Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 1 of 21
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE WESTERN DISTRICT OF TEXAS
`WACO DIVISION
`
`
`
`
`
`Civil Action No. 6:23-cv-00768
`
`
`JURY TRIAL DEMANDED
`
`SECURITYPROFILING, LLC,
`
` Plaintiff,
`
` v.
`
`VMWARE, INC
`
` Defendant.
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`This is an action for patent infringement in which Plaintiff SecurityProfiling, LLC
`
`complains against Defendant VMware, Inc., all upon information and belief, as follows:
`
`THE PARTIES
`
`1.
`
`Plaintiff SecurityProfiling, LLC (“Plaintiff” or “SecurityProfiling”) is a limited
`
`liability company organized and existing under the laws of the State of Texas, having its principal
`
`office at 3105 Media Drive, Cedar Park, Texas 78641.
`
`2.
`
`Defendant VMware, Inc. (“VMware”) is a Delaware Corporation. VMware has a
`
`principal place of business within this District located at 6500 Riverplace Blvd; Bldg 6, Austin,
`
`TX 78730.
`
`JURISDICTION AND VENUE
`
`3.
`
`This is an action for patent infringement arising under the patent laws of the United
`
`States of America, 35 U.S.C. § 1, et seq., including 35 U.S.C. § 271. This Court has subject matter
`
`jurisdiction pursuant to 28 U.S.C. §§ 1331 and 1338(a).
`
`4.
`
`This Court has general and specific personal jurisdiction over VMware by virtue of
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 2 of 21
`
`VMware’s regular and established places of business in this District, and continuous and
`
`systematic business activities in this State, directly or through intermediaries, which activities give
`
`rise to at least a portion of the infringements alleged herein and include: (i) making, using, offering
`
`for sale and/or selling the below identified infringing apparatus in this State, and/or importing the
`
`below identified infringing products into this State; (ii) purposefully and voluntarily placing the
`
`below identified infringing apparatus into the stream of commerce with the expectation that they
`
`will be purchased by consumers in this State; and/or (iii) deriving substantial revenue from the
`
`below identified infringing products provided to individuals in this State.
`
`5.
`
`Venue is proper in this district and division under 28 U.S.C. §§ 1391(b)-(d) and
`
`1400(b) because VMware has committed acts of infringement in the Western District of Texas and
`
`VMware has a regular and established places of business in this District.
`
`GENERAL ALLEGATIONS
`
`6.
`
`SecurityProfiling is the successor in interest to SecurityProfiling Inc. of West
`
`Lafayette, Indiana. In around the years 2002 and 2003, SecurityProfiling Inc. had developed a
`
`series of novel enterprise Anti-Vulnerability™ security systems. It was in the forefront of anti-
`
`vulnerability technology that provided for multi-path remediation. The system was widely and
`
`favorably reported. The Anti-Vulnerability platform provided novel and best practice security
`
`policy compliance and enforcement capabilities to proactively and remotely manage and enforce
`
`standardized templates or custom enterprise security compliance policies. The system’s logic
`
`engine identified each client’s vulnerabilities, exposures and out-of-compliance policy parameters
`
`upon each polling cycle. It then mitigated or remediated the vulnerabilities using the best-possible
`
`options, including patches, policy changes, disabling a service, modifying permissions or making
`
`registry changes, for example. Moreover, the network administrators had the choice to select
`
`- 2 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 3 of 21
`
`among available remediation options. SecurityProfiling Inc.’s system included SysUpdate,
`
`Intelligent IDS v1.0, which was an Anti-Vulnerability plugin for Snort IDS that provides
`
`intelligence, accuracy, and remote patching functions; Intelligent IPS v1.0, which accurately
`
`identified and prevented malicious code from reaching their destination; and LogBoss v2.1, which
`
`was an easy to use network log manager that securely transfers and archives all network logs
`
`(security, application, & system) in real time into a single, centralized database.
`
`7.
`
`On July 1, 2003, SecurityProfiling Inc. filed a patent application directed to the
`
`above inventions, Serial Number 60/484085. From that original application, the United States
`
`Patent and Trademark Office has issued a series of patents, including the patents here in suit.
