DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Amendment filed on 8/2/2022.

Examiner's Statement of Reason for Allowance

Claims 2-6, 8-17 and 19-23 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The present invention is directed to a method to monitor integrity of webpages. The method includes obtaining rendered code generated using source code of a webpage from a server that hosts the webpage and using remotely called code referenced in the source code, the rendered code used to display the webpage. The method also includes determining a difference between the rendered code and previous rendered code of the webpage. The previous rendered code may be generated before obtaining the rendered code. The method further includes analyzing the difference between the rendered code and the previous rendered code to determine a change in integrity of security of the webpage and in response to a change in the integrity of security of the webpage, generating an alert regarding the integrity of security of the webpage that may indicate the integrity of the webpage may have changed.



The closest prior art, as previously recited, are Bartik et al. (US 2019/0068638 A1), Shekyan et al. (US 2018/0048671 A1), Newstadt et al. (US 8,407,766 B1), Burns et al. (US 8,621,621 B1) and Jordan et al. (US 2018/0373869 A1); in which Bartik discloses a method, computer system, and a computer program product for identifying a phishing attack is provided. The present invention may include receiving an alert of a suspicious URL. The present invention may include making an HTTP request to the suspicious URL. The present invention may include downloading and rendering the suspicious URL content. The present invention may include producing a screenshot of the rendered suspicious URL content. The present invention may include making an HTTP request to a domain landing page. The present invention may include downloading and rendering the domain landing page URL content. The present invention may include producing a screenshot of the rendered domain landing page URL content. The present invention may include generating a score based on comparing the produced first screenshot and the produced second screenshot; and in which Shekyan teaches automatically modifying web page source code to address a variety of security vulnerabilities such as, for example, vulnerabilities that are exploited by mixed content attacks; and Newstadt teaches a method and apparatus for monitoring sensitive data on a computer network is described. In one embodiment, a method for protecting sensitive data from being leaked to a computer network comprises monitoring data related to a user that is presented on one or more web pages through a common interface, which enables a search for sensitive data on the one or more web pages of the one or more web sites and determining a disclosure of the sensitive data on a web page of one or more web pages; and in which Burns teaches a computing device may receive content from a content source. The content may include software code that is executable by a web browser, and may be directed to another computing device. The computing device may inject security content into the content. The security content may include software instructions to enable the web browser to detect malicious software content within the content. The computing device may communicate the content to the other computing device; and in which Jordan teaches analyzing a document may include obtaining a runtime model for an application used to process the document, extracting, from the document, code blocks each including statements, and generating, using the runtime model, a result including a series of abstract states for each statement of a code block. Each abstract state may include a series of abstract values each corresponding to concrete values. The method may further include determining, using the result and the runtime model, whether the document includes potentially malicious code.

However, Bartik et al. (US 2019/0068638 A1), Shekyan et al. (US 2018/0048671 A1), Newstadt et al. (US 8,407,766 B1), Burns et al. (US 8,621,621 B1) and Jordan et al. (US 2018/0373869 A1); neither teaches or nor suggests, alone or in combination, the particular combination of steps or elements as recited in the independent Claim 2 and similarly Claim 12 and Claim 22.  For example, none of the cited prior art teaches or suggest the combination of elements comprising, for Claim 2 and similarly Claim 12: obtaining, at a computing system, rendered code generated using source code of a webpage, the source code obtained in response to a request to a webserver that hosts the webpage, the rendered code being finalized instructions to layout presentation of the webpage and the rendered code including elements not represented in the source code without parsing and/or executing the source code; analyzing, at the computing system, the rendered code to determine a code portion of the rendered code configured to establish a network connection and transmit data obtained by the rendered code over the network connection; determining a change in integrity of security of the webpage in response to the code portion of the rendered code being configured to establish the network connection and the data being transmitted being financial information or personal information, such that the change in integrity of security is determined in response to the financial information or the personal information being transmitted over the network connection established by the code portion of the rendered code, wherein a change in the integrity of security of the webpage indicates an altering of the webpage; and in response to a change in the integrity of security of the webpage, generating an alert regarding the integrity of security of the webpage; and none of the cited prior art teaches or suggest the combination of elements comprising, for Claim 22: obtaining rendered code generated using source code of a webpage, the rendered code being finalized instructions to layout presentation of the webpage and the rendered code including elements not represented in the source code without parsing and/or executing the source code; analyzing, at a computing system, the rendered code to determine a change in integrity of security of the webpage in response to a timing of execution of a code portion of the rendered code occurring when establishment of a network connection is not expected during execution of the rendered code, the timing of execution  based on an execution order of the rendered code and the code portion configured to establish a network connection and transmit data obtained by the rendered code over the network connection, wherein a change in the integrity of security of the webpage indicates an altering of the webpage; and in response to a change in the integrity of security of the webpage, generating an alert regarding the integrity of security of the webpage.

Therefore, the claims are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”





Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385.  The examiner can normally be reached on Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/KARI L SCHMIDT/Primary Examiner, Art Unit 2439