Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 1 of 84
`Case 4:18-cv-07229—YGR Document 44-7 Filed 02/28/20 Page 1 of 84
`
`EXHIBIT F
`
`EXHIBIT F
`
`
`Case 4:18-cv-07229—YGR Document 44-7 Filed 02/28/20 Page 1 of 84
`
`EXHIBIT F
`
`EXHIBIT F
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 2 of 84
`Case 4:18-cv-07229—YGR Document 44-7 Filed 02/28/20 Page 2 of 84
`
`APPENDIX A
`
`
`
`
`APPENDIX A
`
`
`
`
`
`
`
`
`
`
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 3 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`Claim 1
`
`1a. A method comprising:
`
`The Accused Products perform the method of claim 1 as further explained with reference to elements 1b‐1d.
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`qualys‐overview‐paper.pdf
`
`1
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 4 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`2
`
`1b. Contention No. 1 – Qualys Accused Products receive by an inspector a Downloadable at the
`Qualys Secure Operations Centers
`
`Each of the Qualys Accused Products include a respective inspector at the Qualys Secure Operations
`Centers that receives Downloadables from the Internet, web applications, internal networks, and public
`and private clouds. As shown below, a Downloadable is received by the Qualys Accused Products via a
`node that is part of the Qualys Cloud computing environment.
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`Inspector
`
`2
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 5 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`3
`
`1b. Contention No. 2 – Qualys Accused Products receive by an inspector a Downloadable at the
`Qualys scanners
`
`Each of the Qualys Accused Products include a respective inspector at the Qualys scanner (either
`external, internal, physical or virtual) that receives Downloadables from the Internet, web applications,
`internal networks, and public and private clouds. As shown below, a Downloadable is received by the
`Qualys Accused Products via respective Qualys scanners (either external, internal, physical or virtual).
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`Inspector
`
`3
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 6 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`4
`
`1b. Contention No. 3 – Qualys Accused Products receive by an inspector a Downloadable at the client
`computing device
`
`Each of the Qualys Accused Products include an inspector at a respective client computing device for
`receiving incoming Downloadables from the Internet, web applications, internal networks, and public
`and private clouds. As shown below, a Downloadable is received by the Qualys Accused Products via the
`client computer.
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`Inspector
`
`4
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 7 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`5
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable.
`
`The inspector for Malware Detection (MD) (either alone or in combination with WAS, WAF, Secure Seal, VM, TP,
`and/or CM) performs a variety of static and dynamic behavioral analyses to generate a Downloadable security
`profile (DSP) that identifies suspicious code in a received Downloadable. The suspicious code identified in the
`DSP causes malware infections.
`Inspector for MD identifies suspicious code
`
`Dynamic
`+
`Static
`
`Malware Detection FAQ _ Qualys, Inc..pdf
`
`5
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 8 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`6
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile that
`identifies suspicious code in the received Downloadable (continued)
`
`The inspector for MD (either alone or in combination with WAS, WAF, Secure Seal, VM, TP, and/or CM) performs a variety of static and
`behavioral analyses to generate a DSP that identifies suspicious code in the received Downloadable. The suspicious code identified in the
`DSP includes “Encoded JavaScript,” “Document.write with obfuscation,” “Web Bugs” “Vulnerable Control Instantiation,” “Character
`encoding on inline frames,” “Microsoft Windows registry keys being written,” “Rogue processes being started,” “programs being installed
`and started,” “files being written to a disk,” “disabling security controls, anti‐forensic operations, file access, processes, services, etc.”
`
`Inspector for
`MD identifies
`suspicious
`code
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`marekforinfodaymdspresentation20120606‐120607075424‐phpapp01.pdf
`
`https://www.youtube.com/watch?v=_H5vngwVuNg
`
`6
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 9 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`7
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for MD (either alone or in combination with WAS, WAF, Secure Seal, VM, TP, and/or CM) performs
`dynamic behavioral analysis to generate a DSP that identifies suspicious code in the received Downloadable.