`
`COUNT I
`
`DIRECT INFRINGEMENT OF U.S. PATENT NO. 10,893,066
`
`8.
`
`Plaintiff hereby restates and re-alleges the allegations set forth in the preceding
`
`paragraphs 1-7 and incorporates them by reference.
`
`9.
`
`Plaintiff is the owner by assignment of United States Patent No. 10,893,066 entitled
`
`“Computer Program Product And Apparatus For Multi-Path Remediation” (“the ‘066 Patent”).
`
`The ‘066 Patent was duly and legally issued on January 12, 2021. A true and correct copy of the
`
`‘066 Patent is attached as Exhibit 1.
`
`10.
`
`11.
`
`Pursuant to 35 U.S.C. § 282, the ‘066 Patent is presumed valid.
`
`A predecessor of the ‘066 Patent, Pat. 8,984,644, was involved in a proceeding
`
`before the Patent and Trial Appeal Board (“PTAB”) of United States Patent and Trademark Office
`
`(“USPTO”), IPR2017-02192 (“IPR Proceeding”). In a Final Written Decision dated April 8, 2019,
`
`the PTAB held that claims 1, 7, and 14 of the ‘644 patent were unpatentable. SecurityProfiling
`
`appealed the decision to the Federal Circuit Court of Appeals. The Court upheld the PTAB
`
`- 3 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 4 of 21
`
`decision without any opinion under Rule 36 of the Federal Circuit Rules of Procedures.
`
`12.
`
`SecurityProfiling disclosed the IPR Proceeding to the USPTO during the
`
`prosecution of the ‘066 Patent in two separate instances, and specifically disclosed that an adverse
`
`Final Written Decision had been entered, which SecurityProfiling was appealing.
`
`13.
`
`The asserted claims of the ‘066 Patent are materially different from the claims that
`
`had been considered in the IPR Proceeding. As one critical example, the PTAB’s decision rested
`
`entirely on its determination that the “user option” limitation found in the prior ‘644 Patent claims
`
`was not supported by any prior application leading to the ‘644 Patent. The asserted claims of the
`
`‘066 Patent do not include a “user option” limitation. Thus, the Final Written Decision in the IPR
`
`Proceeding is irrelevant to the asserted claims of the ‘066 Patent.
`
`14.
`
`Further, the claims are not abstract and are patent-eligible under 35 U.S.C. §101.
`
`The eligibility of the patent claims is supported by the prosecution history of the ‘066 Patent.
`
`15.
`
`During the prosecution of the ‘066 Patent, the Examiner had initially issued a claim
`
`rejection that asserted that “[Prosecution] Claims 21-46 and 48-53 are rejected under 35 U.S.C.
`
`101 because the claimed invention is directed to an abstract idea without significantly more.”
`
`SecurityProfiling responded with an explanation of why the claims were patent-eligible, but,
`
`notwithstanding SecurityProfiling’s argument, the Examiner again rejected the proposed
`
`prosecution claims under 35 U.S.C. §101.
`
`16.
`
`On July 26, 2019, SecurityProfiling presented two arguments as to why the claims
`
`were eligible under 35 U.S.C. §101. In a subsequent advisory action, the Examiner still rejected
`
`the claims as patent ineligible, but focused on certain elements that SecurityProfiling had argued
`
`which the Examiner did not believe were incorporated in the claims.
`
`17.
`
`SecurityProfiling then cancelled all the then-pending claims and proposed new
`
`- 4 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 5 of 21
`
`rewritten claims that ultimately issued as the claims of the ‘066 Patent.
`
`18.
`
`In response to the newly-revised claims, the Examiner issued a Notice of
`
`Allowability, followed by an updated Notice of Allowability, in which the Examiner stated:
`
`Applicant’s arguments, see Remarks filed on 09/18/2020, have been fully
`considered. Applicant’s arguments, especially, Remarks filed on 07/26/2019, have
`been fully considered and are persuasive.
`
`19.
