Finjan Inc. v. McAfee Inc. et al, No. 1:2010cv00593 - Document 840 (D. Del. 2013)
Court Description: MEMORANDUM OPINION AND ORDER DENYING 773 MOTION for New Trial filed by Finjan Inc., DENYING 770 MOTION for Judgment as a Matter of Law Finjan's Renewed Motion for Judgment As A Matter of Law Against Websense, Inc. fi led by Finjan Inc., DENYING 771 MOTION for Judgment as a Matter of Law Finjan's Renewed Motion for Judgment as a Matter of Law Against Sophos Inc. filed by Finjan Inc., DENYING 772 MOTION for Judgment as a Matter of Law Finjan's Renewed Motion for Judgment as a Matter of Law Against Symantec Corp. filed by Finjan Inc., DENYING 762 MOTION for Attorney Fees filed by Websense Inc. Signed by Chief Judge Gregory M. Sleet on 9/19/2013. (asw)
Download PDF
<![CDATA[
IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF DELAWARE ) ) ) Plaintiff, ) ) V. ) ) SYMANTEC CORP., SOPHOS, INC., ) and WEBSENSE, INC., ) ) Defendants. ~~~~~~~~~~~~~~~~~-) FINJAN, INC., C.A. No. 10-cv-593 (GMS) MEMORANDUM OPINION I. INTRODUCTION In this patent infringement action, plaintiff Finjan, Inc. ("Finjan" or "the plaintiff') alleges that the defendants, Symantec Corporation ("Symantec"), Sophos, Inc. ("Sophos"), and Websense, Inc. ("Websense") (collectively, "the defendants") infringe the asserted claims of the patents-in-suit. 1 (D.l. 1.) The court held a thirteen-day jury trial in this matter on December 3, 2012 through December 19, 2012. (D.l. 826-839.) At trial, each of the defendants and Finjan moved for judgment as a matter oflaw ("JMOL") on a number of grounds pursuant to Rule 50(a) of the Federal Rules of Civil Procedure and the court denied these motions. 2 1 The patents-in-suit are U.S. Patent Nos. 6,480,962 ("the '962 Patent") and 6,092,194 ("the '194 Patent"). The patents-in-suit are owned by Finjan. Finjan asserted claims 1, 5, 6, 12, 15, 33, 37, 38, 45, 52, and 55 of the '962 Patent and claims 1, 2, 32, 35, 36, 37, 58, 65, and 66 of the '194 Patent. 2 Specifically, Sophos moved for Judgment as a Matter of Law ("JMOL") on various grounds on December 11, 2012 (D.1. 706), accompanied by an Opening Brief in Support (D.1. 707). On December 12, 2012, Symantec and Websense also filed motions for JMOL (D.1. 709; D.I. 711), accompanied by Opening Briefs in Support (D.1. 710). Finjan responded with Answering Briefs to each ofthese motions on December 17, 2012. (D.1. 713; D.I. 714; D.I. 15.) In addition, each of the defendants filed motions for JMOL at the close of evidence on December 18, 2012. (D.1. 724; D.I. 726; D.I. 736.) Likewise, Finjan filed JMOL motions against each of the defendants on December 19, 2012, supporting its position on various grounds. (D.1. 731; D.I. 732; D.I. 733.) Finjan also filed motions for JMOL against each of the defendants at the close of evidence on December 20, 2012. (D.1. 740; D.I. 741; D.I. 742.) The parties subsequently filed briefs in support and opposition to these motions. (D.1. 727; D.I. 737; D.I. 738; D.I. 748; D.I. 749; D.I. 750; D.I. 751; D.I. 760; D.I. 761; D.I. 765.) The court denied these motions by oral orders as they were raised throughout the trial. On December 20, 2012, the jury returned a unanimous verdict in favor of each of the defendants on the issues of infringement with respect to each asserted claim of the patents-insuit. (D.I. 746.) The jury further found that the asserted claims of the patents-in-suit were invalid due to obviousness and anticipation. (Id.) The court entered judgment on the verdict on December 21, 2012. (D.I. 747.) Presently before the court are Finjan's post-trial motions and Websense's Motion for Attorney Fees. Having considered the entire record in this case, the substantial evidence in the record, the parties' post-trial submissions, and the applicable law, the court will deny each of Finjan's post-trial motions (D.I. 770; D.I. 771; D.I. 772; D.I. 773) and Websense's attorney fees motion (D.I. 762). The court's reasoning follows. II. BACKGROUND OF THE TECHNOLOGY This action involves U.S. Patent Nos. 6,092, 194 ("the '194 Patent") and 6,480,962 ("the '962 Patent"). Generally speaking, the patents-in-suit relate to systems and methods for protecting a computer and a network from hostile Downloadables. See generally '194 Patent; '962 Patent. The '194 Patent, entitled "System and Method for Protecting a Computer and Network From Hostile Downloadables," discloses a system comprised of a security policy, an interface for receiving a Downloadable, and a comparator, coupled to the interface, for applying the security policy to the Downloadable to determine if the security policy has been violated. See '194 Patent at Abstract. The '962 Patent, entitled, "System and Method for Protecting a Client During Runtime From Hostile Downloadables," discloses a system that protects clients