`
`
`
`PAUL ANDRE (State Bar No. 196585)
`pandre@kramerlevin.com
`LISA KOBIALKA (State Bar No. 191404)
`lkobialka@kramerlevin.com
`JAMES HANNAH (State Bar No. 237978)
`jhannah@kramerlevin.com
`KRAMER LEVIN NAFTALIS & FRANKEL LLP
`990 Marsh Road
`Menlo Park, CA 94025
`Telephone: (650) 752-1700
`Facsimile: (650) 752-1800
`
`Attorneys for Plaintiff
`FINJAN, INC.
`
`
`IN THE UNITED STATES DISTRICT COURT
`
`FOR THE NORTHERN DISTRICT OF CALIFORNIA
`
`FINJAN, INC., a Delaware Corporation,
`
`
`
`
`
`
`Plaintiff,
`
`v.
`
`
`ESET, LLC, a California Limited Liability
`Corporation, and ESET SPOL. S.R.O., a Slovak
`Republic Corporation,
`
`
`Defendants.
`
`
`
`
`
`
`
`
`
`Case No.:
`
`COMPLAINT FOR PATENT
`INFRINGEMENT
`
`DEMAND FOR JURY TRIAL
`
`
`
`
`
`
`
`
`
`____________________________________________________________________________________
`COMPLAINT FOR PATENT INFRINGEMENT
`CASE NO.
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.2 Page 2 of 37
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`Plaintiff Finjan, Inc. (“Finjan”) files this Complaint for Patent Infringement and Demand for
`
`Jury Trial against ESET, LLC and ESET SPOL. S.R.O. (“Defendants” or “ESET”) and allege as
`
`follows:
`
`THE PARTIES
`
`1.
`
`Finjan is a Delaware Corporation, with its principal place of business at 2000 University
`
`Avenue, Suite 600, E. Palo Alto, California 94303.
`
`2.
`
`ESET, LLC is a California Corporation with its principal place of business at 610 West
`
`Ash Street, Suite 1700, San Diego, California 92101. ESET, LLC may be served through its agent for
`
`service of process Andrew Lee at 610 West Ash Street, Suite 1700, San Diego, CA 92101. ESET, LLC
`
`is also known as ESET North America.
`
`3.
`
`ESET SPOL. S.R.O is a Slovak Republic Corporation with its principal place of
`
`business at Aupark Tower, 16th Floor, Einsteinova 24, 851 01 Bratislava, Slovak Republic. Upon
`
`information and belief, ESET, LLC is a wholly-owned subsidiary of ESET SPOL. S.R.O.
`
`JURISDICTION AND VENUE
`
`4.
`
`This action arises under the Patent Act, 35 U.S.C. § 101 et seq. This Court has original
`
`jurisdiction over this controversy pursuant to 28 U.S.C. §§ 1331 and 1338.
`
`5.
`
`6.
`
`Venue is proper in this Court pursuant to 28 U.S.C. §§ 1391(b) and (c) and/or 1400(b).
`
`This Court has personal jurisdiction over Defendants. Upon information and belief,
`
`Defendants do business in this District and have, and continues to, infringe and/or induce the
`
`infringement in this District. In addition, the Court has personal jurisdiction over Defendants because
`
`minimum contacts have been established with the forum and the exercise of jurisdiction would not
`
`offend traditional notions of fair play and substantial justice.
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`1
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.3 Page 3 of 37
`
`
`
`INTRADISTRICT ASSIGNMENT
`
`7.
`
`Pursuant to Local Rule 3-2(c), Intellectual Property Actions are assigned on a district-
`
`wide basis.
`
`FINJAN’S INNOVATIONS
`
`8.
`
`Finjan was founded in 1997 as a wholly-owned subsidiary of Finjan Software Ltd., an
`
`Israeli corporation. Finjan was a pioneer in developing proactive security technologies capable of
`
`detecting previously unknown and emerging online security threats recognized today under the
`
`umbrella of “malware.” These technologies protect networks and endpoints by identifying suspicious
`
`patterns and behaviors of content delivered over the Internet. Finjan has been awarded, and continues
`
`to prosecute, numerous patents covering innovations in the United States and around the world
`
`resulting directly from Finjan’s more than decades-long research and development efforts, supported
`
`by a dozen inventors, and over $65 million in R&D investments.