`
`In the Statement of Reasons for Allowance, the Examiner stated:
`
`Independent claim 54 is allowed in view of the reasons presented by the applicant
`in the Remarks. Claims 86-109 and 111-129 depend, directly or indirectly, on
`claim 54 and are therefore, allowed by virtue of their dependency.
`
`20.
`
`SecurityProfiling’s Remarks of July 26, 2019, to which the Examiner referred as
`
`being persuasive, were as follows:
`
`Argument #1
`
`First, with respect to [prosecution] Claim 21, for example, the following
`emphasized claim terms can NOT be performed in mind:
`
`"identify an occurrence in connection with at least one of the plurality of
`devices;
`
`determine that the at least one actual vulnerability of the at least one of the
`plurality of devices is susceptible to being taken advantage of by the
`occurrence identified in connection with the at least one of the plurality of
`devices, utilizing the first vulnerability information; and
`
`permit selective utilization of different occurrence mitigation actions of diverse
`occurrence mitigation types, including a firewall-based occurrence mitigation
`type and a other occurrence mitigation type, across the plurality of devices for
`occurrence mitigation by preventing advantage being taken of actual
`vulnerabilities utilizing the different occurrence mitigation actions of the
`diverse occurrence mitigation types across the plurality of devices"
`(emphasis added).
`
`Clearly, a person’s “mind” cannot: determine that at least one accurately identified
`vulnerability is susceptible to being taken advantage of by an occurrence identified,
`utilizing the first vulnerability information; and prevent advantage being taken of
`accurately identified vulnerabilities utilizing the different occurrence mitigation
`actions of the diverse occurrence mitigation types across devices, in the specific
`context claimed.
`
`- 5 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 6 of 21
`
`In a similar context in SRI International, Inc. v. Cisco Systems, Inc. (Fed. Cir.
`2019), the Federal Circuit confirmed the District Court’s Step One determination
`that “claim 1 is not directed to an abstract idea” because the “claims are directed to
`using a specific technique-using a plurality of network monitors that each analyze
`specific types of data on the network and integrating reports from the monitors-to
`solve a technological problem arising in computer networks:
`
`identifying hackers or potential intruders into the network” (emphasis
`added).
`
`In explanation, the Federal Circuit opinion states:
`
`“ ... the claims here are not directed to using a computer as a tool-that is,
`automating a conventional idea on a computer. Rather, the representative claim
`improves the technical functioning of the computer and computer networks by
`reciting a specific technique for improving computer network security.
`
`Indeed, we tend to agree with [Plaintiff] that the human mind is not
`equipped to detect suspicious activity by using network monitors and
`analyzing network packets ... ” (emphasis added).
`
`Thus, similar to SRI International, the current claims recite security-related activity
`that simply cannot be performed by the human mind, and, thus, the current claims
`are not directed to an abstract idea.
`
`Argument #2
`
`Second, it appears the Examiner did not even address applicant’s arguments with
`respect to Step 2 of the Alice test.
`
`Specifically, in the present application, even if the Examiner were to conclude that
`the claims fall within the appropriate groupings of abstract ideas, the claims in the
`present application include one or more additional elements that extend beyond the
`judicial exception(s) and integrate the exception into a practical application. See
`the highlighted language below, just by way of example in the context of Claim 21,
`that represents an improvement in the functioning of a computer or technical field
`so as to render the same a particular machine (or method for operating the same) in
`a particular technological environment.