from hostile Downloadables and describes the system as including security rules. defining suspicious actions and security policies defining the appropriate responsive actions to rule violators. The '962 Patent system includes an interface for receiving incoming Downloadables and requests made by the Downloadable, as well as a comparator coupled to the interface for 2 examining the Downloadable, requests made by the Downloadable, and runtime events to determine whether a security police has been violated. See '962 Patent at Abstract. The system also includes a response engine coupled to the comparator for performing a violation-based responsive action. Id. II. STANDARD OF REVIEW Finjan asserts that it is entitled to judgment as a matter of law pursuant to Rule 50 of the Federal Rules of Civil Procedure and that a new trial is warranted under Rule 59 of the Federal Rules of Civil Procedure. A. Renewed JMOL Motions To prevail on a renewed motion for judgment as a matter of law following a jury trial and verdict, the moving party "must show that the jury's findings, presumed or express, are not supported by substantial evidence or, if they were, that the legal conclusion(s) implied [by] the jury's verdict cannot in law be supported by these findings." Pannu v. lolab Corp., 155 F.3d 1344, 1348 (Fed. Cir. 1998) (quoting Perkin-Elmer Corp. v. Computervision Corp., 732 F.2d 888, 893 (Fed. Cir. 1984)). "Substantial evidence" is defined as "such relevant evidence from the record taken as a whole as might be accepted by a reasonable mind as adequate to support the finding under review." Perkin-Elmer Corp., 732 F.2d at 893. The court should only grant the motion "if, viewing the evidence in the light most favorable to the nonrnovant and giving it the advantage of every fair and reasonable inference, there is insufficient evidence from which a jury could reasonably find liability." Lightnin Lube, Inc. v. Witco Corp., 4 F.3d 1153, 1166 (3d Cir. 1993) (citing Wittekamp v. Gulf Western Inc., 991 F .2d 113 7, 1141 (3 d Cir. 1993)). "In determining whether the evidence is sufficient to sustain liability, the court may not weigh the evidence, determine the credibility of witnesses, or 3 substitute its version of the facts for the jury's version." Lightning Lube, 4 F.3d at 1166 (citing Fineman v. Armstrong World Indus., Inc., 980 F.2d 171, 190 (3d Cir. 1992)). Rather, the court must resolve all conflicts of evidence in favor of the non-movant. Williamson v. Consol. Rail Corp., 926 F.2d 1344, 1348 (3d Cir. 1991); Perkin-Elmer Corp., 732 F.2d at 893. "The question is not whether there is literally no evidence supporting the party against whom the motion is directed but whether there is evidence upon which the jury could properly find a verdict for that party." Lightening Lube, 4 F.3d at 1166 (quoting Patzig v. O'Neil, 577 F.2d 841, 846 (3d Cir. 1978)). Thus, a court should only grant JMOL if "the record is critically deficient of the minimum quantum of evidence." Gomez v. Allegheny Health Servs., Inc., 71 F.3d 1079, 1083 (3d Cir. 1995). Importantly, in conducting the JMOL analysis, "the court may not determine the credibility of the witnesses nor 'substitute its choice for that of the jury between conflicting elements of the evidence."' Syngenta Seeds, Inc. v. Monsanto Co., 409 F. Supp. 2d 536, 539 (D. Del. 2005) (quoting Perkin-Elmer Corp., 732 F.2d at 893). B. New Trial Pursuant to Federal Rule of Civil Procedure 59, a court may grant a new trial "for any of the reasons for which a new trial has heretofore been granted in an action at law in federal court." Fed. R. Civ. P. 59(a)(l)(A). The decision to grant or deny a new trial is within the sound discretion of the trial court. See Allied Chem. Corp. v. Daiflon, Inc., 449 U.S. 33, 36 (1980). In making this determination, the trial judge should consider the overall setting of the trial, the character of the evidence, and the complexity or simplicity of the legal principles which the jury had to apply to the facts. Lind v. Schenley Indus., Inc., 278 F.2d 79, 89 (3d Cir. 1960). Unlike the standard for determining judgment as a matter of law, the court need not view the evidence in the light most favorable to the verdict winner. Allied Chem. Corp., 449 U.S. at 36. A court 4 should grant a new trial in a jury case, however, only if "the verdict was against the weight of the evidence ... [and] a miscarriage of justice would result if the verdict were to stand." Williamson v. Conrail, 926 F.2d 1344, 1352 (3d Cir. 1991). C. Attorneys' Fees In deciding whether to award attorneys' fees, the court must undertake a two-step inquiry. See Interspiro USA, Inc. v. Figgie Intern. Inc., 18 F.3d 927, 933 (Fed. Cir. 1994). First, the court "must determine whether there is clear and convincing evidence that the case is 'exceptional."' Id. (quotation omitted). Second, the court must determine whether "an award of attorney fees to the prevailing party is warranted." Id. Exceptional cases include: "inequitable conduct before the PTO; litigation misconduct; vexatious, unjustified, or otherwise bad faith litigation, frivolous suit or willful infringement." Epcon Gas Sys., Inc. v. Bauer Compressors, Inc., 279 F.3d 1022, 1034 (Fed. Cir. 2002) (citation omitted). III. DISCUSSION A. Validity Finjan first moves for judgment as a matter of law or, alternatively, a new trial, on validity. The court will address Finjan's motions for JMOL against each of the defendants in this section. 