Background
Skysong Innovations — the technology commercialization arm of Arizona State University — sued CrowdStrike, the publicly traded cybersecurity company, alleging infringement of five patents directed to cybersecurity technologies. The patents cover a range of inventions: vulnerability analysis using exploit functions (U.S. Patent No. 10,313,385), browser-based security for sensitive information (U.S. Patent No. 10,574,721), machine classifiers for threat detection (U.S. Patent No. 11,275,900), accelerated computations in convolutional neural networks (U.S. Patent No. 11,775,831), and predicting software vulnerability exploitation using social-connection data (U.S. Patent No. 11,892,897).
The parties disputed the construction of ten claim terms. CrowdStrike sought narrow constructions that would have limited several terms to specific algorithms and methods disclosed in the specification, and challenged one term — “sensitive information” — as indefinite under Nautilus. Skysong advocated for plain-and-ordinary-meaning constructions throughout. The court held a Markman hearing on March 11, 2026, issued its final claim constructions the next day, and published this memorandum explaining its reasoning.
The Court’s Holding
Magistrate Judge Gilliland sided predominantly with Skysong, adopting plain-and-ordinary-meaning constructions for eight of the ten disputed terms and providing limited constructions for the remaining two.
Key rulings include:
“Sensitive information” is not indefinite. CrowdStrike argued that because “sensitive information” is inherently subjective — different users may categorize different data as sensitive — the term fails to provide objective boundaries. The court disagreed, observing that infringement turns on how data deemed sensitive is protected, not on which data users consider sensitive. Tellingly, CrowdStrike’s own patents and marketing materials use the same term, undermining its indefiniteness argument. The court distinguished Datamize, LLC v. Plumtree Software, where the subjective term (“aesthetically pleasing”) directly controlled infringement.
“Machine classifier” is not limited to machine learning. CrowdStrike sought to narrow “machine classifier” to “a classifier that uses machine learning.” The court found no lexicography or disclaimer in the intrinsic record and noted the specification discloses classifiers using elastic search, which is not machine learning. Even if every embodiment used machine learning, importing that limitation from the specification into the claims would violate Liebel-Flarsheim.
“Full precision computation” is not limited to convolution. CrowdStrike argued that because the claims recite a “convolutional neural network,” “computation” must mean “convolution.” The court rejected this, noting that convolutional neural networks also perform pooling operations. Dependent Claim 4’s explicit recitation of “convolution and pooling” further indicated the patentee knew how to claim convolutional computations but chose not to limit independent Claim 1 that way.
“Before disclosure” means “prior to disclosure to a public database.” This was one of the few terms where CrowdStrike succeeded in obtaining a narrowing construction. The court found prosecution history disclaimer: the patentee had amended the claims to remove “disclosure to a public vulnerability database” and replace it with “before disclosure,” but distinguished prior art based on the original meaning. That amounted to a disclaimer that locked the term to public-database disclosure.
“Most significant bits” need not be contiguous. CrowdStrike argued that using non-contiguous bits would produce inaccurate results. The court found this argument unpersuasive because the patent’s abstract expressly contemplates trading accuracy for efficiency, noting that the system may identify a maximum by “90% probability.” However, the court did construe “a set” of MSBs as requiring two or more bits, rejecting Skysong’s position that a single bit could constitute “a set.”
Key Takeaways
- Subjective terms can survive indefiniteness challenges when infringement does not turn on the subjective determination itself. “Sensitive information” survived because the claims measure how data is protected, not which data is categorized as sensitive.
- Using your opponent’s own terminology against them is a potent defense. CrowdStrike’s use of “sensitive information” in its own products and patents undercut its indefiniteness challenge — courts view a party’s own ability to apply a term as evidence against indefiniteness.
- Courts remain wary of importing specification limitations into claims, particularly where dependent claims explicitly include the limitation the defendant wants to read into independent claims (the convolution/pooling example).
- Prosecution history amendments create narrow but binding disclaimers. Even though Skysong broadened the claim language from “disclosure to a public vulnerability database” to “before disclosure,” the way it distinguished prior art locked in the narrower meaning.
Why It Matters
This case is a significant clash between a major cybersecurity company and a university patent portfolio covering technologies at the heart of modern endpoint security — vulnerability scanning, machine-learning-based threat detection, and neural network acceleration. The broad claim constructions largely favoring Skysong could expose CrowdStrike to a wide infringement theory at trial, particularly given that the court refused to limit “machine classifier” to machine learning or “computation” to convolution. For AI and cybersecurity companies building products that use classifiers and neural networks, the case illustrates how broad functional claim language in cybersecurity patents can survive narrowing attempts at claim construction.
Your browser cannot display this PDF inline.