Searching over 5,500,000 cases.

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

Finjan, Inc. v. Rapid7, Inc.

United States District Court, D. Delaware

June 25, 2019

FINJAN, INC., a Delaware Corporation, Plaintiff,
RAPID7, INC., a Delaware Corporation and RAPID7 LLC, a Delaware Limited Liability Company, Defendants.




         Plaintiff Finjan, Inc. (“Finjan”) filed this patent infringement action on October 1, 2018 against defendants Rapid7, Inc. and Rapid7 LLC (“defendants”).[1] The action arises from defendants' alleged willful infringement of Finjan's patents, including U.S. Patent Nos. 8, 677, 494 (the “‘494 Patent”); 8, 079, 086 (the “‘086 Patent”); and 8, 141, 154 (the “‘154 Patent) (collectively, “the Asserted Patents”). Defendants filed an answer with jury demand and affirmative defenses on December 5, 2018.[2] Currently before the court is plaintiff's motion to strike defendants' Third, Fourth, Fifth, and Sixth Affirmative defenses based on inequitable conduct and defendants' Seventh Affirmative defense based on unclean hands.[3]


         Finjan is a Delaware Corporation with its principal place of business in Palo Alto, California.[4] It was founded in 1997 as a wholly-owned subsidiary of Finjan Software Ltd., an Israeli corporation that moved its headquarters to San Jose, California in 1998.[5]Finjan developed security technologies capable of detecting online security threats, recognized today as malware.[6] These technologies protect networks and endpoints by identifying suspicious patterns and behaviors of content delivered over the Internet.[7]

         Rapid7, Inc. is a Delaware Corporation with its principal place of business in Boston, Massachusetts.[8] Rapid7 LLC is a Delaware limited liability company and a wholly-owned subsidiary of Rapid7, Inc., also located in Boston, Massachusetts.[9]

         Finjan has numerous patents issued by the United States Patent and Trademark Office (“PTO”), where all rights, title, and interest of the patents have been assigned to it and it is the sole owner.[10] These patents include U.S. Patent Nos. 7, 975, 305 (“the ‘305 Patent”); 8, 225, 408 (“the ‘408 Patent”); 7, 757, 289 (“the ‘289 Patent”); 7, 613, 918 (“the ‘918 Patent”); 8, 079, 086 (“the ‘086 Patent”); and 8, 677, 494 (“the ‘494 Patent”).[11]

         Moshe Rubin, Moshe Matitya, Artem Melnick, Shlomo Touboul, Alexander Yermakov and Amit Shaked were issued the ‘305 Patent on July 5, 2011, and the ‘408 Patent on July 17, 2012.[12] The ‘305 and ‘408 Patents are generally directed towards network security and, in particular, rule based scanning of web-based content for exploits.[13]

         The PTO issued to David Gruzman and Yuval Ben-Itzhak the ‘289 Patent on July 13, 2010, and the ‘154 Patent on March 20, 2012. T he ‘289 Patent is generally directed towards a system and method for inspecting dynamically generated executable code, while the ‘154 Patent is generally directed towards a gateway computer protecting a client computer from dynamically generated malicious content.[14]

         On November 3, 2009, the ‘918 Patent issued to Yuval Ben-Itzhak, and it generally addresses a system and method for enforcing a security context on a Downloadable.[15]

         Thereafter, the PTO issued to Yigal Mordechai Edery, Nimrod Itzhak Vered, David R. Kroll and Shlomo Touboul the ‘086 Patent on December 13, 2011, and the ‘494 Patent on March 18, 2014. The ‘086 Patent is generally directed towards computer networks and, more particularly, provides a system that protects devices connected to the Internet from undesirable operations from web-based content.[16] The ‘494 Patent generally addresses a method and system for deriving security profiles and storing the security profiles.[17]