3 With regard to the defendants' obviousness arguments, under 35 U.S.C. § 103, a patent may not be obtained on subject matter that "would have been obvious at the time the invention was made to a person having ordinary skill in the art." 35 U.S.C. § 103. "Obviousness is a question of law based on underlying findings of fact." In re Kubin, 561 F.3d 1351, 1355 (Fed. Cir. 2009). Specifically, the trier of fact must consider: (1) the scope and content of the prior art; (2) the differences between the claimed subject matter and the prior art; (3) the level of ordinary skill in the art; and (4) secondary considerations of non-obviousness such as 3 The court discusses Finjan's Motion for a New Trial infra. See Section III.D. 5 commercial success, long felt but unsolved need, failure of others, and acquiescence of others in the industry that the patent is valid, and unexpected results. See Graham v. John Deere Co., 383 U.S. 1, 17-18 (1966). To determine whether an invention is patentable over the prior art, "a court must ask whether the improvement is more than the predictable use of prior elements according to their established functions." KSR Int'/ Co. v. Teleflex, Inc., 550 U.S. 398, 417, 419 (2007). In this assessment, "the invention must be considered as a whole without the benefit of hindsight, and the claims must be considered in their entirety." Rockwell Int'/ Corp. v. United States, 147 F.3d 1358, 1364 (Fed. Cir. 1998) (citing W.L. Gore & Assocs. v. Garlock, Inc., 721 F.2d 1540, 1551 (Fed. Cir. 1983); Medtronic, Inc. v. Cardiac Pacemakers, Inc., 721 F.2d 1563, 1567 (Fed. Cir. 1983)). Invalidity by "anticipation requires that the four comers of a single[] prior art document describe every element of the claimed invention, either expressly or impliedly, such that a person of ordinary skill in the art could practice the invention without undue experimentation." Advanced Display Sys., Inc. v. Kent State Univ., 212 F.3d 1271, 1282 (Fed. Cir. 2000). When challenging the validity of a patent for obviousness based on a combination of pnor art references, the challenger bears the burden of proving, by clear and convincing evidence, that one of ordinary skill in the art would have had reason to attempt to make the combination and would have had a reasonable expectation of success in doing so. PharmaStem Therapeutics, Inc. v. ViaCell, Inc., 491 F.3d 1342, 1360 (Fed. Cir. 2007). A defendant must prove invalidity by clear and convincing evidence and the ultimate burden of persuasion never shifts to the plaintiff. See Pfizer, Inc. v. Teva Pharm. US.A., Inc., 882 F. Supp. 2d 643, 700 (D. Del. 2012). 1. Obviousness 6 As noted, Finjan has filed motions for JMOL against each defendant and has submitted separate briefs in support. Because there is overlap in the obviousness arguments advanced at trial and discussed in these briefs by each defendant and Finjan, the court combines its discussion here. Where a prior art reference was argued by only one defendant, the court makes note of this distinction. At trial, the defendants presented prior art references and, in light of these references, the jury concluded that the '194 and '962 Patents are invalid. In its motions for JMOL as to obviousness, Finjan asserts that the jury verdict should be set aside because: (1) the ThunderByte reference is not prior art to the ' 194 Patent and, even if it were, the asserted claims of the ' 194 Patent are valid over ThunderByte and all other references Symantec presented; and (2) Norton Antivirus 95 ("NAV 95") is not prior art to the '962 Patent and, even if it were, the asserted claims of the '962 Patent are valid over NAV 95 and all other references Symantec presented. (D.I. 791 at 1 (citing D.I. 732 at 2-5, 6-10; D.I. 742 at 2-4, 4-7).) The court addresses each argument separately below. a. The '194 Patent: Prior Art References ThunderByte 7.0 & MIMESweeper At trial, Symantec argued that the '194 Patent is invalid as obvious in light of prior art references ThunderByte 7.0 and MIMESweeper. Specifically, Symantec asserted that MIMESweeper is a gateway product that was designed for use with ThunderByte and, when combined as described in the MIMESweeper literature, the prior art technology would scan email attachments at the gateway. 