DETAILED ACTION
This office action is in response to the application filed on 02/20/2020. Claims 1-20 are pending and are examined.	
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance:

The closest prior arts made of records are, Hufsmith et al. (U.S Pub No. 2020/0097662 A1, referred to as Hufsmith), Deshpande et al. (U.S Pub No. 2021/0006543 A1, referred to as Deshpande) and Hwang et al. (U.S Pub No. 2021/0042217 A1, referred to as Hwang).

Hufsmith discloses a process for determining threat scores for container images or distributed applications that consider the results of a multitude of different scanners and other factors such as context information which may include information about a given execution environment for the container image. Scanner results, or scanner properties, are determined for a container image or container images in a multi-container distributed application by various vulnerability scanners. The scanner properties determined by each vulnerability scanner are adjusted responsive to properties of the context and normalized to determine component threat scores for the container image. Then the component threat scores for the container image are combined to generate a combined threat score for the container image within the context of the execution environment.

Deshpande discloses an approach for creating one or more firewall rules to regulate communication between containers. The approach includes calculating a trust score for each container. To generate a rule for any two containers, a difference between the trust scores is computed, and if the difference in trust levels is too large, then the more trustworthy container is not allowed to communicate with the less trustworthy container. If the difference in trust scores is not too large, then the trustworthy container is allowed to communicate with the other trustworthy container, or an untrustworthy container is allowed to communicate with another untrustworthy container.

	Hwang discloses an artificial intelligence (AI) platform to support a continuous integration and deployment pipeline for software development and operations (DevOps). One or more running processes are subject to monitoring to identify presence of vulnerabilities. An automated rebuild of the monitored processes is initiated, which includes constructing a map representing a relationship of test code elements corresponding to different portions of source code. The identified vulnerable source code reflected in a new container image is subject to an automatic verification to ascertain if the source code is covered by at least one of the represented test code elements. A risk assessment is employed as part of the verification. A new container image is selectively deployed responsive to the risk assessment.

However, regarding claims 1 and 8, the prior art of Hufsmith, Deshpande and Hwang when taken in the context of the claim as a whole do not disclose nor suggest, “identify a particular remedial action, out of a plurality of candidate remedial actions, to take based on identifying that the generated score exceeds the threshold; recalculate the score for the particular container based on taking the particular remedial action; determine that the recalculated score does not exceed the threshold; and cause the identified remedial action to be performed, based on determining that the recalculated score does not exceed the threshold.”.

Regarding claim 15, the prior art of Hufsmith, Deshpande and Hwang when taken in the context of the claim as a whole do not disclose nor suggest, “identifying a particular remedial action, out of a plurality of candidate remedial actions, to take based on identifying that the generated score exceeds the threshold; recalculating the score for the particular container based on taking the particular remedial action; determining that the recalculated score does not exceed the threshold; and causing the identified remedial action to be performed, based on determining that the recalculated score does not exceed the threshold.”.

Claims 2-7 depend on claim 1, claims 9-14 depend on claim 8 and claims 16-20 depend on claim 15, and are of consequence allowed.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:  See PTO-892.  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN SAADOUN whose telephone number is (571)272-8408. The examiner can normally be reached Mon-Fri 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HASSAN SAADOUN/Examiner, Art Unit 2435 

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435