DCT
0:23-cv-62432
Speech Transcription LLC v. SentinelOne Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Speech Transcription, LLC (Wyoming)
- Defendant: SentinelOne, Inc. (Delaware)
- Plaintiff’s Counsel: Law Office Of Barbra Stern PA; Garteiser Honea, PLLC
- Case Identification: 0:23-cv-62432, S.D. Fla., 12/29/2023
- Venue Allegations: Venue is asserted based on Defendant allegedly maintaining a "regular and established place of business" in the Southern District of Florida.
- Core Dispute: Plaintiff alleges that Defendant’s Singularity XDR cybersecurity platform infringes a patent related to a unified, open-platform architecture for managing endpoint security functions.
- Technical Context: The technology concerns the field of endpoint cybersecurity, a market focused on protecting individual computing devices (desktops, laptops, servers) from digital threats by centrally managing a variety of security tools.
- Key Procedural History: The complaint notes that during the prosecution of the asserted patent, the U.S. Patent and Trademark Office identified U.S. Patent 7,058,796 as the most relevant prior art reference.
Case Timeline
| Date | Event |
|---|---|
| 2004-09-14 | ’799 Patent Priority Date |
| 2015-01-20 | ’799 Patent Issue Date |
| 2023-12-29 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 8,938,799, "SECURITY PROTECTION APPARATUS AND METHOD FOR ENDPOINT COMPUTING SYSTEMS," issued Jan. 20, 2015
The Invention Explained
- Problem Addressed: The patent’s background section describes the technical and financial problems arising from conventional endpoint security, where multiple, disparate software modules from different vendors are installed on each host computer. This approach is described as leading to software conflicts, performance degradation, management complexity, and a high total cost of ownership (TCO) (’799 Patent, col. 3:49-67).
- The Patented Solution: The invention discloses a "unified security management system" centered on a "Security Utility Blade" (SUB), which is a dedicated hardware and software subsystem located at the endpoint but running an operating system separate from the host computer (’799 Patent, col. 7:6-9). This SUB is designed to function as a standardized, "open platform" that can receive and execute security modules from various vendors, allowing a central management server to coordinate security functions without vendors directly accessing the endpoint. This architecture is illustrated in the patent’s Figure 1B (’799 Patent, col. 5:21-43, Fig. 1B).
- Technical Importance: This approach aimed to simplify the deployment and management of multi-vendor security solutions by creating a standardized, vendor-agnostic layer for endpoint protection, thereby reducing software conflicts and lowering operational costs (’799 Patent, col. 3:63-67).
Key Claims at a Glance
- The complaint asserts at least independent claim 14 (Compl. ¶31).
- The essential elements of independent claim 14 are:
- A security subsystem configurable between a network and a host of an endpoint.
- The subsystem comprises computing resources for providing an open platform.
- The open platform is for receiving and executing security function software modules from multiple vendors.
- The purpose of the platform is to provide defense functions for the protection of the host.
- The complaint does not explicitly reserve the right to assert dependent claims, but the phrasing "one or more claims" suggests this possibility (Compl. ¶31).
III. The Accused Instrumentality
Product Identification
- The complaint identifies the "Singularity XDR system" as the accused instrumentality (Compl. ¶27).
Functionality and Market Context
- The Singularity XDR system is described as a "cybersecurity platform that aims to improve threat detection and response capabilities by integrating and correlating data from various sources across an organization's network, endpoints, and cloud services" (Compl. ¶27). The complaint frames Defendant as a global cybersecurity provider, providing a world map from its careers website to show its office locations, including one in the forum district (Compl. p. 2, Fig. 1). Figure 1 in the complaint is a world map screenshot from Defendant’s website showing its office locations, including one in Fort Lauderdale (Compl. p. 2, Fig. 1).
- The complaint does not provide further technical detail on the specific operation or architecture of the Singularity XDR system beyond this high-level functional description.
IV. Analysis of Infringement Allegations
The complaint references a claim chart in Exhibit B, which was not provided with the filed complaint. The infringement theory is outlined below based on the prose allegations in the complaint body.