         Finjan asserts these patents result from years of research and development efforts, supported by a dozen inventors and over $65 million in R&D investments.[18]Using its patented technologies, Finjan built and sold software, including application program interfaces (APIs) and appliances for network security.[19] Finjan's pioneering approach to online security drew equity investments from two major software and technology companies, the first in 2005 followed by the second in 2006.[20]

         Finjan claims it generated millions of dollars in product sales and related services and support revenues through 2009.[21] Pursuant to a merger in 2009, it was bound to a non-compete and confidentiality agreement, under which it could not make or sell a competing product or disclose the existence of the non-compete clause.[22] Finjan became a publicly traded company in June 2013, capitalized with $30 million.[23] After the non-compete expired in March 2015, it re-entered the development and production sector of secure mobile products for consumer markets.[24]

         Finjan notes that it had numerous contacts with defendants both in person and in writing, to specifically identify defendants' continued infringing behavior of the Asserted Patents, specifically the ‘305, ‘086, and ‘494 Patents.[25]

         Finjan claims that from approximately May 11, 2016 to January 4, 2018, it attempted to engage in good faith negotiations with defendants regarding their ongoing alleged infringement of its patent portfolio.[26] On or about January 4, 2018, Finjan sent another letter to defendants stating that their Nexpose products infringe the ‘494 Patent, and their AppSpider product continued to infringe the ‘305 Patent.[27] Finjan provided a PowerPoint presentation to defendants on or about February 8, 2018, where it described how Nexpose, Metasploit, InsightVM, InsightAppSec, and AppSpider products infringed its patents, including the ‘494, ‘305, ‘408, ‘289, ‘154, ‘918, and ‘086 Patents.[28]

         Finjan alleges defendants knew they infringed the Asserted Patents well before this action was filed, and acted egregiously and willfully by continuing their infringing conduct and, on information and belief, took no action to avoid infringement.[29] Instead, defendants continued to develop technologies and products that infringed the Patents.[30]

         Defendants are closely related companies that operate as a single business entity directed and controlled by Rapid7, Inc. They make, use, sell, and import the alleged infringing products and services that utilize InsightIDR, InsightVM (Nexpose), InsightAppSec, AppSpider, Metasploit and Komand technologies, including Rapid7 Insight Platform products (collectively, the “Accused Products”).[31] Defendants represent themselves to be one entity regarding the Accused Products in their annual reports to the United States Securities and Exchange Commission.[32] They share the same principal place of business and many of the same corporate executives and directors.[33]

         Defendants' products are all interrelated through the Rapid7 Insight Platform.[34]The Rapid7 Insight Platform integrates its detection and analytic technologies across various product offerings.[35]

         InsightIDR receives data from a network's endpoints, cloud and virtual services, and utilizes a combination of scanning technology, machine learning, live threat feeds, and a library of behavioral threat analytics in order to scan and monitor network events for both new and existing threats.[36] InsightIDR is commonly deployed along with Rapid7's InsightVM.[37]

         InsightVM (Nexpose) receives data from a network's endpoints, cloud and virtual services, and utilizes a combination of scanning technology, live threat feeds, and a library of threat analytics in order to scan and monitor the network for both new and existing vulnerabilities. InsightVM uses RealRisk to assign a risk score to each detected threat.[38]

         InsightAppSec searches and assesses web applications to detect SQL Injection, XSS, and CSRF threats.[39] InsightAppSec normalizes network traffic and uses scan engines (cloud or on-premise) to detect threats, which includes scans for over 90 different known attack types.[40] InsightAppSec works alongside AppSpider to detect and generate a summary of vulnerabilities, which defendants' other Accused Products also use.[41]

         Metasploit is a penetration testing software that utilizes a database of exploits.[42]Metasploit allows simulation of real-world attacks on the network so that further cybersecurity measures can be implemented.[43] Komand connects existing cybersecurity tools to a library of plugins in order to integrate, orchestrate and automate workflows in order to efficiently detect and contain malicious malware, domains, and other threat indicators.[44]