`
`Inspector for
`MD identifies
`suspicious
`code in the
`received
`Downloadable
`
`dynamic analysis
`
`dissectpeproject‐gabriel‐110816130546‐phpapp01.pdf
`
`7
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 10 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`8
`
`Claim 1
`
`1a. A method comprising:
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile that identifies suspicious
`code in the received Downloadable (continued)
`
`The inspector for Web Application Scanning (WAS) (either alone or in combination with MD, WAF, Secure Seal, VM, TP, and/or CM)
`performs a variety of static and behavioral analyses to generate a DSP that identifies suspicious and “malicious code” in the received
`Downloadable. The suspicious code identified causes “zero‐day malware that eludes anti‐virus and anti‐spyware” software.
`
`Identifies
`suspicious code
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`Qualys Web Application Scanning (WAS) _ Qualys, Inc..pdf
`
`8
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 11 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`9
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for WAS (either alone or in combination with MD, WAF, Secure Seal, VM, TP, and/or CM) performs
`a variety of static and dynamic analyses to generate a DSP that identifies suspicious code in the received
`Downloadable. The suspicious code identified in the DSP generated by the inspector for WAS causes malware
`infections and “Zero Day Risk.”
`
`Inspector for
`WAS generates
`a DSP that
`identifies
`suspicious
`code
`
`Static
`+
`Dynamic
`
`msk‐qualysguardroadmapforh2‐2013‐201420130917‐130924091408‐phpapp02.pdf
`
`9
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 12 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`10
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile that
`identifies suspicious code in the received Downloadable (continued)
`
`The inspector for Web Application Firewall (WAF) (either alone or in combination with WAS, MD, Secure Seal, VM, TP, and/or
`CM) performs analyses to generate a DSP for identifying suspicious code in a received Downloadable. The DSP generated by
`the inspector for WAF identifies suspicious code in the received Downloadable that causes malware infections and “zero‐
`day” attacks.
`
`Inspector for WAF
`generates a DSP
`that identifies
`suspicious code
`
`WAF
`
`https://docplayer.net/1990870‐Web‐application‐firewall.html
`
`Qualys Web Application Firewall (WAF) _ Qualys, Inc..pdf
`
`10
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 13 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`11
`
`Claim 1
`
`1a. A method comprising:
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile that identifies suspicious
`code in the received Downloadable (continued)
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`The inspector for Web Application Firewall (WAF) (either alone or in combination with WAS, MD, Secure Seal, VM, TP, and/or CM)
`performs analyses to generate a DSP that identifies suspicious code in the received Downloadable. The suspicious code identified causes
`“injection attacks like command, SQL, Javascript, Files, etc.”
`
`Inspector for
`WAF
`identifies
`suspicious
`code
`
`msk‐wafpresentation20130906‐130924091415‐phpapp01.pdf
`
`11
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 14 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`12
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for Secure Seal (either alone or in combination with MD, WAS, WAF, VM, TP, and/or CM) performs
`analyses to generate a DSP that identifies the suspicious code that translates to potentially malicious software in
`the received Downloadable.
`
`Secure Seal
`identifies
`suspicious
`code
`
`Qualys SECURE Seal _ Qualys, Inc..pdf
`
`12
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 15 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`13
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for Vulnerability Management (VM) (either alone or in combination with MD, WAS, WAF, Secure
`Seal, TP, and/or CM) performs analyses to generate a DSP for a received Downloadable that identifies suspicious
`code in the received Downloadable. The security profile generated from the inspector for VM identifies suspicious
`code that causes malware infections and zero‐day threats.
`
`Inspector for VM
`generates a DSP that
`identifies suspicious
`code
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`marek‐qgsuiteupdatesnewfeatures20120606‐120607075251‐phpapp01.pdf
`
`13
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 16 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`14
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for CM (either alone or in combination with MD, WAS, WAF, Secure Seal, VM, and/or TP) performs
`analyses to generate a DSP that identifies suspicious code in a received Downloadable.