`
`“21. A non-transitory computer-readable media storing instructions that, when
`executed by one or more processors, cause the one or more processors to:
`
`receive first vulnerability information from at least one first data storage that
`is generated utilizing second vulnerability information from at least one second
`data storage that is used to identify a plurality of potential vulnerabilities, by
`including:
`
`at least one first potential vulnerability, and
`
`- 6 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 7 of 21
`
`at least one second potential vulnerability;
`
`said first vulnerability information generated utilizing the second vulnerability
`information, by:
`
`identifying at least one configuration associated with a plurality of devices
`including a first device, a second device, and a third device, and
`
`determining that the plurality of devices is actually vulnerable to at least
`one actual vulnerability based on the identified at least one configuration,
`utilizing the second vulnerability information that is used to identify the
`plurality of potential vulnerabilities;
`
`identify an occurrence in connection with at least one of the plurality of
`devices;
`
`determine that the at least one actual vulnerability of the at least one of
`the plurality of devices is susceptible to being taken advantage of by the
`occurrence identified in connection with the at least one of the plurality of
`devices, utilizing the first vulnerability information; and
`
`permit selective utilization of different occurrence mitigation actions of
`diverse occurrence mitigation
`types,
`including a
`firewall-based
`occurrence mitigation type and a other occurrence mitigation type, across
`the plurality of devices for occurrence mitigation by preventing advantage
`being taken of actual vulnerabilities utilizing the different occurrence
`mitigation actions of the diverse occurrence mitigation types across the
`plurality of devices;
`
`wherein the at least one configuration involves at least one operating system.”
`(emphasis added)
`
`Further, applicant respectfully notes that, in the recent USPTO Guidance, the
`USPTO indicated, for Step 2 of the Alice test, that if the Examiner concludes, under
`the Guidance, that an additional element is insignificant extra-solution activity, they
`should reevaluate that conclusion in Step 2 of the Alice test. If such reevaluation
`indicates that the element is unconventional or otherwise more than what is well-
`understood, routine, conventional activity in the field, this finding may indicate that
`an inventive concept is present and that the claim is thus eligible.
`
`In the present case, even if the Examiner concludes that the above-highlighted
`elements are insignificant extra-solution activity, they are indeed unconventional
`or otherwise more than what is well-understood, routine, conventional activity in
`the field, for at least the reason that the claim elements, individually and in
`combination, are not found in the prior art. Further, as evidenced below, the
`Examiner’s cited art is not even prior art.
`
`(Emphases in original).
`
`- 7 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 8 of 21
`
`21.
`
`Thus, SecurityProfiling had demonstrated to the satisfaction of the United States
`
`Patent and Trademark Office that the claims were neither abstract under Alice Step One, and in
`
`any event were patentable under Alice Step Two, citing, inter alia, SRI International, Inc. v. Cisco
`
`Systems, Inc. (Fed. Cir. 2019). The USPTO considered SecurityProfiling’s demonstration and
`
`agreed that the claims were patentable, stating that “Applicant’s arguments, especially, Remarks
`
`filed on 07/26/2019, have been fully considered and are persuasive.”
`
`22.
`
`VMware has directly infringed and continues to infringe under 35 U.S.C. §271(a)
`
`at least claim 2 of the ‘066 Patent by making, using, selling and marketing VMware’s Carbon
`
`Black Cloud product.
`
`23.
`
`A comparison of claim 2 of the ‘066 Patent to VMware’s Carbon Black Cloud is
`
`attached as Exhibit 9, which is incorporated herein by reference.
`
`24.
`
`VMware was and/or is on notice of the ‘066 patent and its infringement thereof at
`
`least as early as March of 2023.
`
`25.
`
`VMware’s acts of infringement have caused and continues to cause damage to
`
`SecurityProfiling. SecurityProfiling is entitled to recover from VMware the damages sustained by
`
`SecurityProfiling as a result of VMware’s wrongful acts.
`
`COUNT II
`
`INFRINGEMENT OF U.S. PATENT NO. 10,873,595
`
`26.
`
`SecurityProfiling hereby restates and re-alleges the allegations set forth in the
`
`preceding paragraphs 1-25 and incorporates them by reference.
`
`27.
`
`SecurityProfiling is the owner by assignment of United States Patent No.
`
`10,873,595 entitled “Real-Time Vulnerability Monitoring” (“the ‘595 Patent”). The ‘595 Patent
`
`was duly and legally issued on December 22, 2020. A true and correct copy of the ‘595 Patent is
`
`- 8 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 9 of 21
`
`attached as Exhibit 2.
`
`28.
`
`29.
`
`Pursuant to 35 U.S.C. § 282, the ‘595 Patent is presumed valid.