`
`9.
`
`Finjan built and sold software, including application programing interfaces (APIs), and
`
`appliances for network security using these patented technologies. These products and customers
`
`continue to be supported by Finjan’s licensing partners. At its height, Finjan employed nearly 150
`
`employees around the world building and selling security products and operating the Malicious Code
`
`Research Center through which it frequently published research regarding network security and current
`
`threats on the Internet. Finjan’s pioneering approach to online security drew equity investments from
`
`two major software and technology companies, the first in 2005, followed by the second in 2006.
`
`Through 2009, Finjan generated millions of dollars in product sales and related services and support
`
`revenues. Finjan became a publicly traded company in June 2013, capitalized with $30 million. After
`
`Finjan’s obligations under the non-compete and confidentiality agreement expired in March 2015,
`
`Finjan re-entered the development and production sector of secure products for the consumer market.
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`2
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.4 Page 4 of 37
`
`
`
`10.
`
`On November 28, 2000, U.S. Patent No. 6,154,844 (“the ‘844 Patent”), entitled
`
`SYSTEM AND METHOD FOR ATTACHING A DOWNLOADABLE SECURITY PROFILE TO A
`
`DOWNLOADABLE, was issued to Shlomo Touboul and Nachshon Gal. A true and correct copy of
`
`the ‘844 Patent is attached to this Complaint as Exhibit A and is incorporated by reference herein.
`
`11.
`
`All rights, title, and interest in the ‘844 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘844 Patent. Finjan has been the sole owner of the ‘844 Patent since its issuance.
`
`12.
`
`The ‘844 Patent is generally directed towards computer networks, and more
`
`particularly, provides a system that protects devices connected to the Internet from undesirable
`
`operations from web-based content. One of the ways this is accomplished is by linking a security
`
`profile to such web-based content to facilitate the protection of computers and networks from
`
`malicious web-based content.
`
`13.
`
`On October 12, 2004, U.S. Patent No. 6,804,780 (“the ‘780 Patent”), entitled SYSTEM
`
`AND METHOD FOR PROTECTING A COMPUTER AND A NETWORK FROM HOSTILE
`
`DOWNLOADABLES, was issued to Shlomo Touboul. A true and correct copy of the ‘780 Patent is
`
`attached to this Complaint as Exhibit B and is incorporated by reference herein.
`
`14.
`
`All rights, title, and interest in the ‘780 Patent have been assigned to Finjan, which is
`
`the sole owner of the ‘780 Patent. Finjan has been the sole owner of the ‘780 Patent since its issuance.
`
`15.
`
`The ‘780 Patent is generally directed towards methods and systems for generating a
`
`Downloadable ID. By generating an identification for each examined Downloadable, the system may
`
`allow for the Downloadable to be recognized without reevaluation. Such recognition increases
`
`efficiency while also saving valuable resources, such as memory and computing power.
`
`16.
`
`On July 5, 2011, U.S. Patent No. 7,975,305 (“the ‘305 Patent”), entitled METHOD
`
`AND SYSTEM FOR ADAPTIVE RULE-BASED CONTENT SCANNERS FOR DESKTOP
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`3
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.5 Page 5 of 37
`
`
`
`COMPUTERS, was issued to Moshe Rubin, Moshe Matitya, Artem Melnick, Shlomo Touboul,
`
`Alexander Yermakov and Amit Shaked. A true and correct copy of the ‘305 Patent is attached to this
`
`Complaint as Exhibit C and is incorporated by reference herein.
`
`17.
`
`All rights, title, and interest in the ‘305 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘305 Patent. Finjan has been the sole owner of the ‘305 Patent since its issuance.
`
`18.
`
`The ‘305 Patent is generally directed towards network security and, in particular, rule
`
`based scanning of web-based content for exploits. One of the ways this is accomplished is by using
`
`parser and analyzer rules to describe computer exploits as patterns of types of tokens. Additionally,
`
`the system provides a way to keep these rules updated.
`
`19.
