IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLORADO Civil Action No.

COLORADO REMEDIATION TECHNOLOGIES, LLC, a Colorado limited liability company, Plaintiff, v. PANDA DISTRIBUTION, INC. D/B/A PANDA SECURITY USA, a Florida corporation, Defendant.

COMPLAINT FOR PATENT INFRINGEMENT AND DEMAND FOR JURY TRIAL

Plaintiff Colorado Remediation Technologies, LLC ("CRT") files this Complaint against Defendant Panda Distribution, Inc. d/b/a Panda Security USA ("Panda") alleging as follows: I. 1. THE PARTIES

CRT is a Colorado limited liability company with a principal place of business

located in Denver, Colorado. 2. Upon information and belief, Panda is a Florida corporation with a principal place

of business located at 2600 Lake Lucien Drive, Suite 115, Maitland, FL 32751. Panda can be served with process through its registered agent, Almira Nunn, 2600 Lake Lucien Drive, Suite 115, Maitland, FL 32751.

-1-

II. 3.

JURISDICTION AND VENUE

This Court has exclusive jurisdiction of this action for patent infringement

pursuant to 28 U.S.C. 1338(a). 4. This Court has jurisdiction over the subject matter of this action pursuant to 28

U.S.C. 1331 and 1338(a). 5. 6. Venue is proper in this judicial district pursuant to 28 U.S.C. 1391 and 1400. Upon information and belief, Panda has minimum contacts with this judicial

district such that this forum is a fair and reasonable one. Panda regularly conducts business within the District of Colorado and has also committed such purposeful acts and/or transactions in Colorado that it reasonably knew and/or expected that it could be hauled into court as a consequence of such activity, including the offering for sale and sale in Colorado of the infringing products that are the subject of this action. 7. 1400(b). III. 8. THE PATENTS-IN-SUIT Venue over this action is proper in this Court under 28 U.S.C. 1391(b), (c) and

On February 16, 2010, United States Patent No. 7,665,119 ("the '119 Patent") was

duly and legally issued for "Policy-Based Selection of Remediation." A true and correct copy of the '119 Patent is attached as Exhibit A. 9. On December 25, 2012, United States Patent No. 8,341,691 ("the '691 Patent")

was duly and legally issued for "Policy-Based Selection of Remediation." A true and correct copy of the '691 Patent is attached as Exhibit B. 10. CRT is the owner by assignment of all right, title and interest in and to the '119

Patent and the '691 Patent, with full and exclusive rights to bring suit to enforce these patents, -2-

including the right to bring suit and collect damages for past infringement. All ownership rights to the '119 Patent and '691 Patent were assigned to CRT by virtue of an assignment, which was recorded with the United States Patent and Trademark Office (USPTO) on November 1, 2011 at Reel 027154, Frame 0556. 11. The '119 Patent and '691 Patent generally relate to policy-based selection of

remediation(s) and deployment of the selected remediation(s) to a device, such as a laptop computer, desktop computer or mobile device, that has been potentially the subject of unauthorized activity or manipulation. 12. The Abstract of the '119 Patent and '691 Patent relevantly provides:

A method, of automatically determining one or more remediations for a device that includes a processor, may include: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device; automatically determining, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and automatically selecting one or more remediations for the device according to the satisfied policies, respectively. 13. Independent Claims 1 and 26 of the '119 Patent read:

1. A method of automatically determining one or more remediations for a device that includes a processor, the method comprising: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, the at-least-one policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, violation of the condition potentially being indicative of unauthorized activity or manipulation of the device; automatically determining, from the received parameter values, whether the conditions for any policies are violated, respectively; automatically selecting one or more remediations for the device according to the violated policies, respectively; and -3-

deploying the one or more selected remediations to the device, wherein the deploying of the one or more selected remediations includes automatically mapping the one or more selected remediations to one or more actions the execution of which carries out the one or more selected remediations, respectively. 26. A machine-readable medium comprising instructions, execution of which by a machine determines one or more remediations for a device that includes a processor, the machine-readable instructions including: a first code segment to receive values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, violation of the condition potentially being indicative of unauthorized activity or manipulation of the device; a second code segment to automatically determine, from the received parameter values, whether the conditions for any policies are violated, respectively; a third code segment to automatically select one or more remediations for the device according to the violated policies, respectively; and a fourth code segment to automatically create, for each violated policy, a machine-actionable map between the policy, the corresponding one or more selected remediations and the device. 14. Independent Claims 1, 31 and 38 of the '691 Patent read:

1. A method of automatically determining one or more remediations for a device that includes a processor, the method comprising: receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying, by a computer processor, the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and

-4-

deploying the at least one retrieved remediation to the device. 31. A non-transitory computer-readable storage medium including instructions stored thereon, execution of which by a processor of a computing device cause the computer to perform a method including: receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and deploying the at least one retrieved remediation to the device. 38. A non-transitory computer-readable storage medium including instructions stored thereon, execution of which by a processor of a computing device cause the computer to perform a method including: receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and deploying the at least one retrieved remediation to the device. 15. The '119 Patent and the '691 Patent are presumed to be patent eligible, valid and

enforceable pursuant to 35 U.S.C. 282.

