PTAB

IPR2024-01394

Normshield Inc v. BitSight Technologies Inc

Log In
Key Events
Petition
petition Intelligence

1. Case Identification

2. Patent Overview

  • Title: Security Risk Management
  • Brief Description: The ’615 patent relates to methods for mapping an entity’s network-related technical assets, such as IP addresses, to the entity's identity. The claimed methods involve automatically discovering information about these assets online and providing a user interface to assist in the mapping process for security assessment purposes.

3. Grounds for Unpatentability

Ground 1: Claims 1-4, 9-14, 16, 33-37, 42-46, 48, 50-54, 59-63, and 65 are obvious over Longo in view of McNab.

  • Prior Art Relied Upon: Longo (Application # 2011/0106920) and McNab (a 2008 book titled "Network Security Assessment").
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Longo disclosed the core claimed method of automatically generating a map between technical assets (IP addresses) and organizational entities, including using a user interface for manual association. McNab was cited for its detailed teachings on well-known Open Source Intelligence (OSINT) techniques for network asset discovery, such as using DNS queries and querying Regional Internet Registries (RIRs) like ARIN to find an organization's IP addresses. Petitioner contended the combination taught all limitations of independent claim 1, including online discovery of network-related information from sources like an RIR.
    • Motivation to Combine: A person of ordinary skill in the art (POSITA) would combine McNab's established and reliable asset enumeration techniques with Longo's system for mapping those assets to entities. This combination would serve the primary goal of Longo's system by providing it with the necessary input data (IP addresses) required for security assessment, a common and well-understood practice in the field.
    • Expectation of Success: A POSITA would have a high expectation of success because McNab provided detailed methodologies for asset discovery that were standard industry practice. Integrating these known data-gathering techniques into Longo's database and user interface framework was presented as a straightforward implementation.

Ground 3: Claims 5-8, 13, 17, 18-29, 31-32, 33-46, 48-49, 55-58, 63, 66, 84-98, and 100 are obvious over Longo and McNab in view of Zhang.

  • Prior Art Relied Upon: Longo (Application # 2011/0106920), McNab (a 2008 book), and Zhang (Application # 2018/0041521).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground built upon the Longo and McNab combination to address claims requiring discovery via "passive DNS queries" (e.g., claims 5-8). Petitioner asserted that Zhang taught collecting passive DNS (pDNS) information by listening to DNS traffic, storing it in a database, and using it to identify associations between domain names and network addresses. This directly mapped to the limitations requiring the use of passive DNS, tracking changes over time, and performing a sequence of queries to identify name servers and associated domains.
    • Motivation to Combine: A POSITA would be motivated to incorporate Zhang's passive DNS methods into the Longo/McNab system to improve the efficiency and comprehensiveness of data collection. Passive DNS avoided the need for multiple active queries and provided a rich historical dataset, which offered known benefits for security analysis, such as improved search capabilities and the ability to track DNS record changes over time.
    • Expectation of Success: Success would be reasonably expected because querying a passive DNS database as taught by Zhang was technically compatible with the enumeration steps taught by McNab and the mapping system of Longo. A POSITA could readily adapt McNab’s query logic to operate on Zhang’s stored DNS data.

Ground 6: Claims 1-4, 9-16, 33-37, 42-48, 50-54, 59-65, 67-71, and 76-82 are obvious over Shull.

  • Prior Art Relied Upon: Shull (Application # 2006/0230039).

  • Core Argument for this Ground:

    • Prior Art Mapping: Petitioner presented Shull as a standalone reference that rendered the claims obvious. Shull allegedly disclosed a method for mapping IP addresses to entities (e.g., registered owners) and storing the associations in a cross-referenced data store, creating a "detailed map." The mapping was performed automatically by a "controller," used online discovery from network databases like WHOIS, and included a user interface ("pop-up window") that enabled an administrator to review and confirm the automatically generated associations.
    • Motivation to Combine: The argument relied on inherency and obvious design choices within Shull's disclosure. For example, a POSITA would find it obvious to use Shull's pop-up window to not only confirm but also manually correct or assign associations to improve the accuracy of the map, a known benefit of human-in-the-loop systems.

  • Additional Grounds: Petitioner asserted additional obviousness challenges, including combinations incorporating Maltego (for teaching an interactive, graphical user interface for mapping assets), Tippett (for teaching the scoring of an entity's security state), and further combinations based on Shull, Longo, McNab, and Zhang.

4. Arguments Regarding Discretionary Denial

  • Petitioner argued that all Fintiv factors weigh against discretionary denial under §314(a). The petition noted that in the parallel district court litigation, there has been no requested stay, no trial date has been set, and no discovery or case schedule is in place. Petitioner also highlighted the breadth of the challenge (100 claims) compared to the smaller number of claims asserted in the litigation (6 claims) and contended that the petition presents compelling grounds for unpatentability.

5. Relief Requested

  • Petitioner requests institution of an inter partes review of claims 1-100 of Patent 9,438,615 and cancellation of those claims as unpatentable under 35 U.S.C. §103.