`
`A predecessor of the ‘595 Patent, Pat. 8,984,644, was involved in a proceeding
`
`before the Patent and Trial Appeal Board (“PTAB”) of United States Patent and Trademark Office
`
`(“USPTO”), IPR2017-02192 (“IPR Proceeding”). In a Final Written Decision dated April 8, 2019,
`
`the PTAB held that claims 1, 7, and 14 of the ‘644 patent were unpatentable. SecurityProfiling
`
`appealed the decision to the Federal Circuit Court of Appeals. The Court upheld the PTAB
`
`decision without any opinion under Rule 36 of the Federal Circuit Rules of Procedures.
`
`30.
`
`SecurityProfiling disclosed the IPR Proceeding to the USPTO during the
`
`prosecution of the ‘595 Patent, and specifically disclosed that an adverse Final Written Decision
`
`had been entered, which the Federal Circuit affirmed.
`
`31.
`
`The asserted claims of the ‘595 Patent are materially different from the claims that
`
`had been considered in the IPR Proceeding. As one critical example, the PTAB’s decision rested
`
`entirely on its determination that the “user option” limitation found in the prior ‘644 Patent claims
`
`was not supported by any prior application leading to the ‘644 Patent. The asserted claims of the
`
`‘595 Patent do not include a “user option” limitation. Thus, the Final Written Decision in the IPR
`
`Proceeding is irrelevant to the asserted claims of the ‘595 Patent.
`
`32.
`
`The claims of the ‘595 Patent are not abstract and are patent-eligible under 35
`
`U.S.C. §101. During the prosecution of the ‘595 Patent, the USPTO itself raised the issue as to
`
`whether the ‘595 Patent claims were patent eligible under 35 U.S.C. § 101, and determined that
`
`the claims were patentable. The discussions regarding patent eligibility during the prosecution of
`
`the ‘595 Patent are here incorporated by reference. In addition, the eligibility of the ‘595 Patent
`
`claims is further supported by the prosecution history of the ‘066 Patent recited above with respect
`
`- 9 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 10 of 21
`
`to Count I, and here incorporated by reference.
`
`33.
`
`In violation of 35 U.S.C. § 271(a), VMware has practiced and continues to practice
`
`a method of at least claim 1 of the ‘595 Patent by practicing the steps of the claimed method when
`
`operating Carbon Black Cloud. VMware has also practiced and continues to practice a method of
`
`at least claim 1 of the ‘595 Patent by practicing the steps of the claimed method when testing
`
`and/or through other internal uses of its Carbon Black Cloud product.
`
`34.
`
`A comparison of claim 1 of the ‘595 Patent to Carbon Black Cloud methods is
`
`attached as Exhibit 10, which is incorporated herein by reference. The normal use of Carbon Black
`
`Cloud systems necessarily and inherently required practicing the steps of at least Claim 1 of the
`
`‘595 Patent.
`
`35.
`
`VMware is also continuing to violate 35 U.S.C. § 271(b) (“Whoever actively
`
`induces infringement of a patent shall be liable as an infringer”). VMware has had knowledge of
`
`the ‘595 Patent since at least March of 2023. With knowledge of the ‘595 Patent, VMware has
`
`induced its customers to acquire Carbon Black Cloud systems in this country and to practice in
`
`this country the methods of at least claim 1. The inducement is apparent in the instructions that
`
`VMware has provided and continues to provide to its customers, such as the instructions on how
`
`to use Carbon Black Cloud systems that include the steps of the claimed methods.
`
`36.
`
`VMware was and/or is on notice of the ‘595 patent and its infringement thereof at
`
`least as early as March of 2023.
`
`37.
`
`VMware’s acts of infringement have caused and continues to cause damage to
`
`SecurityProfiling. SecurityProfiling is entitled to recover from VMware the damages sustained by
`
`SecurityProfiling as a result of VMware’s wrongful acts.
`
`- 10 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 11 of 21
`
`COUNT III
`
`DIRECT INFRINGEMENT OF U.S. PATENT NO. 10,609,063
`
`38.
