Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Notice of Allowability is in response to RCE filed on June 16, 2022. Claims 1-3, 5-7, 9-11, 13-18 and 20 are pending of which claims 1, 13 and 16 are independent claims.

Response to Arguments
Claim rejections have been withdrawn in view of amended claims.

Allowable Subject Matter
Claims 1-3, 5-7, 9-11, 13-18 and 20 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The closest references of record are Risoldi et al. (US 2020/0167705), Hoernecke et al. (US 2017/0098086) and Genty et al. (US 2007/0168311).
Risoldi et al. teaches an adaptive risk management application retrieves data corresponding to an asset. The asset is a computing device or software application of an enterprise system. The adaptive risk management application identifies a set of vulnerabilities of the asset. The adaptive risk management application determines, for each identified vulnerability, a likelihood of a threat actor successfully exploiting the vulnerability. The adaptive risk management application determines, based on the likelihoods, a risk score for the asset. The adaptive risk management application sends the risk score for display. 
Hoernecke et al. teaches systems and methods for monitoring and assessing the security and risk presented by applications deployed in a complex computing environment. An exemplary application security system includes a server having a processing device in communication with storage systems, computing devices executing application instances configured to receive and transmit information over a network, and a security testing system including a first test module that is associated with a first application, which is associated with one or more of the application instances. The processing device of the server retrieves information about the first application, including current dependency information of the first application, calculates a security risk score for the first application based on the information, determines a security priority level associated with first application, and associates the security priority level of the first application with the first application in a database of application security information.
Genty et al. teaches a computer implemented method, data processing system, and computer program product for monitoring system events and providing real-time response to security threats. System data is collected by monitors in the computing system. The expert system of the present invention compares the data against information in a knowledge base to identify a security threat to a system resource in a form of a system event and an action for mitigating effects of the system event. A determination is made as to whether a threat risk value of the system event is greater than an action risk value of the action for mitigating the system event. If the threat risk value is greater, a determination is made as to whether a trust value set by a user is greater than the action risk value. If the trust value is greater, the expert system executes the action against the security threat.
Risoldi et al., Hoernecke et al. and Genty et al., either taken by itself or in any combination, fail to disclose or suggest limitation “determining the ranking weight comprises determining a network-internal domain ranking weight, a network-external domain ranking weight, and an OS INT domain ranking weight, and wherein the OSINT domain ranking weight comprises a reconnaissance weighting factor and a rationality weighting factor, based on whether the cyberattack risk is motivated by a malicious community” in combination with other limitations as recited by independent claim 1. 
Other independent claims recite features similar to those recited in independent claim 1, and are therefore allowable for reasons similar to those given above. Dependent claims are allowed by virtue of their dependencies.
None of the prior art of record either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHANG DO whose telephone number is (571)270-7837. The examiner can normally be reached Monday-Friday 8:00 - 5:00 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SALEH NAJJAR can be reached on (571)272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KHANG DO/Primary Examiner, Art Unit 2492