`
`On December 13, 2011, U.S. Patent No. 8,079,086 (“the ‘086 Patent”), entitled
`
`MALICIOUS MOBILE CODE RUNETIME MONITORING SYSTEM AND METHODS, was issued
`
`to Yigal Mordechai Edery, Nimrod Itzhak Vered, David R Kroll and Shlomo Touboul. A true and
`
`correct copy of the ‘086 Patent is attached hereto as Exhibit D and is incorporated herein.
`
`20.
`
`All rights, title, and interest in the ‘086 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘086 Patent. Finjan has been the sole owner of the ‘086 Patent since its issuance.
`
`21.
`
`The ‘086 Patent is generally directed towards computer networks and, more
`
`particularly, provides a system that protects devices connected to the Internet from undesirable
`
`operations from web-based content. One of the ways this is accomplished is by creating a profile of
`
`the web-based content and sending these profiles and corresponding web-content to another computer
`
`for appropriate action.
`
`22.
`
`On November 17, 2015, U.S. Patent No. 9,189,621 (“the ‘621 Patent”), entitled
`
`MALICIOUS MOBILE CODE RUNTIME MONITORING SYSTEM AND METHODS, was issued
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`4
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.6 Page 6 of 37
`
`
`
`to Shlomo Touboul. A true and correct copy of the ‘621 Patent is attached hereto as Exhibit E and is
`
`incorporated by reference herein.
`
`23.
`
`All rights, title, and interest in the ‘621 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘621 Patent. Finjan has been the sole owner of the ‘621 Patent since its issuance.
`
`24.
`
`The ‘621 Patent is generally directed towards a system for determining whether a
`
`downloadable is suspicious that includes a processor, a plurality of operating system probes, an
`
`interrupter, a first comparator, and a response engine.
`
`25.
`
`On December 22, 2015, U.S. Patent No. 9,219,755 (“the ‘755 Patent”), entitled
`
`MALICIOUS MOBILE CODE RUNTIME MONITORING SYSTEM AND METHODS, was issued
`
`to Shlomo Touboul. A true and correct copy of the ‘755 Patent is attached hereto as Exhibit F and is
`
`incorporated by reference herein.
`
`26.
`
`All rights, title, and interest in the ‘755 Patent have been assigned to Finjan, who is the
`
`sole owner of the ‘755 Patent. Finjan has been the sole owner of the ‘755 Patent since its issuance.
`
`27.
`
`The ‘755 Patent generally covers a system for reviewing an operating system call issued
`
`by a downloadable that includes a processor, an operating system probe, a runtime environment
`
`monitor, a response engine, a downloadable engine, a request broker, a file system probe and a
`
`network system probe, and an event router.
`
`ESET
`
`28.
`
`ESET makes, uses, sells, offers for sale, and/or imports into the United States and this
`
`District products and services that utilize ESET ThreatSense (“ThreatSense”), ESET Advanced
`
`Heuristic, ESET DNA Signature, Host-based Intrusion Prevention System (HIPS), and/or ESET
`
`LiveGrid (“LiveGrid”) technologies, including ESET’s Home Protection, Small Office, and Business
`
`product lines and ESET’s Services.
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`5
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.7 Page 7 of 37
`
`
`
`29.
`
`ESET’s Home Protection products are ESET Multi-Device Security, ESET NOD32
`
`Antivirus (“NOD32”), ESET Smart Security, ESET Cyber Security, ESET Cyber Security Pro, ESET
`
`Mobile Security for Android, and ESET NOD32 Antivirus for Linux (collectively “Accused ESET
`
`Home Protection Products”), as described in https://www.eset.com/int/home/, attached hereto as
`
`Exhibit G.
`
`30.
`
`ESET’s Small Office Protection products are ESET Multi-Device Home Office, ESET
`
`Small Office Security, and ESET Small Business Security Pack (collectively “Accused ESET Small
`
`Office Protection Products”), as described in https://www.eset.com/us/products/soho/, attached hereto
`
`as Exhibit H.
`
`31.
`
`ESET’s Business Protection Products are ESET Endpoint Antivirus for Windows,
`
`ESET Endpoint Security for Windows, ESET Endpoint Antivirus for OS X, ESET Endpoint Security
`
`for OS X, ESET Endpoint Antivirus for Linux, ESET Endpoint Security for Android, ESET Mail
`
`Security for Microsoft Exchange Server, ESET Mail Security for Linux/BSD, ESET Mail Security for
`
`Kerio, ESET Mail Security for IBM Domino, ESET Gateway Security for Linux/BSD, ESET Gateway
`
`Security for Kerio, ESET File Security for Microsoft Windows Server, ESET File Security for
`
`Linux/BSD, and ESET Security for Virtual Environment (collectively “Accused ESET Business
`
`Protection Products”), as described in https://www.eset.com/us/business/, attached hereto as Exhibit I.
