DCT
2:25-cv-01132
Congruent Media Resourcing LLC v. Cisco Systems Inc
Key Events
Complaint
Hearing
Markman
Summary Judgment
Daubert
Markman
Jury Verdict
Daubert (denied)
Jury Trial Transcript
Judgment
Markman
Summary Judgment
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Congruent Media Resourcing LLC (Texas)
- Defendant: Cisco Systems, Inc. (Delaware)
- Plaintiff’s Counsel: Direction IP Law
- Case Identification: 2:25-cv-01132, E.D. Tex., 11/18/2025
- Venue Allegations: Venue is alleged to be proper based on Defendant maintaining a regular and established place of business within the Eastern District of Texas.
- Core Dispute: Plaintiff alleges that Defendant’s Cisco Secure Application platform infringes a patent related to methods for creating secure software applications by injecting and repackaging security controls.
- Technical Context: The technology concerns application "wrapping," a method for adding security layers to existing software without modifying its source code, which is significant for securing applications in enterprise and "bring your own device" (BYOD) environments.
- Key Procedural History: The complaint does not mention any prior litigation, Inter Partes Review (IPR) proceedings, or licensing history related to the patent-in-suit.
Case Timeline
| Date | Event |
|---|---|
| 2011-10-10 | U.S. Patent No. 9,135,418 Priority Date |
| 2015-09-15 | U.S. Patent No. 9,135,418 Issued |
| 2025-11-18 | Complaint Filed |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 9,135,418 - System and Method for Creating Secure Applications
The Invention Explained
- Problem Addressed: The patent addresses the security risks that arise when employees use personal mobile devices to access corporate data, as applications installed on these devices may contain malware that can lead to data breaches (’418 Patent, col. 1:21-41).
- The Patented Solution: The invention describes a method to convert a standard "target application" into a "secure application" without accessing its source code. This is achieved by programmatically imposing "intercepts"—new or replacement instructions—that modify the application's behavior to enforce security policies, and then "repackaging" the application so the intercepts become an inseparable part of it (’418 Patent, Abstract; col. 1:54-61; col. 2:4-10). This process allows an enterprise to add security controls, such as encryption, to third-party applications after they have been compiled (’418 Patent, col. 4:39-42).
- Technical Importance: This "application wrapping" approach enables centralized security management over a diverse range of applications without requiring cooperation from the original application developers (’418 Patent, col. 12:44-48).
Key Claims at a Glance
- The complaint asserts independent claim 9 (Compl. ¶17).
- Claim 9 requires a method with three essential steps:
- Receiving a target application that is designed to interact with an operating system.
- Configuring the target application by imposing one or more intercepts on it, which converts it into a secure application that maintains its interaction with the operating system.
- Repackaging the secure application so the intercepts are integrated with and inseparable from it.
- The complaint does not explicitly reserve the right to assert dependent claims.
III. The Accused Instrumentality
Product Identification
The accused instrumentality is the Cisco Secure Application, which is available as a standalone product or as part of the Cisco Observability Platform (Compl. ¶19).
Functionality and Market Context
The complaint alleges that Cisco Secure Application is a tool that protects applications at runtime by detecting and blocking attacks (Compl. ¶19). It allegedly utilizes an "AppDynamics Agent" to generate a secure application and embeds security into the application runtime (Compl. ¶¶19, 21). A key alleged feature is its Bytecode Transformer instrumentation ("BCI") engine, which is "used to inject interceptors" into a target application to monitor its behavior and enforce security policies (Compl. ¶21). The complaint presents a marketing screenshot describing how Cisco Secure Application "embeds security into the application runtime without adding performance overhead" (Compl. p. 6).
