Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This Office Action is in response to the amendment filed on 08/03/2022.
Claims 1-20 are pending for consideration.
Claims 1, 7, and 13 have been amended.
Response to Arguments
Applicant's arguments filed on 08/03/2022 have been fully considered but they are not persuasive.
Applicant argues on page 13 of the Remarks that Fritzson and Kurti do not teach executing a pen-test and collecting evaluations on a sample of users (that is different and smaller than a user population) or generating a baseline score (based on the collected evaluations from the sample of users) for use by a user population execute the pen-test on the user population different than and having more users than the sample of users. Newly amended claim language with  user population having more users is addressed in the rejection below.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness
rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed
invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be
negated by the manner in which the invention was made.

Claims 1, 2, 13, and 14 are rejected under 35 U.S.C 103 as be unpatentable over US 2012/0124671 A1 (hereinafter ‘Fritzson’), in view of US 2021/0075814 A1 (hereinafter ‘Bulut’), and in further view of US 9,325,728 B1 (hereinafter ‘Kennedy’). 
Regarding Claim 1 
	Fritzson discloses:
	A system for identifying vulnerability to phishing attack (Claim 16: “A system capable of identifying and mitigating information security risks”), the system comprising: at least one processor operatively connected to a memory storing instructions, the instructions when executed cause the at least one processor to perform functions to (¶98: “For instance, at least one processor device and a memory may be used to implement the above described embodiments.”): manage generation of a penetration test ("pen-test"); evaluate the pen-test during generation (¶32: “Alternatively, exercise components can be included as part of an organization's penetration testing, which analyzes the impact of successful phishing attacks.”), wherein evaluation of the pen-test includes functions to: score the pen-test on a plurality of factors (¶91: “FIG. 8 illustrates that a user can select a training e-mail message 804 displayed within simulated browser e-mail client interface 790. As shown in FIG. 8, a cumulative score is displayed within interface 790”. The email phishing training module will incorporate a cumulative score based on the user’s performance, a cumulate score will be based on a plurality of pen-test training factors.); execute the pen-test on a sample of users; collect evaluations of the pen-test from the sample of users (¶16: “There are two ways that users can take the training: voluntarily (sample of users) or as part of a mandatory requirement.”; Voluntary training includes … training simulation that provides a virtual e-mail client interface. The virtual email training will be used in order to create a training module for mandatory users that are susceptible to phishing attacks);
	Fritzson does not disclose the following limitation “generate a baseline score for a user population based on the collected evaluations”
Bulut discloses: 
generate a baseline score for a user population based on the collected evaluations (¶45: “For example, security profile manager 145 may determine whether the user's security vulnerability value satisfies a threshold condition, and if so, execute the security audit operation. In some implementations, security profile manager 145 may determine the threshold condition by monitoring the usage for other users of the system, determine security vulnerability values for the users, and set a threshold based on the security vulnerability values for the users.”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson in order to include a feature where a system can be configured to generate a risk score (baseline score) based on the a pen-test evaluation of a user population as taught by Bulut. One of ordinary skill in the art would have been motivated to do so because Bulut recognizes that by implanting a risk score for a penetration test the reflected score can showcase how at risk a user population is to phishing attack, a system can also take precautionary steps in order to apply mitigation actions in order to minimize the risk from the users (¶45). 
Fritzson and Bulut do not disclose the following limitation “execute the pen-test on the user population different than and having more users than the sample of users”
Kennedy discloses 
execute the pen-test on the user population different than and having more users than the sample of users (Column 2, Line 7: “Scoring a client network system defense training exercise … a defense training exercise at an end of one or more of predetermined scoring cycles … the data including one or more of a current list of client network system vulnerabilities … scoring rules by a scoring engine of the at least one server to the details to determine one or more base scores at the end of one or more of predetermined scoring cycles … in the defense training exercise, wherein the participant could be an individual user or a group of users; and determining an actual score for each participant using the one or more base scores at the end of the defense training exercise.”; Column 9, Line 25: “A scoring Perl script reads scan results from the MySQL database and calculates scores (group and individual).”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson and Bulut in order to include a feature where a system can be configured to execute a pen-test evaluation on an individual user and on a group population as taught by Kennedy. One of ordinary skill in the art would have been motivated to do so because Kennedy recognizes that by implanting this feature a pen-test can establish a baseline score for a training exercise in order to help individuals and groups avoid phishing attacks (Column 2, Line 7; Column 9, Line 25). 