         Finjan alleges that defendants have directly and indirectly infringed the Asserted Patents, by making, using, importing, selling, and offering for sale the defendants' products and services that utilize InsightIDR, InsightVM (Nexpose), Metasploit and Komand technologies, including Rapid7 Insight Platform products.[45]


         A. Motion to Strike Under 12(f)

         In reviewing a motion to strike pursuant to Fed.R.Civ.P. 12(f), “[t]he court may strike from a pleading . . . any redundant, immaterial, impertinent, or scandalous matter.”[46] “Immaterial matter is that which has no essential or important relationship to the claims for relief or the defenses being pleaded.”[47] “Impertinent matter consists of statements that do not pertain, and are not necessary, to the issues in question.”[48]Scandalous matter is defined as “that which improperly casts a derogatory light on someone, most typically on a party to the action.”[49]

         Although motions to strike “serve to ‘clean up the pleadings, streamline litigation, and avoid unnecessary forays into immaterial matters, '” as a general matter, these motions are disfavored.[50] They “ordinarily are denied ‘unless the allegations have no possible relation to the controversy and may cause prejudice to one of the parties.'”[51]

         Therefore, even where the challenged material is redundant, immaterial, impertinent, or scandalous, a motion to strike should not be granted unless the presence of the surplusage will prejudice the adverse party.[52] When ruling on a motion to strike, the court must construe all facts in favor of the nonmoving party, and only grant the motion when the allegation is clearly insufficient.[53]

         Fed. R. Civ. P. 8 addresses the requirements of pleading affirmative defenses. An affirmative defense is “a pleading subject to Rule 8(a), and therefore must include a short and plain statement of the defense.”[54] A defense may be deemed meritless because it is simply a conclusory allegation which fails to provide an appropriate statement of facts or to allege the necessary elements of the claims.[55] “The purpose of requiring the defendant to plead available affirmative defenses in his answer is to avoid surprise and undue prejudice by providing the plaintiff with notice and the opportunity to demonstrate why the affirmative defenses should not succeed.”[56] “In responding to a pleading, a party must affirmatively state any avoidance or affirmative defense . . . .”[57]

         IV. ANALYSIS

         Finjan contends that defendants' Third, Fourth, Fifth, and Sixth Affirmative Defenses, based on inequitable conduct, and Seventh Affirmative Defense, based on unclean hands, fall short of the heightened pleading standard under Fed.R.Civ.P. 9(b).

         A. Inequitable Conduct

         Finjan contends defendants failed to allege facts showing the plausibility of “but-for materiality” and “specific intent to deceive the PTO.” Finjan maintains that defendants' affirmative defenses fail at a fundamental level, and their factual allegations do not show any misrepresentation to, or reliance by, the PTO on but-for materiality and or evidence of specific intent to deceive the PTO.

         Applicants for patents and their legal representatives owe a duty of candor, good faith, and honesty in their dealings with the PTO.[58] A breach of this duty constitutes inequitable conduct. If inequitable conduct is established, the entire patent is rendered unenforceable.[59]

         Inequitable conduct, like similar allegations of fraud or mistake, must be pled with particularity under Rule 9(b).[60] “[A] pleading of inequitable conduct under Rule 9(b) must include sufficient allegations of underlying facts from which a court may reasonably infer that a specific individual (1) knew of the withheld material information or of the falsity of the material misrepresentation, and (2) withheld or misrepresented this information with a specific intent to deceive the United States Patent and Trademark Office (‘PTO').”[61] A “reasonable inference” is “one that is plausible and that flows logically from the facts alleged, including any objective indications of candor and good faith.”[62]