`
`SecurityProfiling hereby restates and re-alleges the allegations set forth in the
`
`preceding paragraphs 1-37 and incorporates them by reference.
`
`39.
`
`SecurityProfiling is the owner by assignment of United States Patent No.
`
`10,609,063 entitled “Computer Program Product And Apparatus For Multi-Path Remediation”
`
`(“the ‘063 Patent”). The ‘063 Patent was duly and legally issued on March 31, 2020. A true and
`
`correct copy of the ‘063 Patent is attached as Exhibit 3.
`
`40.
`
`41.
`
`Pursuant to 35 U.S.C. § 282, the ‘063 Patent is presumed valid.
`
`A predecessor of the ‘063 Patent, Pat. 8,984,644, was involved in a proceeding
`
`before the Patent and Trial Appeal Board (“PTAB”) of United States Patent and Trademark Office
`
`(“USPTO”), IPR2017-02192 (“IPR Proceeding”). In a Final Written Decision dated April 8, 2019,
`
`the PTAB held that claims 1, 7, and 14 of the ‘644 patent were unpatentable. SecurityProfiling
`
`appealed the decision to the Federal Circuit Court of Appeals. The Court upheld the PTAB
`
`decision without any opinion under Rule 36 of the Federal Circuit Rules of Procedures.
`
`42.
`
`SecurityProfiling disclosed the IPR Proceeding to the USPTO during the
`
`prosecution of the ‘063 Patent, and specifically disclosed that an adverse Final Written Decision
`
`had been entered. In a subsequent disclosure, SecurityProfiling disclosed to the USPTO that the
`
`adverse Final Written Decision was the subject of an appeal to the Federal Circuit Court of
`
`Appeals.
`
`43.
`
`The asserted claims of the ‘063 Patent are materially different from the claims that
`
`had been considered in the IPR Proceeding. As one critical example, the PTAB’s decision rested
`
`entirely on its determination that the “user option” limitation found in the prior ‘644 Patent claims
`
`- 11 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 12 of 21
`
`was not supported by any prior application leading to the ‘644 Patent. The asserted claims of the
`
`‘063 Patent do not include a “user option” limitation. Thus, the Final Written Decision in the IPR
`
`Proceeding is irrelevant to the asserted claims of the ‘063 Patent.
`
`44.
`
`The claims of the ‘063 Patent are not abstract and are patent-eligible under 35
`
`U.S.C. §101. During the prosecution of the ‘063 Patent, the USPTO itself raised the issue as to
`
`whether the ‘063 Patent claims were patent eligible under 35 U.S.C. § 101, and determined that
`
`the claims were patentable. The discussions regarding patent eligibility during the prosecution of
`
`the ‘063 Patent are here incorporated by reference. In addition, the eligibility of the ‘063 Patent
`
`claims is further supported by the prosecution history of the ‘066 Patent recited above with respect
`
`to Count I, and here incorporated by reference.
`
`45.
`
`VMware has directly infringed and continues to infringe under 35 U.S.C. §271(a)
`
`at least claim 10 of the ‘063 Patent by making, using, selling and marketing Carbon Black Cloud.
`
`46.
`
`A comparison of claim 10 of the ‘063 Patent to Carbon Black Cloud systems is
`
`attached as Exhibit 11, which is incorporated herein by reference.
`
`47.
`
`VMware was and/or is on notice of the ‘063 patent and its infringement thereof at
`
`least as early as March of 2023.
`
`48.
`
`VMware’s acts of infringement have caused and continues to cause damage to
`
`SecurityProfiling. SecurityProfiling is entitled to recover from VMware the damages sustained by
`
`SecurityProfiling as a result of VMware’s wrongful acts.
`
`COUNT IV
`
`DIRECT INFRINGEMENT OF U.S. PATENT NO. 10,154,055
`
`49.
`
`SecurityProfiling hereby restates and re-alleges the allegations set forth in the
`
`preceding paragraphs 1-48 and incorporates them by reference.
`
`- 12 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 13 of 21
`
`50.