Fritzson further discloses: 
identify underperforming users within the user population as not meeting the baseline score; and execute custom training on the underperforming users (¶10: “Additionally, tailored exercises can be geared towards specific, targeted user accounts, such as, but not limited to, user accounts associated with new hires, contractors, or users who have demonstrated a propensity for falling victim to social engineering attacks, either simulated or real, in the past.”).
	Regarding Claim 2
	Fritzson discloses:
	The system of claim 1, wherein the system executes subsequent pen-tests on the user population (¶32: “Alternatively, exercise components can be included as part of an organization's penetration testing, which analyzes the impact of successful phishing attacks.”) and evaluates performance of the underperforming users responsive to executing targeted training to improve performance (¶31: “Embodiments of the systems and methods disclosed herein provide focused phishing awareness training wherein “teachable moments” are exploited so as to provide focused training for users that have demonstrated susceptibility to phishing. The systems and methods also adapt to evolving threats by including live exercises that are performed regularly with escalated complexity based on the level of user awareness demonstrated in previously-completed exercises. In embodiments, metrics from the exercises are tracked over time to determine the effectiveness of training across various objectives and organizational demographics.”).
Regarding Claim 13:
A computer implemented method for identifying vulnerability to phishing attack, the method comprising: managing, by at least one processor, generation of a penetration test ("pen- test"); evaluating, by the at least one processor, the pen-test during generation, wherein evaluation of the pen-test includes: scoring, by the at least one processor, the pen-test on a plurality of factors; executing, by the at least one processor, the pen-test on a sample of users; collecting, by the at least one processor, evaluations of the pen-test from the sample of users; generating, by the at least one processor, a baseline score for a user population based on the collected evaluations; executing, by the at least one processor, the pen-test on the user population different than and having more users than the sample of users; identifying, by the at least one processor, underperforming users within the user population as not meeting the baseline score; and executing, by the at least one processor, custom training on the underperforming users (See rejection in Claim 1).
Regarding Claim 14:
Fritzson discloses:
The method of claim 13, wherein the method further comprises executing subsequent pen-tests on the user population (¶32: “Alternatively, exercise components can be included as part of an organization's penetration testing, which analyzes the impact of successful phishing attacks.”) and evaluating performance of the underperforming users responsive to executing targeted training to improve performance (¶31: “Embodiments of the systems and methods disclosed herein provide focused phishing awareness training wherein “teachable moments” are exploited so as to provide focused training for users that have demonstrated susceptibility to phishing. The systems and methods also adapt to evolving threats by including live exercises that are performed regularly with escalated complexity based on the level of user awareness demonstrated in previously-completed exercises. In embodiments, metrics from the exercises are tracked over time to determine the effectiveness of training across various objectives and organizational demographics.”).
	Claims 3, 4, 5, 6, 15, 16, 17, and 18 are rejected under 35 U.S.C as be unpatentable over US 2012/0124671 A1 (hereinafter ‘Fritzson’), in view of US 2021/0075814 A1 (hereinafter ‘Bulut’), in view of US 9,325,728 B1 (hereinafter ‘Kennedy’), and in further view of US 2019/0356679 A1 (hereinafter ‘Sites’).
