DETAILED ACTION 
This Office action has been issued in response to amendment filed September 21, 2022. 
Claims 1-3, 11, 12, 14, 16 and 17 have been amended. Claims 1-20 are pending. Applicant’s arguments are carefully and respectfully considered and some are persuasive, while others are not. Accordingly rejections have been removed where arguments were persuasive, but rejections have been maintained where arguments were not persuasive. Also, a new rejections based on the newly added amendments have been set forth. Accordingly, claims 1-20 are rejected and this action has been made FINAL, as necessitated by amendment. 
Response to Arguments
Applicant’s arguments directed to claim objection have been fully considered, but they are not persuasive. Amended claim Applicant’s argues that claim 13 recited the limitations of “…thereof”. The phrase “thereof” made the claim language unclear whether rest of the claim limitations are included or excluded for the claim language. As such, objection to the claim 12 is hereby sustained.
Applicant’s remarks and arguments directed to 35 USC 103(a) rejection, presented on 09/21/22 have been fully considered but they are moot in view of the new ground of rejection presented in this office action.
Objection
Claims 12-13 are objected because of the following reasons:
Claim 12 recited the limitation of “…..a combination thereof”. The phrase “thereof” made the claim language unclear, such that whether all of the limitations are included or excluded for the claim language.
Dependent claim is objected for incorporating the same deficiencies of their respective base claims.
Claim Rejections - 35 USC § 112
5.	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

6.	Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Amended claims 1, 11 and 16 recited the limitations of “potential promotion”. The phrase ‘potential’ can include any kind of possibilities, suggestion or solution. The limitation of ‘potential’ is indefinite as it fails to point out what is being described and one of ordinary skill in the would able to appraised the scope of the claimed invention.
Dependent claim is rejected for incorporating the same deficiencies of their respective base claims.
Claim Rejections- 35 USC § 103
7.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
8.	The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.
         
9.	Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Tamir et al. (US 2018/0219908 A1), hereinafter Tamir in view of Oliphant et al., (US 2015/0040230 A1), hereinafter Oliphant. 
As for claim 1, Tamir teaches a configuration management database (CMDB) system, comprising: at least one memory storing a database, wherein the database comprises a configuration items (CIs) table configured to store CI objects, a vulnerable items (VIs) table configured to store VI objects, a detections table configured to store detection objects representing detections of vulnerabilities for the stored CI objects, and a detection….rules table configured to store detection….rule objects that each include one or more… conditions, wherein the stored detection objects are substantially lighter-weight and….within the CMDB system that the stored VI objects (see abstract, configuration item (CI) data related to a (CI) device, a configuration management database (CMDB) and the CI data related to the physical device is read, performs a vulnerability calculation for the CI device, Fig. 9A, 9B with associated text, [0037]);
and at least one processor configured to execute instructions stored in the at least one memory to cause the CMDB system to perform actions comprising:….evaluating the stored detection objects of the detections table…to corresponding VI objects by: for each active detection…. rule object of the stored detection….rule objects: evaluating the one or more promotion conditions of the active detection…rule object based on the stored detection objects (see [0034], detect and monitor the device, performing operations of client device, [0005], compares the vulnerability calculation for the CI device with the second vulnerability calculation for a second CI device, and prioritizes an action to be taken on the CI device or an associated other network component based on the comparison, [0038]-[0039], determination of vulnerability include significantly reducing or completely elimination, lowering the vulnerability impact/severity of some vulnerabilities etc. When vulnerabilities are appropriately evaluated and score the calculation that leads to remediation tasks with highest risk-reducing impact, [0049], [0088], vulnerabilities includes calculation associated with trust zone, comparing, scoring with all other vulnerabilities. The vulnerabilities include records within time periods);
 and determining that the one or more….conditions of the active detection…rule object have been satisfied by a detection object of the stored detection objects, and…. the detection object by creating a new VI object in the VIs table and relating the new VI object to the detection object (see [0006], determination include security, trust zone data associated with CI device, performing, utilizing one or more vulnerability data associated with one or more devices, [0040], response mechanisms which include a security computer can calculate these vulnerability severity scores for each item or component of the network, represented by a CI data record in the CMDB, [0031], Fig. 5).