`
`ThreatSense Engine
`
`32.
`
`ThreatSense is an anti-virus or threat engine, which powers all of ESET’s products.
`
`The engine performs advanced heuristic threat detection capable of identifying and preventing never-
`
`seen before, zero-day computer threats from affecting a computer system. Shown below is diagram
`
`illustrating the operation of ThreatSense:
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`6
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.8 Page 8 of 37
`
`
`
`
`
`See ESET Nod32 Antivirus System Remote Administrator Overview at 4, available at
`
`http://www.download.eset.com/manuals/ra_ovw.pdf, attached hereto as Exhibit J.
`
`33.
`
`ThreatSense can detect and prevent malicious content such as viruses, trojans, worms,
`
`adware, spyware, phishing attacks, riskware, application exploits and other forms of computer attacks.
`
`The detection and prevention mechanism is achieved by a combination of ThreatSense’s active
`
`heuristics requiring analysis of emulated code and passive heuristics requiring code analysis. With
`
`active heuristics, ThreatSense can execute the code to see what it actually does and execution occurs in
`
`a controlled, protected environment to avoid damage. In particular, ThreatSense runs the code in a
`
`virtual environment and examines the behavior performed in and changes made to the virtual
`
`environment in detecting threats. With passive heuristics, ThreatSense analyzes a program as it is
`
`scanned, tracing through the instructions in a program using static code analysis before passing the
`
`code to the processor for execution. In this process, suspicious code can be analyzed to see what it
`
`appears to be designed to do by using rules that look for patterns, routines, or program calls that
`
`indicate malicious behavior. Malicious behaviors can be identified, listed, and stored. Such malicious
`
`behavior information can be delivered to LiveGrid, which is a cloud-based counterpart for ESET
`
`products. In addition, ThreatSense submits suspicious files to LiveGrid for further analyses and to
`
`create a downloadable security profile.
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`7
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.9 Page 9 of 37
`
`
`
`LiveGrid
`
`34.
`
`LiveGrid is used by ESET’s products to collect data by ESET users worldwide,
`
`including users in the United States and this District, for analysis and providing updates to ESET users.
`
`LiveGrid maintains a comprehensive threat database of zero-day threats identified by ESET’s products
`
`and services. It collects malware-related information from millions of ESET users and determines how
`
`widely used a given file is, as well as its reputation – i.e., if it exhibits malicious behavior. In
`
`particular, malicious content along with other information is submitted and stored by the LiveGrid
`
`cloud database. See http://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-
`
`Technology-Overview.pdf, attached hereto as Exhibit K. Shown below is an illustration of the
`
`LiveGrid operation.
`
`See http://static4.esetstatic.com/fileadmin/Images/INT/Images/Article-Floated/ESET-
`
`Technology/Infographics/infographic-technology-livegrid.jpg, attached hereto as Exhibit L.
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`8
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.10 Page 10 of 37
`
`
`
`Heuristics/DNA/Smart Signatures
`
`35.
`
`ESET’s Heuristics (also known as Advanced Heuristics, DNA, Smart Signatures) is
`
`used by ESET’s products to provide proactive detection capabilities by analyzing downloadables,
`
`including JavaScript, to detect computer worms and Trojans using static analysis and emulation. In
`
`detecting advanced threats, ESET also uses heuristics that can identify complex malicious code
`
`patterns in web content. It helps identify exploits that are obfuscated and are not easily detected by
`
`traditional virus signature matching. ESET’s Heuristic technologies use a rule-based approach to
`
`diagnose a potentially malicious file, including rules that detects whether a potentially malicious
`
`program tries to copy itself, write on a disk, decrypt itself, binds to a networking port, or modifies files.