Regarding Claim 3 
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the system is configured to correlate underperforming users and identify reasoning for underperformance based on user survey responses”
Sites discloses:
The system of claim 1, wherein the system is configured to correlate underperforming users and identify reasoning for underperformance based on user survey responses (¶67: “User assessment surveys may include questions such as, “Under which of the following circumstances is it acceptable to share a password with a co-worker?”. The system may present multiple choice answers for the user to choose from. The returned information gets interpreted as a strength or weakness, and may be used to determine specific training or simulated phishing templates to send the user. Other questions focus on a user's perceived confidence in different areas. In embodiments, questions focus on a user's attitude towards, and knowledge of specific security risks or situations. In embodiments, the system takes responses to user assessments into account in determining the best way to target that user or test their knowledge on a specific topic.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to identify the reasoning for underperformance of a user based a survey responses as taught by Sites. One of ordinary skill in the art would have been motivated to do so because Sites recognizes that if a system is able to understand the reasoning for a user’s underperformance, then the system can assign the user a special training program in order for them to become less susceptible to phishing attacks in the future (¶67: “The returned information gets interpreted as a strength or weakness, and may be used to determine specific training or simulated phishing templates to send the user.”). 
Regarding Claim 4 
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the system is configured to select training options correlated with the reasoning for underperformance”
Sites discloses:
The system of claim 3, wherein the system is configured to select training options correlated with the reasoning for underperformance (¶67: “User assessment surveys may include questions such as, “Under which of the following circumstances is it acceptable to share a password with a co-worker?”. The system may present multiple choice answers for the user to choose from. The returned information gets interpreted as a strength or weakness, and may be used to determine specific training or simulated phishing templates to send the user. Other questions focus on a user's perceived confidence in different areas.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to select a training program for a group of users based on their response to a survey as taught by Sites. One of ordinary skill in the art would have been motivated to do so because Sites recognizes that different users will require different levels of training based on their response to the survey (¶67: “In embodiments, questions focus on a user's attitude towards, and knowledge of specific security risks or situations. In embodiments, the system takes responses to user assessments into account in determining the best way to target that user or test their knowledge on a specific topic”). 
Regarding Claim 5 
Fritzson discloses:
The system of claim 4, wherein the system is configured to determine an efficacy of the training options based on subsequent executions of pen-tests (¶31: “Embodiments of the systems and methods disclosed herein provide focused phishing awareness training wherein “teachable moments” are exploited so as to provide focused training for users that have demonstrated susceptibility to phishing. The systems and methods also adapt to evolving threats by including live exercises that are performed regularly with escalated complexity based on the level of user awareness demonstrated in previously-completed exercises. In embodiments, metrics from the exercises are tracked over time to determine the effectiveness”).
Regarding Claim 6:
Fritzson discloses:
The system of claim 5, wherein the system is configured to automatically select different training options based on determining insufficient improvement over time (¶10: “Additionally, tailored exercises can be geared towards specific, targeted user accounts, such as, but not limited to, user accounts associated with new hires, contractors, or users who have demonstrated a propensity for falling victim to social engineering attacks, either simulated or real, in the past.”).
Regarding Claim 15:
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the method further comprises correlating underperforming users and identify reasoning for underperformance based on user survey responses”
Sites discloses:
The method of claim 13, wherein the method further comprises correlating underperforming users and identify reasoning for underperformance based on user survey responses (¶67: “User assessment surveys may include questions such as, “Under which of the following circumstances is it acceptable to share a password with a co-worker?”. The system may present multiple choice answers for the user to choose from. The returned information gets interpreted as a strength or weakness, and may be used to determine specific training or simulated phishing templates to send the user. Other questions focus on a user's perceived confidence in different areas. In embodiments, questions focus on a user's attitude towards, and knowledge of specific security risks or situations. In embodiments, the system takes responses to user assessments into account in determining the best way to target that user or test their knowledge on a specific topic.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to identify the reasoning for underperformance of a user based a survey responses as taught by Sites. One of ordinary skill in the art would have been motivated to do so because Sites recognizes that if a system is able to understand the reasoning for a user’s underperformance, then the system can assign the user a special training program in order for them to become less susceptible to phishing attacks in the future (¶67: “The returned information gets interpreted as a strength or weakness, and may be used to determine specific training or simulated phishing templates to send the user.”). 
