DCT

7:25-cv-00523

Congruent Media Resourcing LLC v. Trend Micro Inc

Log In
Key Events
Complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 7:25-cv-00523, W.D. Tex., 11/13/2025
  • Venue Allegations: Plaintiff alleges venue is proper in the Western District of Texas because Defendant maintains a regular and established place of business in Austin, Texas, and has allegedly committed acts of infringement within the district.
  • Core Dispute: Plaintiff alleges that Defendant’s Trend Micro Cloud One Application Security product infringes a patent related to methods for creating secure software applications by modifying and repackaging an existing target application.
  • Technical Context: The technology concerns application security, specifically a method known as "application wrapping" or "securitization," where security features are injected into a pre-compiled application without modifying its source code to protect it from threats.
  • Key Procedural History: The complaint does not mention any prior litigation, licensing history, or post-grant proceedings related to the patent-in-suit.

Case Timeline

Date Event
2011-10-10 ’418 Patent - Earliest Priority Date
2015-09-15 ’418 Patent - Issue Date
2025-11-13 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

  • Patent Identification: U.S. Patent No. 9,135,418, "System and Method for Creating Secure Applications," issued September 15, 2015.
  • The Invention Explained:
    • Problem Addressed: The patent addresses the security risks that arise when corporate data is accessed on employees' personal mobile devices, which may have untrusted applications ("apps") installed that could contain malware or other vulnerabilities (’418 Patent, col. 1:21-41).
    • The Patented Solution: The invention describes a method for converting a non-secure "target application" into a secure one without access to its source code. This is achieved by binding one or more "intercepts" to the application, which modify its behavior according to security policies, and then "repackaging" the application so the intercepts are physically integrated and inseparable from it, resulting in an "immutable deployable entity" (’418 Patent, Abstract; col. 2:4-10). The process is described as "application wrapping" or "securitization" that can, for example, replace references to system services with references to a secure library (’418 Patent, col. 12:19-35).
    • Technical Importance: This approach allows an enterprise to enforce security policies on third-party applications after they have been compiled, removing the need for source code modification or developer-implemented changes (’418 Patent, col. 12:45-49).
  • Key Claims at a Glance:
    • The complaint asserts independent claim 9 (’418 Patent, col. 41:20-33).
    • The essential elements of claim 9 are:
      • receiving a target application that is designed to interact with an operating system;
      • configuring the target application by imposing one or more intercepts on the target application, wherein the imposition of the intercepts converts the target application into a secure application that maintains the interaction with the operating system; and
      • repackaging the secure application such that the intercepts are integrated with the secure application and are inseparable from the secure application.
    • The complaint does not explicitly reserve the right to assert dependent claims.

III. The Accused Instrumentality

  • Product Identification: Trend Micro Cloud One Application Security (“the Accused Instrumentality”) (Compl. ¶18).
  • Functionality and Market Context:
    • The complaint describes the Accused Instrumentality as a method of generating a secure application that uses Runtime Application Self-Protection (“RASP”) technology (Compl. ¶19).
    • The functionality involves integrating a library, or "micro-agent," into a target application "without modifying development code" (Compl. ¶¶20-21). This library is alleged to bootstrap itself into the application at runtime, run in-process, and use OS-specific interfaces to monitor and protect the application from threats like SQL injection (Compl. ¶¶19, 21; Compl. p. 7). The complaint includes a diagram illustrating the three-step process: "1. Define a security policy 2. Embed a micro-agent into the code 3. Deploy the app" (Compl. p. 10).