Tamir teaches the claimed invention including the limitations of detection rule or conditions; detection objects of the detections table corresponding VI objects; detection objects are substantially lighter-weight and within the CMDB system; the detection object by creating a new VI object in the VIs table ([0006], [0034], [0040], [0042], [0038], [0078]). Tamir does not explicitly teach the limitations of a detection promotion rules table; one or more promotion conditions; detection objects are substantially lower-height and lower-cost within the CMDB system; periodically evaluating; potential promotion; active detection promotion rule object; in response, promoting the detection object by creating a new VI object in the VIs table. 
In the same field of endeavor, Oliphant teaches the limitations of a detection promotion rules table; one or more promotion conditions; detection objects are substantially lower-height and lower-cost within the CMDB system; periodically evaluating; potential promotion; active detection promotion rule object; in response, promoting the detection object by creating a new VI object in the VIs table (see Oliphant, [0019], e.g. promoting the invention, [0097], e.g. various possible benefits include effectively mitigated the overwhelming management and maintenance burden on administrators, [0083], rules for identify and remediate network vulnerabilities, [0020], [0024], e.g. in response to query remediation techniques can apply).    
Tamir and Oliphant both references teach features that are directed to analogous art and they are from the same field of endeavor, such as vulnerability data to store in configuration management database, generate vulnerable item table of the CMDB, detecting vulnerabilities in plurality of devices. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Oliphant’s teaching to Tamir system for a remediation techniques that collectively remediate plurality of device vulnerabilities. Thus, provide patch management, vulnerability identification, verification and compliance functions. The remediation technology eliminate false positives and false negatives, and ensure policy compliance, saving the organization time and money (see Oliphant, [0100]).   
  As for claim 11, 
		The limitations therein have substantially the same scope as claim 1 because claim 11 is a method claim for implementing those steps of claim 1. Therefore, claim 11 is rejected for at least the same reasons as claim 1.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Oliphant’s teaching to Tamir system for a remediation techniques that collectively remediate plurality of device vulnerabilities. Thus, provide patch management, vulnerability identification, verification and compliance functions. The remediation technology eliminate false positives and false negatives, and ensure policy compliance, saving the organization time and money (see Oliphant, [0100]).   
As for claim 16, 
		The limitations therein have substantially the same scope as claim 1 because claim 16 is one-or more non-transitory computer-readable media claim for implementing those steps of claim 1. Therefore, claim 16 is rejected for at least the same reasons as claim 1.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate Oliphant’s teaching to Tamir system for a remediation techniques that collectively remediate plurality of device vulnerabilities. Thus, provide patch management, vulnerability identification, verification and compliance functions. The remediation technology eliminate false positives and false negatives, and ensure policy compliance, saving the organization time and money (see Oliphant, [0100]).   
As to claim 2, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein each of the one or more promotion conditions comprises: an attribute, wherein the attribute is an attribute of the detection object, an attribute of a vulnerability object related to the detection object, or an attribute of a CI object related to the detection object; a comparison operator that is associated with the attribute; and an attribute value that is associated with the attribute (see Tamir, [0044]; Also see Oliphant, [0019]).
As to claim 3, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the comparison operator is one of: “is equivalent to”, “is one of”, “is not one of”, “contains”, “is greater than”, or “is less than” (see Tamir, [0039]).
As to claim 4, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the attribute value comprises a binary value, one or more integer values, a text string, an object, or a group of objects (see Tamir, [0055], [0094]).
As to claim 5, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the one or more promotion conditions comprise a plurality of promotion conditions, wherein the plurality of promotion conditions are combined using Boolean AND/OR operators (see Tamir, [0027], [0094]).
As to claim 6, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the at least one processor is configured to execute the instructions stored in the at least one memory to cause the CMDB system to perform actions comprising: receiving a request to create a new detection promotion rule object, wherein the request comprises one or more promotion conditions of the new detection promotion rule object; and creating the new detection promotion rule object in the detection promotion rule table having the one or more promotion conditions in response to receiving the request (see Tamir, [0034], [0069]; Also see , [0006], [0027]; Fig. 5).
As to claim 7, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the at least one processor is configured to execute the instructions stored in the at least one memory to cause the CMDB system to perform actions comprising: receiving, from an external server, scanning data from a vulnerability scan of a client network, wherein the scanning data comprises information regarding the detections of the vulnerabilities of CIs associated with the client network; and creating a respective detection object in the detections table for each of the detections of the vulnerabilities of CIs associated with the client network in the scanning data (see Tamir, [0039], [0076]; Also see Oliphant, [0055], [0083]).