`
`ESET uses the heuristics to feed additional information into LiveGrid. See ESET NOD32 Antivirus 9
`
`User Guide, attached hereto as Exhibit M. In addition, ESET DNA and Smart Signatures use hashing
`
`techniques to provide unique downloadable identification of potentially malicious malware. See ESET
`
`Technology overview, available at
`
`https://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-Technology-Overview.pdf,
`
`attached hereto as Exhibit K.
`
`HIPS
`
`36.
`
`ESET’s HIPS technology monitors events within the operating system and reacts to
`
`them according to customized set of rules. HIPS uses advanced behavioral analysis techniques to
`
`monitor operating system calls such as running processes, files, and registry keys. See ESET NOD32
`
`Antivirus 9 User Guide, attached hereto as Exhibit M; see also:
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`9
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.11 Page 11 of 37
`
`
`
`See ESET Technology overview at 9, available at
`
`https://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-Technology-Overview.pdf,
`
`
`
`attached hereto as Exhibit K.
`
`Exploit Blocker
`
`37.
`
`Exploit blocker monitors the behavior of processes for suspicious activity that may
`
`indicate and exploit in applications such as web browsers, PDF readers, email clients and MS Office
`
`components. When Exploit Blocker identifies a suspicious process, it can stop the process and send
`
`information to the ESET Live cloud system. Additionally, there is also a Java Exploit Blocker, which
`
`is an extension of Exploit Blocker protection. The Java Exploit Blocker monitors Java looking for
`
`certain malicious or suspicious behaviors.
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`10
`
`CASE NO.
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.12 Page 12 of 37
`
`See ESET Technology overview at 7, available at
`
`
`
`https://static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/ESET-Technology-Overview.pdf,
`
`attached hereto as Exhibit K.
`
`ESET’S INFRINGEMENT OF FINJAN’S PATENTS
`
`38.
`
`Defendants have been and is now infringing the ‘844 Patent, ‘780 Patent, the ‘305
`
`Patent, the ‘086 Patent, the ‘621 Patent, and the ‘755 Patent (collectively “the Patents-In-Suit”) in this
`
`judicial District, and elsewhere in the United States by, among other things, making, using, importing,
`
`selling, and/or offering for sale the claimed system and methods on the Accused ESET’s Home
`
`Protection Products, Small Office Protection Products, Business Protection Products and Services.
`
`39.
`
`In addition to directly infringing the Patents-In-Suit pursuant to 35 U.S.C. § 271(a),
`
`either literally or under the doctrine of equivalents, or both, Defendants indirectly infringe all the
`
`Patents-In-Suit by instructing, directing and/or requiring others, including its customers, purchasers,
`
`users, and developers, to perform all or some of the steps of the method claims, either literally or under
`
`the doctrine of equivalents, or both, of the Patents-In-Suit.
`
`COUNT I
`(Direct Infringement of the ‘844 Patent pursuant to 35 U.S.C. § 271(a))
`
`40.
`
`Finjan repeats, realleges, and incorporates by reference, as if fully set forth herein, the
`
`allegations of the preceding paragraphs, as set forth above.
`
`41.
`
`Defendants have infringed and continues to infringe claims 1-44 of the ‘844 Patent in
`
`violation of 35 U.S.C. § 271(a).
`
`42.
`
`Defendants’ infringement is based upon literal infringement or infringement under the
`
`doctrine of equivalents, or both.
`
`43.
`
`Defendants’ acts of making, using, importing, selling, and/or offering for sale infringing
`
`products and services have been without the permission, consent, authorization, or license of Finjan.
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`11
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.13 Page 13 of 37
`
`
`
`44.
`
`Defendants’ infringement includes the manufacture, use, sale, importation and/or offer
`
`for sale of Defendants’ products and services, including Small Office Protection Products and Business
`
`Protection Products, which embody the patented invention of the ‘844 Patent. Such products include,
`
`ESET Small Business Security Pack, ESET Mail Security for Linux/BSD, ESET Mail Security for
`
`Kerio, ESET Gateway Security for Linux/BSD, and ESET Gateway Security for Kerio (collectively,
`
`the “’844 Accused Products”).
`
`45.
