PTAB

IPR2024-00038

CrowdStrike Inc v. Taasera Licensing LLC

Log In
Key Events
Petition
petition Intelligence

1. Case Identification

2. Patent Overview

  • Title: Methods and Systems for Controlling Access to Computing Resources Based on Known Security Vulnerabilities
  • Brief Description: The ’038 patent discloses methods and systems for enforcing security compliance on endpoint devices. The system uses a remote computing system to define policies, which are then monitored on an endpoint by one or more software agents that gather status information; based on this information, the remote system determines a compliance state and initiates a corresponding action on the endpoint.

3. Grounds for Unpatentability

Ground 1: Obviousness over Couillard and Freund - Claims 1, 23, 25, 31, and 33 are obvious over Couillard in view of Freund.

  • Prior Art Relied Upon: Couillard (Application # 2006/0203815) and Freund (Patent 5,987,611).
  • Core Argument for this Ground:

    • Prior Art Mapping: Petitioner argued that Couillard taught the broad framework of the challenged claims. Couillard disclosed a centralized "Compliancy Appliance Server" (CAS) that remotely manages security policies for endpoint workstations. Software agents ("Compliancy Security Agents" or CSAs) on the workstations check for compliance with policies (e.g., OS patches, antivirus status), and the CAS determines a compliance state and takes action, such as quarantining the device on a specific VLAN. Petitioner contended that while Couillard described the function of its CSA agent at a high level, it lacked specific implementation details for how the agent would monitor the endpoint's operating conditions.

    • Petitioner asserted that Freund supplied these missing implementation details. Freund described a client-side filter application that uses specific low-level "hooks" to intercept events and monitor activity within the endpoint's operating system, such as a "Process Hook" to track running applications and a "File Hook" to monitor the file subsystem. Petitioner argued that combining Freund's detailed agent-level monitoring techniques with Couillard's overarching remote policy enforcement system rendered the claimed invention obvious. The combination taught a remote system providing a user interface for policy configuration (Couillard), software agents configured to monitor operating conditions (Couillard's agent implemented with Freund's hooks), receiving status information from the agents (Couillard), determining a compliance state (Couillard), and initiating a responsive action carried out on the endpoint (Couillard). Dependent claims were allegedly met by conventional features, such as using a web page for the user interface (claim 25) or monitoring software conditions like running antivirus programs (claim 31).

    • Motivation to Combine: Petitioner argued that Couillard and Freund are analogous art from the same field of endpoint security. A person of ordinary skill in the art (POSITA), seeking to implement the functionally-described agent in Couillard, would have been motivated to look to references like Freund for known, specific techniques for monitoring endpoint operating conditions. Freund's disclosure of using OS hooks was a well-understood and effective method for achieving the monitoring required by Couillard's system. The fact that both references described monitoring similar conditions (e.g., running processes) would have further prompted the combination.

    • Expectation of Success: A POSITA would have had a reasonable expectation of success in combining the references. The petition argued this was because both systems were designed for similar client-server architectures and common operating systems (e.g., Microsoft Windows). The integration of Freund's known monitoring hooks into Couillard's agent was a predictable implementation choice using well-established programming techniques.

4. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial would be inappropriate under multiple frameworks.
  • Fintiv Factors (§314(a)): Petitioner contended that the trial date in the parallel district court litigation was uncertain, as the case was part of a Multidistrict Litigation (MDL) proceeding that must be remanded before a trial can be set in the originating court. Petitioner also offered a stipulation to not pursue in district court any invalidity ground that is instituted in the IPR.
  • §325(d): Petitioner argued denial was unwarranted because the primary prior art reference, Couillard, was not considered or cited during the original prosecution of the ’038 patent.
  • General Plastic Factors: Petitioner asserted that this petition should not be denied as a follow-on to an earlier IPR filed by another party (Palo Alto Networks). Petitioner argued it is an entirely separate entity, was sued by the Patent Owner eight months after the first party, used completely different prior art, and did not coordinate in any way. Petitioner claimed the staggered IPR filings were a direct result of the Patent Owner's staggered litigation strategy.

5. Relief Requested

  • Petitioner requests institution of an inter partes review and cancellation of claims 1, 23, 25, 31, and 33 of the ’038 patent as unpatentable.