As to claim 8, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the database comprises a vulnerabilities table configured to store vulnerability objects representing the vulnerabilities detected for the stored CI objects, and wherein the at least one processor is configured to execute the instructions stored in the at least one memory to cause the CMDB system to perform actions comprising: receiving vulnerability data from the external server, wherein the vulnerability data comprises information regarding the vulnerabilities detected for the CI objects associated with the client network; and creating a new vulnerability object in the vulnerabilities table for each of the detected vulnerabilities in the vulnerability data, and relating each vulnerability object to one or more corresponding detections objects in the detections table (see Tamir, [0005], [0034], [0094]).
As to claim 9, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein, to evaluate the one or more promotion conditions of the active detection promotion rule object based on the stored detection objects, the at least one processor is configured to execute the instructions stored in the at least one memory to cause the CMDB system to perform actions comprising: evaluating the one or more promotion conditions of the active detection promotion rule object based on attribute values of the detection objects stored in the detections table, as well as attribute values of the vulnerability objects stored in the vulnerabilities table that are related to the detection objects (see Tamir, [0042], [0044]; Also see Oliphant, [0024], [0038]).
As to claim 10, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the CMDB is hosted as part of a client instance by a data center (see Tamir, [0006]).
As to claim 15, this claim is rejected based on the same reason as above to reject the claim above and are similarly rejected including the following:
Tamir and Oliphant teach:
wherein the external server is a management, instrumentation, and discovery (MID) server associated with the client network (see Tamir, [0031]).
Claims 12-14 correspond in scope to claims 2-10 and are similarly rejected.
Claims 17-20 correspond in scope to claims 2-10 and are similarly rejected. 
Prior Arts
10.  	US 2019/0102560 A1 teaches configuration management database (CMDB) that store the data concerning Cis, along with data related to various IT assets. The CMDB include information about the company, departments, who the device is assigned to, who manages the device, the support group/supported by, and domain, etc. This information used as grouping criteria in grouping vulnerabilities, the databases, the platform include one or more other database servers ([0025]).
US 2019/0342323 A1 teaches vulnerability on the configuration item. Vulnerability referred to vulnerable items, configuration item. Database include table, arrays et. (abstract, [0064]).
Sacm ECP Mapping draft-haynes-sacm-ecp-mapping, SACM 2016, teaches connect enterprise, detects change to the tag inventory, requested by the server, examine the tag running on the server, determine mitigating steps taken to protect from the vulnerability (page 4).
Also see US 20100192228, US 20120304300, US 2015040230, US 8554750, US 8646093, US 8745040, US 8812539, US 8818994, US 9015188, US 9037536, US 9137115, US 9323801, US 9412084, US 9467344, US 9613070, US 9659051,US 9792387, US 9852165, US 9911087, US 10133991, US 10181984, US 100151186 US 20190342323, US 20190220469, US 20190102560, these references also teaches the claim recited limitations. These references are state of the art at the time of the claimed invention. 
Conclusion
11.	The examiner suggests, in response to this Office action, support being shown for language added to any original claims on amendment and any new claims. That is, indicate support for newly added claim language by specifically pointing to page(s) and line no(s) in the specification and/or drawing figure(s). This will assist the examiner in prosecuting the application (see 37 C.F.R. § 1.75(d)(1), 37 C.F.R. § 1.83(f)).
12.	The prior art made of record on form PTO-892 and not relied upon is considered pertinent to applicant's disclosure. Applicant is required under 37 C.F.R. § 1.111(c) to consider these references fully when responding to this action (see MPEP § 7.96). Applicant is advised to clearly point out the patentable novelty which he or she thinks the claims present, in view of the state of the art disclosed by the references cited or the objections made. He or she must also show how the amendments avoid such references or objections See 37 CFR 1.111(c).
13.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Contact Information
14.	Any inquiry concerning this communication or earlier communication from the examiner should be directed to Daniel A Kuddus whose telephone number is (571) 270-1722. The examiner can normally be reached on Monday to Thursday 8.00 a.m.-5.30 p.m. The examiner can also be reached on alternate Fridays from 8.00 a.m. to 4.30 p.m.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor Hosain Alam can be reached on (571) 272-3978. The fax phone number for the organization where this application or processing is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from the either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANIEL A KUDDUS/           	Primary Examiner, Art Unit 2154
11/15/22