`
`The ‘844 Accused Products embody the patented invention of the ‘844 Patent and
`
`infringe the ‘844 Patent because they practice a method of receiving by an inspector a downloadable,
`
`generating by the inspector a first downloadable security profile that identifies suspicious code in the
`
`received downloadable and linking by the inspector the first downloadable security profile to the
`
`downloadable before a web server makes the downloadable available to web clients. For example, as
`
`shown below, ESET Gateway Security products, including ESET Gateway Security for Linux/BSD,
`
`and ESET Gateway Security for Kerio, provides gateway security to end users.
`
`ESET Gateway Security Installation Manual and User Guide at 12, attached hereto as Exhibit N.
`
`Incoming downloadables are received at the ESET Gateway, where they are either scanned there or
`
`submitted via Sample Submission System (a part of the ThreatSense technology). Using advanced
`
`
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`12
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.14 Page 14 of 37
`
`
`
`heuristics, a downloadable security profile is created and linked if the downloadable is unknown.
`
`Similarly, ESET Mail Security products, such as ESET Small Business Security Pack, ESET Mail
`
`Security for Linux/BSD, and ESET Mail Security for Kerio, have an email gateway that looks for
`
`incoming downloadables and scans the downloadable using advanced heuristics and LiveGrid
`
`technologies. In addition, ESET Mail Security products include Sample Submission System (a part of
`
`the ThreatSense technology). Using advanced heuristics, a downloadable security profile is created
`
`and linked if the downloadable is unknown.
`
`46.
`
`As a result of Defendants’ unlawful activities, Finjan has suffered and will continue to
`
`suffer irreparable harm for which there is no adequate remedy at law. Accordingly, Finjan is entitled
`
`to preliminary and/or permanent injunctive relief.
`
`47.
`
`Defendants’ infringement of the ‘844 Patent has injured and continues to injure Finjan
`
`in an amount to be proven at trial.
`
`48.
`
`Defendants are well aware of Finjan’s patents, including the ‘844 Patent, and have
`
`continued its infringing activity despite this knowledge. Finjan informed Defendants of its patent
`
`portfolio and infringement on or about January 22, 2015, and have provided representative claim charts
`
`specifically identifying how Defendant’s products and services infringe Finjan patents. Finjan
`
`attempted unsuccessfully to actively engage in good faith negotiations for over a year with Defendants
`
`regarding Finjan’s patent portfolio, including having a number of in-person and telephonic meetings
`
`from October 2015 through April 2016 explaining claim element by element Defendants’
`
`infringement.
`
`49.
`
`Despite knowledge of Finjan’s patent portfolio, being provided representative claim
`
`charts of several Finjan patents, and engaging in technical meetings regarding infringement of
`
`Defendants’ products and services, Defendants have refused to enter into good faith discussions with
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`13
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.15 Page 15 of 37
`
`
`
`Finjan, and have sold and continues to sell the accused products and services in complete disregard of
`
`Finjan’s patent rights. As such, Defendants have acted recklessly and continues to willfully, wantonly,
`
`and deliberately engage in acts of infringement of the ‘844 Patent, justifying an award to Finjan of
`
`increased damages under 35 U.S.C. § 284, and attorneys’ fees and costs incurred under 35 U.S.C. §
`
`285.
`
`COUNT II
`(Indirect Infringement of the ‘844 Patent pursuant to 35 U.S.C. § 271(b))
`
`50.
`
`Finjan repeats, realleges, and incorporates by reference, as if fully set forth herein, the
`
`allegations of the preceding paragraphs, as set forth above.
`
`51.
`
`Defendants have induced and continues to induce infringement of one or more claims of
`
`the ‘844 Patent under 35 U.S.C. § 271(b).
`
`52.
`
`In addition to directly infringing the ‘844 Patent, Defendants indirectly infringe the ‘844
`
`Patent pursuant to 35 U.S.C. § 271(b) by instructing, directing and/or requiring others, including its
`
`customers, purchasers, users, or developers, to perform one or more of the steps of the method claims,
`
`either literally or under the doctrine of equivalents, of the ‘844 Patent, where all the steps of the
`
`method claims are performed by either ESET, its customers, purchasers, users or developers, or some
`
`combination thereof. Defendants knew or was willfully blind to the fact that it was inducing others,
`
`including customers, purchasers, users or developers, to infringe by practicing, either themselves or in
`
`conjunction with Defendants, one or more method claims of the ‘844 Patent, including claims 1-14 and
`
`23-31.