Regarding Claim 16:
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the method further comprises automatically selecting training options correlated with the reasoning for underperformance”
Sites discloses:
The method of claim 15, wherein the method further comprises automatically selecting training options correlated with the reasoning for underperformance (¶67: “User assessment surveys may include questions such as, “Under which of the following circumstances is it acceptable to share a password with a co-worker?”. The system may present multiple choice answers for the user to choose from. The returned information gets interpreted as a strength or weakness, and may be used to determine specific training or simulated phishing templates to send the user. Other questions focus on a user's perceived confidence in different areas.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to select a training option for a group of users based from their response to the survey as taught by Sites. One of ordinary skill in the art would have been motivated to do so because Sites recognizes that different users will require different levels of training based on their response to the survey (¶67: “In embodiments, questions focus on a user's attitude towards, and knowledge of specific security risks or situations. In embodiments, the system takes responses to user assessments into account in determining the best way to target that user or test their knowledge on a specific topic”). 
Regarding Claim 17:
Fritzson discloses:
The method of claim 16, wherein method further comprises determining an efficacy of the training options based on subsequent executions of pen-tests (¶31: “Embodiments of the systems and methods disclosed herein provide focused phishing awareness training wherein “teachable moments” are exploited so as to provide focused training for users that have demonstrated susceptibility to phishing. The systems and methods also adapt to evolving threats by including live exercises that are performed regularly with escalated complexity based on the level of user awareness demonstrated in previously-completed exercises. In embodiments, metrics from the exercises are tracked over time to determine the effectiveness”).
Regarding Claim 18:
Fritzson discloses:
The method of claim 17, wherein the method further comprises automatically selecting different training options based on determining insufficient improvement over time (¶10: “Additionally, tailored exercises can be geared towards specific, targeted user accounts, such as, but not limited to, user accounts associated with new hires, contractors, or users who have demonstrated a propensity for falling victim to social engineering attacks, either simulated or real, in the past.”).
	Claim 7 is rejected under 35 U.S.C as be unpatentable over US 2012/0124671 A1 (hereinafter ‘Fritzson’), in view of US 2021/0075814 A1 (hereinafter ‘Bulut’), in view of US 9,325,728 B1 (hereinafter ‘Kennedy’), and in further view of US 2020/0336507 A1 (hereinafter ‘Lee’).
	Regarding Claim 7:
Fritzson as modified by Bulut and Kennedy does not teach the following limitation “wherein the sample of users comprise an evaluation grouping of users including at least one of expert user or characteristic user to establish a quantitative assessment of the quality, appropriateness, or relevance of the pen-test for users in a testing target”
	Lee discloses:
	The system of claim 1, wherein the sample of users comprise an evaluation grouping of users including at least one of expert user or characteristic user to establish a quantitative assessment of the quality, appropriateness, or relevance of the pen-test for users in a testing target (¶23: “In one or more embodiments, testing framework 120 includes functionality to use machine learning models and techniques to automatically identify and instrument attack vectors 122 and payloads 124 during penetration testing for various types of exploits and vulnerabilities. As described in further detail below, these techniques adapt the penetration tests to different target environments without requiring manual identification of attack vectors 122 and creation of payloads 124 by penetration testing professionals. As a result, testing framework 120 improves the comprehensiveness, scalability, and flexibility of the penetration tests”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to a professional user in order to establish a quantitative assessment of the pen-test model as taught by Lee. One of ordinary skill in the art would have been motivated to do so because Lee recognizes that by implementing this feature the testing framework can improve the comprehensiveness, scalability, and flexibility of the penetration test (¶23). 