`
`DSP that
`identifies
`suspicious code
`in the received
`Downloadable
`
`https://www.qualys.com/apps/vulnerability‐management/
`
`14
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 17 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`15
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for ThreatPROTECT(TP) (either alone or in combination with MD, WAS, WAF, Secure Seal, VM,
`and/or CM) performs analyses to generate a DSP that identifies suspicious code in the received Downloadable,
`which provides “Realtime Threat Intelligence Attributes” for “Zero Day” and other active attacks. The DSP
`generated by the inspector for TP identifies suspicious code that causes “Zero Day” malware and attacks with
`“high lateral movement.”
`
`Downloadable
`scanner for TP
`derives
`security profile
`data
`
`rsac2016‐qualys‐threatprotect‐170112004807.pdf
`
`15
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 18 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`16
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`The inspector for Cloud Agent generates a security profile for a received Downloadable. The inspector for Cloud
`Agent (either alone or in combination with MD, WAS, WAF, Secure Seal, VM, TP, and/or CM) performs analyses to
`generate a DSP that identifies suspicious code in the received Downloadable.
`
`Inspector for
`Cloud Agent
`generates a
`Downloadable
`security profile
`
`https://www.qualys.com/videos/platform/cloud‐agent/intro/
`
`16
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 19 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`17
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile that
`identifies suspicious code in the received Downloadable (continued)
`
`The Qualys Accused Products may also analyze information gathered from previous scans, Qualys researchers, and/or
`external data feeds to generate a DSP that identifies suspicious code in a received Downloadable.
`
`security_wp_mva.pdf
`
`https://www.qualys.com/apps/vulnerabil
`ity‐management/
`
`threatprotect‐datasheet.pdf
`
`17
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 20 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`18
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1c. All Contentions – Qualys Accused Products generate by the inspector a first Downloadable security profile
`that identifies suspicious code in the received Downloadable (continued)
`
`Doctrine of Equivalents:
`
`To the extent that the Qualys Accused Products do not literally infringe this claim element, Qualys infringes under
`the doctrine of equivalents. The above described functionality of the Qualys Accused Products is at most
`insubstantially different from the claimed functionality and performs substantially the same function in
`substantially the same way to achieve substantially the same result.
`
`The Qualys Accused Products perform the same function because each inspects Downloadables for suspicious
`code. For example, the inspector for MD performs behavioral analyses to generate a DSP for the received
`Downloadable. The behavioral analysis identifies suspicious code in the received Downloadable and this
`information is part of the DSP. Therefore, the Qualys Accused Products perform substantially the same function
`as the claimed functionality.
`
`The Qualys Accused Products perform this function in substantially the same way as the claimed functionality
`because each uses an inspector to generate a profile that identifies suspicious code in the received
`Downloadable. For example, the inspector for MD generates a DSP that identifies suspicious code in the received
`Downloadable by performing analyses, such as behavioral analyses, on the Downloadable to identify that
`suspicious code. Therefore, the Qualys Accused Products perform this function in substantially the same way as
`the claimed element.
`
`Finally, the Qualys Accused Products achieve the same result as this element because the profile that is generated
`identifies Downloadables that may contain suspicious code. For example, the inspector for MD uses behavioral
`analysis to generate a DSP, and suspicious code is identified by that behavioral analysis and the DSP identifies that
`suspicious code. Therefore, the Qualys Accused Products achieve the same result as this element.
`
`18
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 21 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`19
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1d. All Contentions – Qualys Accused Products link by the inspector the first Downloadable security profile to
`the Downloadable before a web server makes the Downloadable available to web clients.
`
`The inspector for MD links the generated DSP to the Downloadable before a web server makes the Downloadable
`available to web clients. As shown below, the DSP provides “all the details about the detected malware,”
`including suspicious code identified, and is linked to the Downloadable “immediately upon completion of a scan.”
`An alert or notification will be sent by email “if malware was found.”
