Orca Security Ltd v. Wiz Inc

1. Case Identification

• Case #: IPR2025-01085
• Patent #: 11,936,693
• Filed: June 4, 2025
• Petitioner(s): Orca Security Ltd
• Patent Owner(s): Wiz, Inc.
• Challenged Claims: 1-21

2. Patent Overview

• Title: Cybersecurity for Cloud Computing Environments
• Brief Description: The ’693 patent discloses a cybersecurity method for protecting cloud networks from external attacks. The method involves using "active inspection" to determine if a network path to a cloud resource is actually accessible from an external network, storing an indicator that the path is valid, and then applying security policies based on that determination.

3. Grounds for Unpatentability

Ground 1: Claims 1-7, 9-18, and 20-21 are obvious over Calvo in view of Nguyen.

• Prior Art Relied Upon: Calvo (Patent 10,949,406) and Nguyen (Patent 11,558,414).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Calvo taught most elements of the challenged claims, including a system for compliance lifecycle management of cloud-based resources. Calvo disclosed selecting target resources and applying "compliance packs" (policies) containing conditional rules, such as ensuring a specific firewall port is not accessible from the Internet. Petitioner contended that where Calvo was silent on "actively inspecting" a network path, Nguyen supplied this element. Nguyen taught a penetration testing ("pen-testing") system that identifies "actual vulnerabilities" by sending instructions (e.g., GET, TRACE requests) to targets and analyzing responses, which Petitioner asserted is the same as the ’693 patent's "active inspection." Crucially, Petitioner argued that Nguyen taught storing the results of these tests in a "vulnerabilities database" to distinguish actual threats from false positives. This stored result, indicating a path is truly reachable, allegedly met the "storing an indicator" limitation that was critical for the allowance of the ’693 patent. For mitigation, Calvo taught taking "remedial actions," such as closing a port, when a resource is found to be non-compliant.
  • Motivation to Combine: Petitioner argued a POSITA would combine the references because Calvo disclosed its system could be used for Payment Card Industry Data Security Standard (PCI DSS) compliance, an industry standard known to require the type of penetration testing taught by Nguyen. Combining the two would create a system capable of meeting this known requirement. Additional motivations included improving Calvo's system by verifying real threats, increasing efficiency, and automating resource selection.
  • Expectation of Success: Petitioner argued a POSITA would have a reasonable expectation of success because the combination involved incorporating a known technique (pen-testing) to improve a known system (compliance management) for a predictable result (verifying vulnerabilities). Both references were also assigned to the same entity, suggesting technical compatibility.

Ground 2: Claims 8 and 19 are obvious over Calvo and Nguyen in view of Datsenko.

• Prior Art Relied Upon: Calvo (Patent 10,949,406), Nguyen (Patent 11,558,414), and Datsenko (Application # 2012/0311696).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground addressed claims 8 and 19, which added the limitation of "generating an exception to the policy." Petitioner argued that the Calvo-Nguyen combination taught all other elements of these claims. The tertiary reference, Datsenko, was introduced to explicitly teach the exception feature. Datsenko disclosed an "Override for Policy Enforcement System" designed to provide a "mechanism for assisting a user in obtaining an exception to a given policy," thereby allowing access to a resource that would otherwise be restricted.
  • Motivation to Combine: Petitioner argued a POSITA would combine Datsenko to add practical flexibility to the Calvo-Nguyen system. Because security policies often require exceptions for legitimate business needs, a POSITA would incorporate Datsenko’s known mechanism to provide a common-sense solution for managing such exceptions.
  • Expectation of Success: The petition argued success would be expected because implementing a policy exception feature was a routine software modification for a POSITA. It represented a known technique to improve a similar device (the Calvo-Nguyen policy system) in a predictable way.

4. Key Claim Construction Positions

• Petitioner identified a dispute from related district court litigation over the term "actively inspect[ing] the network path."
• Petitioner proposed a construction of "sending a data packet over the network path."
• Patent Owner argued that no construction was necessary for this term.
• Petitioner maintained that its obviousness arguments rendered the challenged claims unpatentable under its own proposed construction, the Patent Owner's position, and the plain and ordinary meaning of the term.

5. Relief Requested

• Petitioner requested institution of an inter partes review and cancellation of claims 1-21 of the ’693 patent as unpatentable.