`
`SecurityProfiling is the owner by assignment of United States Patent No.
`
`10,154,055 entitled “Real-Time Vulnerability Monitoring” (“the ‘055 Patent”). The ‘055 Patent
`
`was duly and legally issued on December 11, 2018. A true and correct copy of the ‘055 Patent is
`
`attached as Exhibit 4.
`
`51.
`
`52.
`
`Pursuant to 35 U.S.C. § 282, the ‘055 Patent is presumed valid.
`
`A predecessor of the ‘055 Patent, Pat. 8,984,644, was involved in a proceeding
`
`before the Patent and Trial Appeal Board (“PTAB”) of United States Patent and Trademark Office
`
`(“USPTO”), IPR2017-02192 (“IPR Proceeding”). In a Final Written Decision dated April 8, 2019,
`
`the PTAB held that claims 1, 7, and 14 of the ‘644 patent were unpatentable. SecurityProfiling
`
`appealed the decision to the Federal Circuit Court of Appeals. The Court upheld the PTAB
`
`decision without any opinion under Rule 36 of the Federal Circuit Rules of Procedures.
`
`53.
`
`The asserted claims of the ‘055 Patent are materially different from the claims that
`
`had been considered in the IPR Proceeding. As one critical example, the PTAB’s decision rested
`
`entirely on its determination that the “user option” limitation found in the prior ‘644 Patent claims
`
`was not supported by any prior application leading to the ‘644 Patent. The asserted claims of the
`
`‘055 Patent do not include a “user option” limitation. Thus, the Final Written Decision in the IPR
`
`Proceeding does not render invalid the asserted claims of the ‘055 Patent.
`
`54.
`
`The claims of the ‘055 Patent are not abstract and are patent-eligible under 35
`
`U.S.C. §101. The eligibility of the ‘055 Patent claims is further supported by the prosecution
`
`history of the ‘066 Patent recited above with respect to Count I, and here incorporated by reference.
`
`55.
`
`VMware has directly infringed and continues to infringe under 35 U.S.C. §271(a)
`
`at least claim 7 of the ‘055 Patent by making, using, selling and marketing Carbon Black Cloud.
`
`56.
`
`A comparison of claim 7 of the ‘055 Patent to Carbon Black Cloud systems is
`
`- 13 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 14 of 21
`
`attached as Exhibit 12, which is incorporated herein by reference.
`
`57.
`
`VMware was and/or is on notice of the ‘055 patent and its infringement thereof at
`
`least as early as March 2023.
`
`58.
`
`VMware’s acts of infringement have caused and continues to cause damage to
`
`SecurityProfiling. SecurityProfiling is entitled to recover from VMware the damages sustained by
`
`SecurityProfiling as a result of VMware’s wrongful acts.
`
`COUNT V
`
`DIRECT INFRINGEMENT OF U.S. PATENT NO. 10,547,631
`
`59.
`
`SecurityProfiling hereby restates and re-alleges the allegations set forth in the
`
`preceding paragraphs 1-58 and incorporates them by reference.
`
`60.
`
`SecurityProfiling is the owner by assignment of United States Patent No.
`
`10,547,631 entitled “Real-Time Vulnerability Monitoring” (“the ‘631 Patent”). The ‘631 Patent
`
`was duly and legally issued on January 28, 2020. A true and correct copy of the ‘631 Patent is
`
`attached as Exhibit 5.
`
`61.
`
`62.
`
`Pursuant to 35 U.S.C. § 282, the ‘631 Patent is presumed valid.
`
`A predecessor of the ‘631 Patent, Pat. 8,984,644, was involved in a proceeding
`
`before the Patent and Trial Appeal Board (“PTAB”) of United States Patent and Trademark Office
`
`(“USPTO”), IPR2017-02192 (“IPR Proceeding”). In a Final Written Decision dated April 8, 2019,
`
`the PTAB held that claims 1, 7, and 14 of the ‘644 patent were unpatentable. SecurityProfiling
`
`appealed the decision to the Federal Circuit Court of Appeals. The Court upheld the PTAB
`
`decision without any opinion under Rule 36 of the Federal Circuit Rules of Procedures.
