to a trained feedforward neural network that adjusts one or more of the pair of trust threshold values associated with the application on the scoring scale by:
for each of the rulesets implemented for the application,
	accessing historical data that includes categorizations provided by reviewers for a plurality of other applications;
	identifying from the historical data, severity levels of another application that implements the rulesets and the other application has same categorization in the historical data as the categorization of the application in the feedback; and
		adjusting the severity levels of the rulesets for the application to have identical values as the severity levels of the other application as given in the historical data; 
	 and if the feedback is the same as the configured categorization,
initiate an automatic action; 
and 
generate a report regarding the categorization of the application as provided in the feedback


20.	(Currently Amended) The non-transitory processor-readable storage medium of claim 19, the instructions to execute the automatic action cause the processor to:
upload the application to a publication database if the application is positioned above an upper trust threshold value of the pair of trust threshold values on the scoring scale; 
categorize the application for further analysis and development if the application is positioned below the upper trust threshold value and abovea lower trust threshold value of the pair of trust threshold values on the scoring scale; and
	reject the application if the application is positioned below the lower trust threshold value on the scoring scale.

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: The primary reason for the allowance of the claims is the inclusion of the limitation, inter alia, “receive results from executing a plurality of tests on an application, wherein the plurality of tests test the application on tenets including security, compliance, compatibility and performance; select one or more rulesets corresponding to criteria under each of the tenets, wherein the rulesets are selected based at least on a classification associated with the application; determine outputs of the plurality of tests on the application, wherein the outputs indicate if the application has passed or failed each of the plurality of tests based at least on applying the rulesets to the results; calculate an application trust score for the application based on the results, weightage of each of the tenets for the application, priority levels of the criteria and severity levels of the rulesets; identify a position for the application on a scoring scale based on the application trust score, the position of the application being relative to a pair of trust threshold values and the position corresponds to a configured categorization of the application into one of a plurality of trust categories that include safe, potentially vulnerable and vulnerable; and receive feedback regarding the configured categorization of the application, wherein if the feedback is not the same as the configured categorization, provide the feedback to a trained feedforward neural network that adjusts one or more of the pair of trust threshold values associated with the application on the scoring scale by: for each of the rulesets implemented for the application, accessing historical data that includes categorizations provided by reviewers for a plurality of other applications; identifying from the historical data, severity levels of another application that implements the rulesets and the other application has same categorization in the historical data as the categorization of the application in the feedback; and adjusting the severity levels of the rulesets for the application to have identical values as the severity levels of the other application as obtained from the historical data; if the feedback is the same as the configured categorization, initiate an automatic action; and generate a report regarding the configured categorization of the application as provided in the feedback". 
The following is considered to be the closest prior art of record:
Fong (US 2019/0197244) – teaches using machine learning to test vulnerabilities in an application based on a utilization score.
Titonis (US 2013/0097706) – teaches transmitting applications to be tested for anomalous and malicious behavior using machine learning and a risk score.
Patten (US 2021/0241279) – teaches generating a risk score for data using a feedforward neural network.
Cordes (US 2019/0156191) – teaches using machine learning such as a feedforward neural network to calculate a risk score for an action and notifying the police or emergency services based on the risk score.
Anderson (US 2019/0197357) – teaches using machine learning to calculate a trust score for an application based on a whitelist of known trustworthy applications.
Cannon (US 2021/0149658) – teaches calculating the risk score for a software update and notifying the user to update the software or not based on the risk score.
Patel (US 2021/0097168) – teaches categorizing the risk score on a scale from 0.0 to 1.0.
Jevans (US 2016/0112451) – teaches determining whether or not an application is malicious based on the application risk score and a risk score threshold. 
However, the concept of calculating an application trust score and configured categorization using feedback and a feedforward neural network as claimed cannot be found in the prior art of record.
None of the prior art of record, either taken by itself or in any combination, would have reasonably anticipated or made obvious the invention of the present application at or before the time it was effectively filed. The concepts and features, as claimed, are considered to be a non-obvious combination of limitations not taught in the prior art. Therefore, claims 1-5 and 7-20 are considered to be allowable.
According to MPEP 1302.14 (I): “In most cases, the examiner’s actions and the applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule. This is particularly true when applicant fully complies with 37 CFR 1.111 (b) and (c) and 37 CFR 1.133(b). Thus, where the examiner’s actions clearly point out the reasons for rejection and the applicant’s reply explicitly presents reasons why claims are patentable over the reference, the reasons for allowance are in all probability evident from the record and no statement should be necessary.”
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN B KING whose telephone number is (571)270-7310.  The examiner can normally be reached on Monday-Friday 10AM-6PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 5712728878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/John B King/
Primary Examiner, Art Unit 2498