`
`53.
`
`Defendants knowingly and actively aided and abetted the direct infringement of the
`
`‘844 Patent by instructing and encouraging its customers, users and developers to use the ‘844
`
`Accused Products. Such instructions and encouragement include but are not limited to, advising third
`
`parties to use the ‘844 Accused Products in an infringing manner, providing a mechanism through
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`14
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.16 Page 16 of 37
`
`
`
`which third parties may infringe the ‘844 Patent, specifically through the use of ESET’s ThreatSense,
`
`Advanced Heuristic, HIPS, DNA Signature, Exploit Blocker, and LiveGrid Technologies, advertising
`
`and promoting the use of the ‘844 Accused Products in an infringing manner and distributing
`
`guidelines and instructions to third parties on how to use the ‘844 Accused Products in an infringing
`
`manner.
`
`54.
`
`Defendants provides articles, videos and downloads which cover in depth aspects of
`
`operating Defendants’ offerings. See http://www.eset.com/us/support/download/installation-videos/,
`
`attached hereto as Exhibit O.
`
`55.
`
`Defendants updates and maintains an HTTP site with Defendants’ quick start guides,
`
`administration guides, user guides, and operating instructions which cover in depth aspects of
`
`operating Defendants’ offerings. See http://support.eset.com/, attached hereto as Exhibit P.
`
`COUNT III
`(Direct Infringement of the ‘780 Patent pursuant to 35 U.S.C. § 271(a))
`
`56.
`
`Finjan repeats, realleges, and incorporates by reference, as if fully set forth herein, the
`
`allegations of the preceding paragraphs, as set forth above.
`
`57.
`
`Defendants have infringed and continues to infringe claim 1-18 of the ‘780 Patent in
`
`violation of 35 U.S.C. § 271(a).
`
`58.
`
`Defendants’ infringement is based upon literal infringement or, in the alternative,
`
`infringement under the doctrine of equivalents.
`
`59.
`
`Defendants’ acts of making, using, importing, selling, and/or offering for sale infringing
`
`products and services have been without the permission, consent, authorization or license of Finjan.
`
`60.
`
`Defendants’ infringement includes the manufacture, use, sale, importation and/or offer
`
`for sale of Defendants’ products and services, including Home Protection Products, Small Office
`
`Protection Products and Business Protection Products, which embody the patented invention of the
`
`1
`
`2
`
`3
`
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`
`
`COMPLAINT FOR PATENT INFRINGEMENT
`
`
`15
`
`CASE NO.
`
`
`
`Case 3:17-cv-00183-CAB-BGS Document 1 Filed 07/01/16 PageID.17 Page 17 of 37
`
`
`
`‘780 Patent. Such products include ESET Multi-Device Security, ESET NOD32 Antivirus, ESET
`
`Smart Security, ESET Cyber Security, ESET Cyber Security Pro, ESET Mobile Security for Android,
`
`ESET NOD32 Antivirus for Linux, ESET Multi-Device Home Office, ESET Small Office Security,
`
`ESET Small Business Security Pack, ESET Endpoint Antivirus for Windows, ESET Endpoint
`
`Security for Windows, ESET Endpoint Antivirus for OS X, ESET Endpoint Security for OS X, ESET
`
`Endpoint Antivirus for Linux, ESET Endpoint Security for Android, ESET Mail Security for
`
`Microsoft Exchange Server, ESET Mail Security for Linux/BSD, ESET Mail Security for Kerio,
`
`ESET Mail Security for IBM Domino, ESET Gateway Security for Linux/BSD, ESET Gateway
`
`Security for Kerio, ESET File Security for Microsoft Windows Server, ESET File Security for
`
`Linux/BSD, and ESET Security for Virtual Environment (collectively, the “780 Accused Products”).
`
`61.
`
`The ‘780 Accused Products embody the patented invention of the ‘780 Patent and
`
`infringe the ‘780 Patent because they practice a method of obtaining a downloadable that includes
`
`one or more references to software components required to be executed by the downloadable,
`
`fetching at least one software component required to be executed by the downloadable, and
`
`performing a hashing function on the downloadable and the fetched software components to generate
`
`a downloadable ID. For example, NOD32 perform hash value lookups using ESET’s LiveGrid
`
`technol