`
`63.
`
`The asserted claims of the ‘631 Patent are materially different from the claims that
`
`had been considered in the IPR Proceeding. As one critical example, the PTAB’s decision rested
`
`- 14 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 15 of 21
`
`entirely on its determination that the “user option” limitation found in the prior ‘644 Patent claims
`
`was not supported by any prior application leading to the ‘644 Patent. The asserted claims of the
`
`‘631 Patent do not include a “user option” limitation. Thus, the Final Written Decision in the IPR
`
`Proceeding does not render invalid the asserted claims of the ‘631 Patent.
`
`64.
`
`The claims of the ‘631 Patent are not abstract and are patent-eligible under 35
`
`U.S.C. §101. The eligibility of the ‘631 Patent claims is further supported by the prosecution
`
`history of the ‘066 Patent recited above with respect to Count I, and here incorporated by reference.
`
`65.
`
`VMware has directly infringed and continues to infringe under 35 U.S.C. §271(a)
`
`at least claim 6 of the ‘631 Patent by making, using, selling and marketing Carbon Black Cloud.
`
`66.
`
`A comparison of claim 6 of the ‘631 Patent to Carbon Black Cloud systems is
`
`attached as Exhibit 13, which is incorporated herein by reference.
`
`67.
`
`VMware was and/or is on notice of the ‘631 patent and its infringement thereof at
`
`least as early as March 2023.
`
`68.
`
`VMware’s acts of infringement have caused and continues to cause damage to
`
`SecurityProfiling. SecurityProfiling is entitled to recover from VMware the damages sustained by
`
`SecurityProfiling as a result of VMware’s wrongful acts.
`
`COUNT VI
`
`DIRECT INFRINGEMENT OF U.S. PATENT NO. 10,075,466
`
`69.
`
`SecurityProfiling hereby restates and re-alleges the allegations set forth in the
`
`preceding paragraphs 1-68 and incorporates them by reference.
`
`70.
`
`SecurityProfiling is the owner by assignment of United States Patent No.
`
`10,075,466 entitled “Real-Time Vulnerability Monitoring” (“the ‘466 Patent”). The ‘466 Patent
`
`was duly and legally issued on September 11, 2018. A true and correct copy of the ‘466 Patent is
`
`- 15 -
`
`

`

`Case 6:23-cv-00768 Document 1 Filed 11/10/23 Page 16 of 21
`
`attached as Exhibit 6.
`
`71.
`
`72.
`
`Pursuant to 35 U.S.C. § 282, the ‘466 Patent is presumed valid.
`
`A predecessor of the ‘466 Patent, Pat. 8,984,644, was involved in a proceeding
`
`before the Patent and Trial Appeal Board (“PTAB”) of United States Patent and Trademark Office
`
`(“USPTO”), IPR2017-02192 (“IPR Proceeding”). In a Final Written Decision dated April 8, 2019,
`
`the PTAB held that claims 1, 7, and 14 of the ‘644 patent were unpatentable. SecurityProfiling
`
`appealed the decision to the Federal Circuit Court of Appeals. The Court upheld the PTAB
`
`decision without any opinion under Rule 36 of the Federal Circuit Rules of Procedures.
`
`73.
`
`The asserted claims of the ‘466 Patent are materially different from the claims that
`
`had been considered in the IPR Proceeding. As one critical example, the PTAB’s decision rested
`
`entirely on its determination that the “user option” limitation found in the prior ‘644 Patent claims
`
`was not supported by any prior application leading to the ‘644 Patent. The asserted claims of the
`
`‘466 Patent do not include a “user option” limitation. Thus, the Final Written Decision in the IPR
`
`Proceeding does not render invalid the asserted claims of the ‘466 Patent.
`
`74.
`
`The claims of the ‘466 Patent are not abstract and are patent-eligible under 35
`
`U.S.C. §101. The eligibility of the ‘466 Patent claims is further supported by the prosecution
`
`history of the ‘066 Patent recited above with respect to Count I, and