Claims 8, 11, 12, and 19 are rejected under 35 U.S.C as be unpatentable over US 2012/0124671 A1 (hereinafter ‘Fritzson’), in view of US 2021/0075814 A1 (hereinafter ‘Bulut’), in view of US 9,325,728 B1 (hereinafter ‘Kennedy’), and in further view of US 2020/0042723A1 (hereinafter ‘Krishnamoorthy’).
Regarding Claim 8:
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the at least one processor is further configured to automatically update security permissions on accounts associated with underperforming users.”
Krishnamoorthy discloses:
The system of claim 1, wherein the at least one processor is further configured to automatically update security permissions on accounts associated with underperforming users (¶42: “The policy threshold value may be a pre-set value that may be changed manually by the operator or administrator, or the policy threshold may be determined by an algorithm that adjusts the policy threshold value based on the varying risk environment.”;  ¶50: “If the user doesn't not pass the extra security measure (NO—block 575), then user authentication server 120 denies the user access to the resource (block 550), and sends data associated with the authentication denial to risk score engine 125.”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to automatically deny a user from accessing certain resources if they do not pass a certain security measure as taught by Krishnamoorthy. One of ordinary skill in the art would have been motivated to do so because Krishnamoorthy recognizes that by automatically denying a user with a high risk score, a system can better protect data/resources from being accessed by fraud users (¶38: “FIGS. 5A-5C are flow diagrams of an exemplary process for performing an assessment of identify fraud of a user 105 based on the user 105 engaging in one or more authentication processes for attempting to access a protected resource(s).”). 
Regarding Claim 11:
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the at least one processor is further configured to restore security permissions responsive to user completion of identified training operations”
Krishnamoorthy disclose: 
The system of claim 8, wherein the at least one processor is further configured to restore security permissions responsive to user completion of identified training operations (Krishnamoorthy ¶49: “If the user passes the extra security measure (YES—block 575), then user authentication server 120 grants the user access to the resource (block 580), and sends data associated with passing the extra security measure to risk score engine.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to restore a user’s security permission if they were to pass an extra security measure as taught by Krishnamoorthy. One of ordinary skill in the art would have been motivated to do so because Krishnamoorthy recognizes that if a user passed the extra security measurement (training) then they can be trusted to access the resources within a system while other users who failed the extra security measurement (training) cannot be trusted to access the resources within a system (¶50: “If the user doesn't not pass the extra security measure (NO—block 575), then user authentication server 120 denies the user access to the resource”).  
Regarding Claim 12:
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the at least one processor is further configured to restore security permissions responsive identifying a risk score improvement meeting a threshold level”.
Krishnamoorthy discloses:
The system of claim 8, wherein the at least one processor is further configured to restore security permissions responsive identifying a risk score improvement meeting a threshold level (¶14: “The determined risk score for the user may be used by the risk assessment platform, or other application servers, for granting or denying the user access to protected resources.”; ¶49: “If the user passes the extra security measure (YES—block 575), then user authentication server 120 grants the user access to the resource (block 580), and sends data associated with passing the extra security measure to risk score engine.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to restore a user’s security permission if a risk score threshold is met as taught by Krishnamoorthy. One of ordinary skill in the art would have been motivated to do so because Krishnamoorthy recognizes that if a user passed has a passing risk score then they can be trusted to access the resources within a system while other users who failed the risk score cannot be trusted to access the resources within a system (¶19: “A risk failure/denial (identified with a “5” within a circle) indicates that the determined risk score for the user 105 is too high, and that the attempt to access protected digital resources should be denied”).  
Regarding Claim 19:
Fritzson as modified by Bulut and Kennedy does not disclose the following limitation “wherein the at least one processor is further configured to automatically update security permissions on accounts associated with underperforming users.”