IV. Analysis of Infringement Allegations

U.S. Patent No. 9,135,418 Infringement Allegations

Claim Element (from Independent Claim 9) Alleged Infringing Functionality Complaint Citation Patent Citation
A method of generating a secure application, comprising: via a processor: receiving a target application that is designed to interact with an operating system; The Accused Instrumentality is a method that receives a target application to be secured. This target application is integrated with the Application Security library and interacts with the host operating system at the process and kernel interface level. ¶20 col. 1:45-49
configuring the target application by imposing one or more intercepts on the target application, wherein the imposition of the intercepts converts the target application into a secure application that maintains the interaction with the operating system; The Accused Instrumentality configures the target application by embedding a "micro-agent" into its code. This agent acts as an intercept, converting the application into a secure one by monitoring calls and preventing suspicious instructions while maintaining interaction with the OS. ¶21 col. 1:54-61
and repackaging the secure application such that the intercepts are integrated with the secure application and are inseparable from the secure application. The Accused Instrumentality's "micro-agent" is embedded in the code of the target application. The complaint alleges the resulting Application Library is "self-contained" and "independently protects its application," rendering it inseparable. An annotated screenshot highlights marketing language stating the library is "self-contained and independently protects its application, even if it becomes disconnected from the Application Security service" as evidence of this element (Compl. p. 12). ¶22 col. 2:4-10
  • Identified Points of Contention:
    • Scope Questions: The case may turn on whether embedding a "micro-agent" or runtime library, as described for the accused RASP technology, constitutes "repackaging the secure application" as required by the claim. The defense may argue that runtime modification is distinct from the pre-deployment "repackaging" that results in an "immutable deployable entity" as described in the patent (’418 Patent, col. 2:9-10).
    • Technical Questions: A key question will be whether the accused "micro-agent" is truly "inseparable" from the secure application in the manner claimed by the patent. The complaint alleges the agent is "self-contained" and protects the application even when disconnected from its service (Compl. ¶22; Compl. p. 12), but the court will need to determine if this meets the patent's description of being "physically inseparable from the original files" (’418 Patent, col. 2:7-8).

V. Key Claim Terms for Construction

  • The Term: "repackaging"

  • Context and Importance: The definition of "repackaging" is central. Plaintiff's theory depends on equating the embedding of a "micro-agent" into an application's code with the claimed "repackaging" step. Defendant may argue that its runtime-focused RASP technology does not perform a "repackaging" as contemplated by the patent, which appears to describe a pre-deployment reconstruction of the application file itself.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The patent does not explicitly define the term. Plaintiff may argue that any process that results in intercepts being "integrated with the original files" meets the definition, and the specification's discussion of various injection techniques, like byte code injection and link injection, supports a flexible interpretation (’418 Patent, col. 22:45-57, col. 24:64-25:17).
    • Evidence for a Narrower Interpretation: The specification states that as a result of repackaging, "the intercepts may be considered to be physically inseparable from the original files... which can result in an immutable deployable entity" (’418 Patent, col. 2:6-10). This language suggests a static, pre-deployment process that permanently alters the application file, which may be narrower than the dynamic, runtime integration alleged in the complaint.

  • The Term: "inseparable"

  • Context and Importance: This term is critical to distinguishing the patented method from potentially more conventional security approaches. The infringement allegation hinges on the "micro-agent" being "inseparable." Practitioners may focus on whether "inseparable" requires physical immutability of the application package or if functional independence (as alleged by Plaintiff) is sufficient.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: Plaintiff could argue that the complaint's allegation of a "self-contained" library that "independently protects its application, even if it becomes disconnected" (Compl. ¶22; Compl. p. 12) meets the functional goal of being "inseparable," as the security features cannot be easily bypassed by merely disconnecting from a server.
    • Evidence for a Narrower Interpretation: The patent links the term directly to the "repackaging" process, stating the result is that "intercepts may be considered to be physically inseparable from the original files" and this feature can prevent removal "by an unauthorized party" (’418 Patent, col. 2:7-11). This suggests a technical, anti-tampering quality rather than mere functional independence.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges both induced and contributory infringement. It asserts Defendant provides the Accused Instrumentality to customers with the knowledge and specific intent that they use it in an infringing manner, supported by allegations of marketing materials, videos, and instructional guides that promote the infringing use (Compl. ¶¶23-25).
  • Willful Infringement: The complaint does not contain a separate count for willful infringement. However, it alleges that Defendant has had knowledge of the ’418 Patent and its infringement at least since the date of service of the complaint and has continued its allegedly infringing conduct, which could form the basis for a post-filing willfulness claim (Compl. ¶24).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: does the act of embedding a runtime "micro-agent" into an application, as alleged for the Trend Micro RASP product, constitute "repackaging" an application to make intercepts "inseparable" as those terms are used in the context of the ’418 Patent, which describes creating an "immutable deployable entity"?
  • A key evidentiary question will be one of technical operation: what is the precise mechanism by which the accused "micro-agent" is integrated with a target application, and does this mechanism render it "physically inseparable" in a way that prevents removal, or is it a form of dynamic linking that falls short of the patent's description?