IV. Analysis of Infringement Allegations
U.S. Patent No. 9,135,418 Infringement Allegations
| Claim Element (from Independent Claim 9) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method of generating a secure application, comprising: via a processor: receiving a target application that is designed to interact with an operating system; | Cisco Secure Application allegedly performs a method of generating a secure application by securing a target application at runtime. The complaint provides a diagram showing the "AppDynamics Agent Architecture," where a target application is received by the system for security processing. (Compl. p. 9). | ¶20 | col. 4:21-25 |
| configuring the target application by imposing one or more intercepts on the target application, wherein the imposition of the intercepts converts the target application into a secure application that maintains the interaction with the operating system; and | The complaint alleges that Cisco Secure Application uses a "BCI engine" to "inject interceptors" into the target application. This process is alleged to convert the target application into a secure one by embedding security features directly into its runtime. A technical document screenshot states, "The BCI engine is used to inject interceptors." (Compl. p. 12). | ¶21 | col. 1:57-61; col. 4:39-50 |
| repackaging the secure application such that the intercepts are integrated with the secure application and are inseparable from the secure application. | The complaint alleges that once interceptors are injected, a secure application is created upon integration. It quotes a Cisco video stating that the security is inseparable because "it has the context, it's part of the application." (Compl. p. 14). | ¶22 | col. 2:4-10 |
Identified Points of Contention
- Scope Questions: The case may turn on whether the runtime modification process performed by the Cisco Secure Application constitutes "repackaging" as contemplated by the patent. The patent describes repackaging as resulting in an "immutable deployable entity" (’418 Patent, col. 2:9-10), raising the question of whether a runtime-modified application that is not redeployed as a new static file meets this limitation.
- Technical Questions: A key factual question will be how Cisco's "BCI engine" technically operates. The analysis will likely focus on whether the "injection of interceptors" is a replacement of existing instructions or the addition of new ones that interrupt program flow, as described in the patent's definition of an "intercept" (’418 Patent, col. 1:66-2:3).
V. Key Claim Terms for Construction
The Term: "intercepts"
Context and Importance: The definition of "intercepts" is central, as it defines the mechanism for converting a standard application into a secure one. The dispute will likely focus on whether Cisco's runtime monitoring and modification agents qualify as the "intercepts" described in the patent.
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The specification states that imposing intercepts may include "interposing system API calls to allow a secure framework to intercept and control application functions," which could support a view that runtime hooks or agents that monitor API calls fall within the term's scope (’418 Patent, col. 21:43-46).
- Evidence for a Narrower Interpretation: The patent provides a specific definition, stating an intercept "may be considered as an actual replacement of an existing instruction or a new instruction that may interrupt program flow" (’418 Patent, col. 1:66-2:3). This could support a narrower construction requiring a direct modification of the application's code structure, rather than just monitoring its external calls.
The Term: "repackaging"
Context and Importance: This term is critical because infringement requires not just modifying an application with intercepts, but also "repackaging" it. The dispute will likely center on whether Cisco's process of integrating security at runtime constitutes "repackaging."
Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The claim language requires that repackaging makes the intercepts "integrated with" and "inseparable from" the secure application (Compl. ¶17). This could be argued to cover runtime integration where security features become a functional part of the running application.
- Evidence for a Narrower Interpretation: The specification links "repackaging" to a process where "the intercepts may be considered to be physically inseparable from the original files," resulting in an "immutable deployable entity" (’418 Patent, col. 2:6-10). This language suggests a process that creates a new, static, and unchangeable application file, which may differ from a purely runtime modification process.
VI. Other Allegations
- Indirect Infringement: The complaint alleges inducement and contributory infringement, asserting that Cisco provides marketing materials, videos, and instructional guides that encourage and instruct customers on how to use the Cisco Secure Application in an infringing manner (Compl. ¶¶23-25).
- Willful Infringement: The complaint does not use the word "willful" but alleges that Cisco has had knowledge of its infringement at least since the date of service of the complaint and has continued its allegedly infringing conduct, which could form the basis for a future claim of post-filing willfulness (Compl. ¶¶24-25).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of technical process: does Cisco's runtime security modification, which allegedly "embeds security into the application runtime," constitute the claimed method of "repackaging" an application to create a new, "immutable deployable entity" as described in the patent's specification?
- A second key question will be one of definitional scope: can the term "intercepts," defined in the patent as a "replacement of an existing instruction or a new instruction that may interrupt program flow," be construed to cover the runtime security agents and monitoring hooks allegedly employed by the Cisco Secure Application?
- An evidentiary question will be one of inseparability: what technical proof can be offered to determine whether the security features imposed by the Cisco Secure Application are "inseparable" from the target application in the manner required by the claim, particularly in a dynamic runtime environment versus a static, repackaged file?