Krishnamoorthy discloses:
The method of claim 13, wherein the at least one processor is further configured to automatically update security permissions on accounts associated with underperforming users (¶42: “The policy threshold value may be a pre-set value that may be changed manually by the operator or administrator, or the policy threshold may be determined by an algorithm that adjusts the policy threshold value based on the varying risk environment.”;  ¶50: “If the user doesn't not pass the extra security measure (NO—block 575), then user authentication server 120 denies the user access to the resource (block 550), and sends data associated with the authentication denial to risk score engine 125.”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut and Kennedy in order to include a feature where a system can be configured to automatically deny a user from accessing certain resources if they do not pass a certain security measure as taught by Krishnamoorthy. One of ordinary skill in the art would have been motivated to do so because Krishnamoorthy recognizes that by automatically denying a user with a high risk score, a system can better protect data/resources from being accessed by fraud users (¶38: “FIGS. 5A-5C are flow diagrams of an exemplary process for performing an assessment of identify fraud of a user 105 based on the user 105 engaging in one or more authentication processes for attempting to access a protected resource(s).”). 
Claim 9 is rejected under 35 U.S.C as be unpatentable over US 2012/0124671 A1 (hereinafter ‘Fritzson’), in view of US 2021/0075814 A1 (hereinafter ‘Bulut’), in view of US 9,325,728 B1 (hereinafter ‘Kennedy’), in view of US 2020/0042723 A1 (hereinafter ‘Krishnamoorthy’), and in further view of US 2014/0295821 A1 (hereinafter ‘Qureshi’).
Regarding Claim 9:
Fritzson as modified by Bulut, Kennedy and Krishnamoorthy does not disclose the following limitation “wherein the at least one processor is further configured to automatically update browser privileges for respective underperforming users including at least one of increasing security filtering for web browsing, limiting access to whitelist websites, or preventing access to blacklist websites.”
Qureshi discloses: 
The system of claim 8, wherein the at least one processor is further configured to automatically update browser privileges for respective underperforming users including at least one of increasing security filtering for web browsing, limiting access to whitelist websites, or preventing access to blacklist websites (¶109: “In some embodiments, enforcing the one or more behavior limitations on the managed browser may include restricting access to at least one network resource. For example, in enforcing the one or more behavior limitations on the managed browser to restrict access to one or more network resources, the computing device and/or the MDM agent running on the computing device may limit, block, and/or otherwise control access to certain websites and/or other network-accessible information (e.g., using a blacklist of prohibited websites, a whitelist of permitted websites, etc.). In some instances, restricting access to one or more network resources may include limiting, blocking, and/or otherwise controlling access to enterprise resources and/or other enterprise data that may be accessible via one or more public and/or private networks.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut, Kennedy and Krishnamoorthy in order to include a feature where a system can be configured to automatically increase security filtering for web browsing, limit access to whitelist websites, or prevent access to blacklist websites for underperforming users as taught by Qureshi. One of ordinary skill in the art would have been motivated to do so because Qureshi recognizes that by implanting these security feature an organization can have more control over how their resources are accessed (¶109: “In some instances, restricting access to one or more network resources may include limiting, blocking, and/or otherwise controlling access to enterprise resources and/or other enterprise data that may be accessible via one or more public and/or private networks.”). 
Claims 10 and 20 are rejected under 35 U.S.C as be unpatentable over US 2012/0124671 A1 (hereinafter ‘Fritzson’), in view of US 2021/0075814 A1 (hereinafter ‘Bulut’), in view of US 9,325,728 B1 (hereinafter ‘Kennedy’), in view of US 2020/0042723 A1 (hereinafter ‘Krishnamoorthy’), and in further view of US 2004/0117450 A1 (hereinafter ‘Campbell’).