`
`DSP is linked before the
`Downloadable is made
`available to web clients
`
`Malware Detection FAQ _ Qualys, Inc..pdf
`
`19
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 22 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`20
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1d. All Contentions – Qualys Accused Products link by the inspector the first Downloadable security profile to
`the Downloadable before a web server makes the Downloadable available to web clients. (continued)
`
`The inspector for MD links the generated DSP to the Downloadable before a web server makes the Downloadable
`available to web clients. As shown below, the “Scan Results” are linked to the Downloadable.
`
`DSP linked to the
`Downloadable
`
`marekforinfodaymdspresentation20120606‐120607075424‐phpapp01.pdf
`
`20
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 23 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`21
`
`1d. All Contentions – Qualys Accused Products link by the inspector the first Downloadable security profile to the
`Downloadable before a web server makes the Downloadable available to web clients. (continued)
`
`The inspector for WAS links the generated DSP to the Downloadable before a web server makes the Downloadable available
`to web clients. As shown below, the inspector for WAS uses behavioral analysis to generate a DSP that identifies suspicious
`code that causes malware infections. The inspector for WAS links the DSP to the Downloadable and alerts users so that they
`can initiate subsequent actions.
`
`DSP is linked before the
`Downloadable is made
`available to web clients
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`web‐application‐scanning‐datasheet.pdf
`
`21
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 24 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`22
`
`1d. All Contentions – Qualys Accused Products link by the inspector the first Downloadable security profile to the
`Downloadable before a web server makes the Downloadable available to web clients. (continued)
`
`The inspector for WAF links the generated DSP to the Downloadable before a web server makes the Downloadable available
`to web clients. The “susicious activity” detected and the suspicious code identified is linked to the Downloadable. As shown
`below, “additional information” gathered from internal and/or external sources, such as KnowledgeBase database, are linked
`to the Downloadable. The DSP is linked to the Downloadable so that it can be addressed before it is made available to web
`clients.
`Linking the DSP to the Downloadable
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`Qualys Web Application Firewall (WAF) _ Qualys, Inc..pdf
`
`22
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 25 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`23
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1d. All Contentions – Qualys Accused Products link by the inspector the first Downloadable security profile to
`the Downloadable before a web server makes the Downloadable available to web clients. (continued)
`
`The inspector for Secure Seal links the DSP to the Downloadable before a web server makes the Downloadable
`available to web clients. Analysis results and recommended solutions are linked to the Downloadable before the
`web server makes the Downloadable available to web clients.
`
`DSP linked to the Downloadable
`
`Qualys SECURE Seal _ Qualys, Inc..pdf
`
`23
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 26 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`24
`
`1d. All Contentions – Qualys Accused Products link by the inspector the first Downloadable security profile to
`the Downloadable before a web server makes the Downloadable available to web clients. (continued)
`
`The inspector for VM links the DSP to the Downloadable before a web server makes the Downloadable available
`to web clients. The inspector for VM links the DSP to the Downloadable and alerts users of the zero‐day threats
`detected.
`
`DSP linked to the
`Downloadable
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`marek‐qgsuiteupdatesnewfeatures20120606‐120607075251‐phpapp01.pdf
`
`24
`
`© 2018 Finjan, Inc. ALL RIGHTS RESERVED
`Subject to FRE 408
`
`
`
`Case 4:18-cv-07229-YGR Document 44-7 Filed 02/28/20 Page 27 of 84
`
`US Patent No. 6,154,844
`System and Method for Attaching a Downloadable Security Profile to a Downloadable
`
`25
`
`Claim 1
`
`1a. A method comprising:
`
`1b. receiving by an inspector
`a Downloadable;
`
`1c. generating by the
`inspector a first
`Downloadable security profile
`that identifies suspicious code
`in the received
`Downloadable; and
`
`1d. linking by the inspector
`the first Downloadable
`security profile to the
`Downloadable before a web
`server makes the
`Downloadable available to
`web clients.
`
`1d. All Contentions – Qualys Accused Products perform linking by the inspector the first Downloadable security profile to
`the Downloadable before a web server makes the Downloadable available to web clients. (continued)
`
`The inspector for CM links the DSP to the Downloadable before a web serve
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