'799 Patent Infringement Allegations
| Claim Element (from Independent Claim 14) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A security subsystem configurable between a network and a host of an endpoint, the security subsystem comprising computing resources for providing: | The complaint alleges that the Singularity XDR system is a cybersecurity platform that operates to protect endpoints connected to a network, thereby constituting a "security subsystem" (Compl. ¶27). | ¶27 | col. 26:47-49 |
| an open platform for receiving and executing security function software modules from multiple vendors for providing defense functions for protection of the host. | The complaint alleges that the Singularity XDR system functions as a platform that "integrat[es] and correlat[es] data from various sources" to provide threat detection and response capabilities for endpoints (Compl. ¶27, 31). | ¶27, ¶31 | col. 26:50-52 |
- Identified Points of Contention:
- Scope Questions: A primary question may be whether the accused "Singularity XDR system," described as a software "platform," can meet the "security subsystem" limitation of claim 14. The patent specification consistently describes this "subsystem" as a "Security Utility Blade" (SUB), a distinct component with its own operating system that is separate from the host, which may suggest a hardware or hybrid hardware-software requirement (’799 Patent, col. 7:6-9; Fig. 2A).
- Technical Questions: The complaint alleges infringement in a conclusory manner, and the court will require specific evidence of operation. A key technical question is what evidence the complaint or subsequent discovery will provide to demonstrate that the accused system performs the specific functions of "receiving and executing security function software modules from multiple vendors," as opposed to merely integrating or correlating data streams via APIs.
V. Key Claim Terms for Construction
- The Term: "security subsystem"
- Context and Importance: This term defines the core of the claimed apparatus. The outcome of the case may turn on whether this term is construed to cover a software-only platform or if it requires a distinct hardware component as described in the patent’s embodiments.
- Evidence for a Broader Interpretation: The language of claim 14 itself does not explicitly recite a hardware component, referring only to "computing resources." This could support an interpretation that a coordinated set of software components can constitute a "subsystem" (’799 Patent, col. 26:47-49).
- Evidence for a Narrower Interpretation: The specification repeatedly and consistently links the "subsystem" to the "Security Utility Blade (SUB)," which is described as running its own operating system separate from the host and depicted in figures as a physical component like a blade card (’799 Patent, col. 5:21-23, col. 7:6-9, Fig. 2A-2D). The patent abstract also refers to an "apparatus" (’799 Patent, Abstract).
- The Term: "open platform for receiving and executing security function software modules"
- Context and Importance: This functional language is critical to the infringement analysis. The dispute will likely focus on whether the accused product’s method of integration meets the claimed functionality of "receiving and executing" modules.
- Evidence for a Broader Interpretation: A party could argue this term covers any system architecture that allows for the integration of third-party security capabilities or data, a common feature in modern XDR systems.
- Evidence for a Narrower Interpretation: The specification describes the platform as a "repository of defense function software modules...from any participating vendors" where such modules can be "downloaded and executed" (’799 Patent, col. 8:43-51). This language may support a narrower construction requiring the platform to host and run the actual code of third-party modules, not simply interface with their data or APIs.
VI. Other Allegations
- Indirect Infringement: The complaint alleges induced infringement, stating that Defendant distributes "product literature and website materials inducing end users and others to use its products in the customary and intended manner that infringes" the patent (Compl. ¶34).
- Willful Infringement: The complaint alleges that Defendant has knowledge of its infringement "at least as of the service of the present complaint" and has continued its allegedly infringing conduct despite this knowledge (Compl. ¶29, 34-35). This forms a basis for alleging post-suit willfulness.
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the term "security subsystem," which the patent specification consistently describes in the context of a distinct hardware-based "Security Utility Blade," be construed to cover the accused Singularity XDR system, which is described as a software-based cybersecurity platform?
- A key evidentiary question will be one of operational function: what specific evidence will be presented to demonstrate that the accused system performs the claimed function of "receiving and executing security function software modules from multiple vendors," as required by Claim 14, as opposed to the more general function of integrating data from various third-party sources?