Regarding Claim 10:
Fritzson as modified by Bulut, Kennedy and Krishnamoorthy does not disclose the following limitation “wherein the at least one processor is further configured to automatically update application privileges associated with respective underperforming users including at least one of increasing security settings for e-mail filtering, increasing periodicity of virus scanning, activating port monitoring on respective underperforming users, activating behavior profiling, increasing frequency of any monitoring, isolating e-mail attachments to prevent executable function, or monitoring for executable functions triggered by e-mail attachments”
Campbell discloses:
The system of claim 8, wherein the at least one processor is further configured to automatically update application privileges associated with respective underperforming users including at least one of increasing security settings for e-mail filtering, increasing periodicity of virus scanning, activating port monitoring on respective underperforming users, activating behavior profiling, increasing frequency of any monitoring, isolating e-mail attachments to prevent executable function, or monitoring for executable functions triggered by e-mail attachments (Abstract: “The email concentrator may also perform centralized processing functions associated with the email, such as virus scanning, filtering, or user-defined rule application.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut, Kennedy, and Krishnamoorthy in order to include a security feature where a system can be configured to automatically: filter, virus scan, or isolate attachments for e-mails as taught by Campbell. One of ordinary skill in the art would have been motivated to do so because Campbell recognizes that by having these automated security features for emails, a user will not have to manage their email account as thoroughly (¶26: “Implementing virus scanning, filtering, and application of other rules as part of the email concentrator 112 ensures that these functions are performed consistently with respect to all incoming email messages, regardless of which email server the message is received from. Furthermore, having these functions centralized, simplifies the user task of managing email accounts in that the user can specify custom rules or filters in one place, and those rules and filters can be applied to all incoming messages for multiple email accounts.”).
Regarding Claim 20:
Fritzson as modified by Bulut, Kennedy and Krishnamoorthy does not disclose the following limitation “wherein the at least one processor is further configured to automatically update application privileges associated with respective underperforming users including at least one of increasing security settings for e-mail filtering, increasing periodicity of virus scanning, activating port monitoring on respective underperforming users, activating behavior profiling, increasing frequency of any monitoring, isolating e-mail attachments to prevent executable function, or monitoring for executable functions triggered by e-mail attachments”
Campbell discloses:
The method of claim 19, wherein the at least one processor is further configured to automatically update application privileges associated with respective underperforming users including at least one of increasing security settings for e-mail filtering, increasing periodicity of virus scanning, activating port monitoring on respective underperforming users, activating behavior profiling, increasing frequency of any monitoring, isolating e-mail attachments to prevent executable function, or monitoring for executable functions triggered by e-mail attachments (Abstract: “The email concentrator may also perform centralized processing functions associated with the email, such as virus scanning, filtering, or user-defined rule application.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Fritzson, Bulut, Kennedy, and Krishnamoorthy in order to include a security feature where a system can be configured to automatically: filter, virus scan, or isolate attachments for e-mails as taught by Campbell. One of ordinary skill in the art would have been motivated to do so because Campbell recognizes that by having these automated security features for emails, a user will not have to manage their email account as thoroughly (¶26: “Implementing virus scanning, filtering, and application of other rules as part of the email concentrator 112 ensures that these functions are performed consistently with respect to all incoming email messages, regardless of which email server the message is received from. Furthermore, having these functions centralized, simplifies the user task of managing email accounts in that the user can specify custom rules or filters in one place, and those rules and filters can be applied to all incoming messages for multiple email accounts.”).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office
action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the
extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from
the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date
of this final action and the advisory action is not mailed until after the end of the THREE-MONTH
shortened statutory period, then the shortened statutory period will expire on the date the advisory
action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing
date of the advisory action. In no event, however, will the statutory period for reply expire later than
SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be
directed to SAAD ABDULLAH whose telephone number is 571-272-1531. The examiner can normally be reached
on Monday-Friday 9am-5pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner's
supervisor, LYNN FIELD can be reached on 571-272-2092.
Information regarding the status of an application may be obtained from the Patent Application
Information Retrieval (PAIR) system. Status information for published applications may be obtained from
either Private PAIR or Public PAIR. Status information for unpublished applications is available through
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC)
at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative
or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-
1000.
/SAAD AHMAD ABDULLAH/Examiner, Art Unit 2431                                                                                                                                                                                                        
/LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431