-5-

IV. 16.

DEFENDANT'S INFRINGEMENT

Upon information and belief, and as further described below, Panda has used,

practiced, imported, provided, supplied, distributed, sold and/or offered for sale products and/or services in the United States that infringe one or more claims of the '119 Patent and one or more claims of the '691 Patent. 17. Panda's products and services include security solutions for PCs, laptops and

servers that provide enterprise security, Network Access Control (NAC) and endpoint protection. 18. By way of example only, Panda's marketing materials relating generally to its

Panda Security for Enterprise, Panda Endpoint Protection and Panda Network Access Control products ("Panda Products") relevantly state these products use Microsoft's Network Access Protection (NAP) operating system components to "[evaluate] the security status of a client trying to connect or communicate with a private network and [restrict] access until the client has complied with the established security policy." The Panda Products facilitate creation of one or more security policies (e.g., the client must have firewall protection enabled, the client must have antivirus (AV) protection enabled and the client's AV signature file must be up-to-date) and perform network access tests on a client computer at issue to determine if the client computer meets the established policies. Complete network access may be denied if the client computer at issue is not in compliance with the security policies. The Panda Products include an "autoremediation" setting, which, when enabled, allows "the system to repair any security failure detected" by the network access tests. The scanning of client computer systems, verification of their compliance with security and/or network access policies and subsequent performance of automatic remediation of noncompliant client computer systems in this manner directly infringes one or more claims of the '119 Patent and the '691 Patent. -6-

19.

Upon information and belief, Panda Products for Linux, UNIX and Apple's OS X

operating system operate in a manner similar to the Microsoft Windows operating system scenario presented above. V. CLAIM FOR RELIEF (Patent Infringement U.S. Patent No. 7,665,119) 20. CRT incorporates by reference each and every allegation in paragraphs 1

through 19 as though fully set forth herein. 21. Panda has used, practiced, imported, provided, supplied, distributed, sold and/or

offered for sale products that practice or embody one or more of the inventions claimed in the '119 Patent in violation of 35 U.S.C. 271(a). 22. CRT has been damaged as a result of Panda's infringing conduct. Panda is thus

liable to CRT in an amount that adequately compensates CRT for such infringement which cannot be less than a reasonable royalty, together with interest and costs as fixed by this Court under 35 U.S.C. 284. VI. CLAIM FOR RELIEF (Patent Infringement U.S. Patent No. 8,341,691) 23. CRT incorporates by reference each and every allegation in paragraphs 1 through

22 as though fully set forth herein. 24. Panda has used, practiced, imported, provided, supplied, distributed, sold and/or

offered for sale products that practice or embody one or more of the inventions claimed in the '691 Patent in violation of 35 U.S.C. 271(a). 25. CRT has been damaged as a result of Panda's infringing conduct. Panda is thus

liable to CRT in an amount that adequately compensates CRT for such infringement which

-7-

cannot be less than a reasonable royalty, together with interest and costs as fixed by this Court under 35 U.S.C. 284. VII. JURY DEMAND

CRT hereby requests a trial by jury pursuant to Rule 38 of the Federal Rules of Civil Procedure. VIII. PRAYER FOR RELIEF CRT requests that the Court find in its favor and against Panda, and that the Court grant CRT the following relief: A. Judgment that one or more claims of the '119 Patent have been directly infringed,

either literally, and/or under the doctrine of equivalents, by Panda; B. Judgment that one or more claims of the '691 Patent have been directly infringed,

either literally, and/or under the doctrine of equivalents, by Panda; C. Judgment that Panda account for and pay to CRT all damages to and costs

incurred by CRT because of Panda's infringing activities and other conduct complained of herein in an amount not less than a reasonable royalty; D. That CRT be granted pre-judgment and post-judgment interest on the damages

caused to it by reason of Panda's infringing activities and other conduct complained of herein; E. That this Court permanently enjoin the Defendant, and its parents, subsidiaries,

affiliates, successors and assigns, and each of its officers, directors, employees, representatives, agents and attorneys, and all persons acting in concert or active participation with, or on its behalf, or within its control, from making, using, selling, offering to sell, importing or advertising products and/or services and/or employing systems, hardware, software and/or components and/or making use of the systems or processes that infringe any of the claims of the -8-

asserted patents, or otherwise engaging in acts of infringement of the asserted patents, all as alleged herein; F. That CRT be granted such other and further relief as the Court may deem just and

proper under the circumstances.

Respectfully submitted,

Dated: August 16, 2013

By:

s/ Benjamin B. Lieb Benjamin B. Lieb blieb@sheridanross.com John C. Heuton jheuton@sheridanross.com SHERIDAN ROSS P.C. 1560 Broadway, Suite 1200 Denver, Colorado 80202-5141 (303) 863-9700 (303) 863-0223 (facsimile) litigation@sheridanross.com ATTORNEYS FOR PLAINTIFF

-9-