         To properly plead inequitable conduct in a patent case, Rule 9(b) requires identification of the specific who, what, when, where, why, and how of the material misrepresentation or omission committed before the PTO.[63] To satisfy the “who” and “when, ” the pleading must name the person who knew of the material information and deliberately withheld or misrepresented it, and indicate when the conduct occurred.[64] To fulfill the “what” and “where” of the material omissions, the pleading must identify “which claims, and which limitations in those claims, the withheld references are relevant to, and where in these references the material information is found[.]”[65] The pleading must set forth “why” the withheld information was material and not cumulative, and “how” an examiner would have used the information in assessing patentability.[66]The pleading must further indicate “the particular claim limitations, or combination of claim limitations, ” that are supposedly absent from the information of record.[67] A factual deficiency with respect to any of the above elements is “fatal under Rule 9(b).”[68]

         1. Third and Fourth Affirmative Defenses (the ‘494 Patent)

         Finjan claims that the court should strike defendants' Third Affirmative defense regarding statements to the PTO concerning inventorship of the ‘494 Patent, because the Touboul Declaration is accurate and defendants did not allege any facts to the contrary. Finjan further contends that defendants' claims are baseless and not facially plausible because there are no facts alleged that indicate a misrepresentation. Finjan argues that defendants' Fourth Affirmative defense fails because it does not provided a sufficient factual basis that Ms. Bey submitted incorrect information to the PTO or shows a specific intent to deceive. Finjan notes that defendants' contentions were a single, conclusory sentence that “Ms. Bey's representation that the delayed priority claim was ‘unintentional' was false and intended to deceive the USPTO.”

         On May 7, 2013, Finjan submitted a declaration from one of the named inventors of the ‘494 Patent, Shlomo Touboul. Touboul's Declaration provides:

The declaration made herein is to establish that I had the ideas described in the patent application, and first developed a working system that is described in the patent application and in claims 1, 3, 4-6, 9, 10, 12-15, and 18 pending as of the signing of this declaration (herein sole invention) prior to September 10, 1997, which is the filing date of the U.S. Patent No. 5, 983, 348 to Ji (“the ‘348 patent”). I hereby declare that my sole invention was in my mind and developed by at least November 18, 1996. The remaining pending dependent claims were co-invented by or with one or more of the listed inventors.[69]

         Defendants allege that Touboul's declaration is false regarding the conception date of the claimed inventions in the ‘494 Patent, and his assertion as the sole inventor of these claims.[70] They further contend Touboul's misrepresentations were knowingly false because he jointly invented with other named Finjan employees.[71]

         Defendants further contend that Finjan's attorney submitted a petition to accept unintentionally delayed claims of priority under 35 U.S.C. §§ 119(e) and 120 for the benefit of a prior-filed application under 37 C.F.R. § 1.78(a)(3) to extend the chain priority.[72]

         Defendants argue that Finjan submitted the application without making a claim and Ms. Bey engaged in a pattern of petitioning for unintentionally delayed priority claims.[73] Defendants maintain Finjan knowingly misrepresented inventorship and the conception date with the intent to deceive the PTO as to the ‘494 Patent, and that Ms. Bey knowingly misrepresented the delay in filing petitions for priority for the Asserted Patents to manipulate the patent system to benefit from a later expiration date, while also preserving the ability to overcome the invalidating prior art.

         Defendants emphasize Mr. Touboul's declaration, arguing his assertion as the sole inventor and the conception date were incorrect. However, Touboul merely stated that “my sole invention was in my mind and developed by at least November 18, 1996. The remaining pending dependent claims were co-invented by or with one or more of the listed inventors.” He did not assert to have invented all claims himself, but only those listed in his declaration. Moreover, the ‘494 Patent identifies the multiple inventors.

         Defendants contend that the ‘494 Patent is unenforcable based on inequitable conduct. Defendants claim that Finjan and Ms. Bey delayed claiming priority to maximize the value of the ‘494 Patent during pre-suit licensing negotiations and only attempted to correct the claim of priority to overcome invalidity attacks on this patent.

         Defendants further allege that Ms. Bey's misrepresentation of a material fact to the PTO regarding with the ‘494 Patent is also a part of an overarching scheme which Finjan ...

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.