DETAILED ACTION
This Office Action is in response to the communication filed on 02/26/2021.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f): 
(f) ELEMENT IN CLAIM FOR A COMBINATION.—An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph: 
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph: 
(A) the claim limitation uses the term "means" or "step" or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B) the term "means" or "step" or the generic placeholder is modified by functional language, typically, but not always linked by the transition word "for" (e.g., "means for") or another linking word or phrase, such as "configured to" or "so that"; and 
(C) the term "means" or "step" or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word "means" (or "step") in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word "means" (or "step") in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word "means" (or "step") are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word "means" (or "step") are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word "means," but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitations use a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitations are: "execution manager subsystem," "results analyzer subsystem," and "fix orchestrator subsystem" as recited in claims 19-25 and 27-28 respectively.  
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitations: e.g. figs. 1-6, and [0049]-[0060] of the specification.
If applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitations to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitations recite sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Examiner's Amendment
An Examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicants, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner's amendment was given in a discussion with Seth H. Ostrow (Reg. No. 37,410) on 06/03/2022.
The application has been amended as follows:
Claim 19: 
	Lines 16-17: replace "validate success of the breach scenario based on the received results from the simulator nodes;" with --validate success of the breach scenario based on the received results from the simulator nodes, wherein the received results include a communication connection established, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts, and wherein the metadata facts include at least one of check-sum, file size, and regular expression;--
Claim 26: 
	(Canceled).
Claim 30: 
	(Canceled).
Claim 31: 
	Lines 15-17: replace "validating, by the processing device, success of the breach scenario based on the received results from the simulator nodes establishing a communication connection, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts;" with --validating, by the processing device, success of the breach scenario based on the received results from the simulator nodes, wherein the received results include a communication connection established, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts, and wherein the metadata facts include at least one of check-sum, file size, and regular expression;--
Claim 38: 
	(Canceled).
Claim 42: 
	(Canceled).
Claim 43: 
	Lines 1-4: replace "Non-transitory computer-readable media comprising program code that when executed by a programmable processor causes execution of a method for identifying breach vulnerabilities in a networked production environment including hardware components configured according to a security policy, the computer-readable media comprising:" with --A non-transitory computer-readable media comprising program code that when executed by a programmable processor causes execution of an operation for identifying breach vulnerabilities in a networked production environment including hardware components configured according to a security policy, the non-transitory computer-readable media comprising:--
	Lines 16-18: replace "computer program code for validating success of the breach scenario based on the received results from the simulator nodes establishing a communication connection, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts;" with --computer program code for validating success of the breach scenario based on the received results from the simulator nodes, wherein the received results include a communication connection established, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts, and wherein the metadata facts include at least one of check-sum, file size, and regular expression;--
Claim 50: 
	(Canceled).
Allowable Subject Matter
Claims 19-25, 27-29, 31-37, 39-41, and 43-49 are allowed.
Prior arts found:
Prior art US 8,272,061 discloses a method for evaluating access rules violations, the method includes: receiving, a model of a computer network; and determining security metrics associated with a violation of an access rule in response to: the model of the computer network, multiple network nodes of the computer network accessible according to at least one violated access rule or according to the network model, at least one vulnerability associated with the multiple network nodes, and damage associated with an exploitation of the at least one vulnerability.
Prior art US 2003/0182582 discloses a network security simulation system. The network security simulation system is capable of analyzing a hacking procedure through a simulation on a network. The network security simulation system is based on a component model base which librarizes each component of a network system as an object. The network system which is an analysis target can be freely designed based on the library. At least one attacker node and at least one target node are set in the designed network system. Hacking commands are transmitted from the attacker node to a target node through various components of the network system to change a state of the target node. The changed target node state is analyzed by a result analysis unit and then provided to a user.
Prior art US 2015/0295948 discloses a system and method for simulating network resilience against attacks and a cyber modeling and simulation framework. In some embodiments, an interface for ingest of network and vulnerability data associated with a node of a targeted network, a network visualization device for presenting the network data and the vulnerability data, and for creating a network model based on the network and vulnerability data, a threat analysis simulator for launching threat attacks on the targeted network and for applying modeled defenses against the threat attacks, the threat analysis simulator producing simulation results and a data farming module for performing data fanning on the simulation results using different scenarios to generate a farm of data for use in designing anti-cyber-attack strategies for the targeted network.
Prior art US 2013/0347085 discloses stems and methods for testing network security. Automated technology simulates common data exfiltration techniques using a client-server/agent-sensor server architecture. The testing is carried out by simulating techniques, indicators, and activities utilized by malicious actors to steal an organization's sensitive, valuable, or confidential data from their networks and systems.
The following is an examiner's statement of reasons for allowance:
Regarding independent claim 19: None of the prior art of record discloses, individually or in a reasonable combination, the following combination of limitations as recited in claim 19: "a results analyzer subsystem configured to: receive results of the executed electronic task data from the simulator nodes involved in the breach scenario; validate success of the breach scenario based on the received results from the simulator nodes, wherein the received results include a communication connection established, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts, and wherein the metadata facts include at least one of check-sum, file size, and regular expression; identify a successful breach based on the validation of success; and a fix orchestrator subsystem configured to resolve the successful breach by generating a security configuration and transmitting the security configuration to the execution manager subsystem to protect against the successful breach in accordance with the security policy" in combination with other limitations as a whole and in the context recited in claim 19.
Regarding independent claim 31: None of the prior art of record discloses, individually or in a reasonable combination, the following combination of limitations as recited in claim 31: "receiving, by the processing device, results of the executed electronic task data from the simulator nodes involved in the breach scenario; validating, by the processing device, success of the breach scenario based on the received results from the simulator nodes, wherein the received results include a communication connection established, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts, and wherein the metadata facts include at least one of check-sum, file size, and regular expression; identifying, by the processing device, a successful breach based on the validation of success; and resolving, by the processing device, the successful breach by generating a security configuration and transmitting the security configuration to a security controller to protect against the successful breach in accordance with the security policy" in combination with other limitations as a whole and in the context recited in claim 31.
Regarding independent claim 43: None of the prior art of record discloses, individually or in a reasonable combination, the following combination of limitations as recited in claim 43: "computer program code for receiving results of the executed electronic task data from the simulator nodes involved in the breach scenario; computer program code for validating success of the breach scenario based on the received results from the simulator nodes, wherein the received results include a communication connection established, success of the simulator nodes sending and receiving data, and the simulator nodes utilizing metadata facts, and wherein the metadata facts include at least one of check-sum, file size, and regular expression; computer program code for identifying a successful breach based on the validation of success; and computer program code for resolving the successful breach by generating a security configuration and transmitting the security configuration to a security controller to protect against the successful breach in accordance with the security policy" in combination with other limitations as a whole and in the context recited in claim 43.
Regarding dependent claims: Dependent claims are allowed as they depend from allowable independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIE C LIN whose telephone number is (571)272-7752. The examiner can normally be reached M-F 9:00AM -5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GELAGAY SHEWAYE can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AMIE C. LIN/           Primary Examiner, Art Unit 2436