2148:23).) (D.I. 808 at 5 (citing Tr. at 2141:22-2143:8, 2147:2- During the scanning process, according to the defendants, ThunderByte would extract a list of suspicious computer operations from a Downloadable and compare that list to a security policy. (Id. (citing Tr. at 2149:6-2152:15).) 7 If the security policy was violated, ThunderByte could then delete the Downloadable, preventing execution at the client. (Id at 5-6 (citing Tr. at 2152:16-2153:6).) Symantec asserts that the jury verdict of invalidity based on ThunderByte and MIMESweeper should not be overturned because: (1) there was substantial evidence that ThunderByte 7.0 qualifies as prior art; (2) the defendants were not required to demonstrate that ThunrderByte and MIMESweeper were enabled; (3) a person of ordinary skill in the art could have combined ThunderByte and MIMESweeper; and (4) the ThunderByte/MIMESweeper combination disclosed the disputed elements of the asserted claims of the '194 Patent. Conversely, Finjan asserts that the ThunderByte reference is not prior art to the '194 Patent and, even if it were, the asserted claims of the '194 Patent are valid over ThunderByte and all other references presented by Symantec and Websense. (D.I. 791 at 1 (citing D.I. 732 at 2-5; see also D.I. 742 at 2-4).) Specifically, Finjan asserts that Symantec and Websense's obviousness argument are fundamentally flawed, necessitating JMOL, because the defendants failed to prove that: (1) ThunderByte 7.0 was available in the United States before the '194 Patent's November 8, 1996 priority date; (2) the source code and manuals they relied upon were specifically for ThunderByte 7.0; (3) the ThunderByte and MIMESweeper manuals relied upon were enabled; (4) a person of ordinary skill in the art could have combined ThunderByte and MIMESweeper, let alone would have been motivated to do so; and (5) ThunderByte 7.0 and MIMES weeper disclosed the limitations of the asserted claims. (Id at 3.) i. ThunderBYTE 7.0's Availability in the United States Finjan argues that Symantec has failed to satisfy its burden of proving by clear and convincing evidence that ThunderBYTE 7.0 was available in the United States before November 8, 1996. (D.I. 791 at 3) Specifically, Finjan asserts that the testimony of Dr. Spafford, 8 Symantec's validity expert, was insufficient to demonstrate the prior art's availability and that, because Symantec' s only witness who could establish availability was precluded from testifying as a sanction for improper assertions of privilege during his depositions, Symantec could not make this showing. 4 (Id. at 3-4 (citing Tr. at 2054:5-8).) With regard to Dr. Spafford, Finjan notes that he testified that a British Virus Bulletin contained a review of ThunderByte. Finjan maintains that this testimony is insufficient because the British article failed to: disclose when, if ever, ThunderByte, the product of a Netherlands company, was commercially available in the United States; demonstrate that the review was of a commercial version of ThunderByte; prove that ThunderByte, if available at all, was available outside of the Netherlands or Britain; and demonstrate that the version reviewed can prove availability, particularly where the article noted that the review was limited to a "demonstration version" and that there was "no serial number visible." (Id. at 4 (citing DX 4708-21; DX 4708-23).) Finjan further notes that it objected to Dr. Spafford's testimony on ThunderByte as lacking foundation, but that the court permitted him to testify so long as Symantec' s counsel would not ask him to opine on the availability of ThunderByte in the United States. (Id. (citing Tr. at 2137:13-2140:10).) While Symantec's counsel did not question Dr. Spafford on this issue, he did testify during his direct examination and without provocation, that "[t]he ThunderByte program is an antivirus program that was available in early 1996." (Id. at 4-5 (citing Tr. at 2140: 19-20).) Finjan details that the court denied its objection without prejudice and that it raises the objection again here because that testimony was: (1) outside the scope of the agreement reached between the court and counsel; (2) entirely lacking in foundation due to the 4 Finjan states that Symantec's counsel acknowledged to the court on the record that it could not prove the availability of ThunderByte 7.0 as prior art without Dr. Slade's testimony. Specifically, Finjan notes that Symantec's counsel stated, in response to the court's question as to whether Symantec has "another way to prove what you are attempting to prove," "No, Your Honor." (DJ. 791 at 4 (citing Tr. at 2051: 10-14).) 9 preclusion of Mr. Slade's testimony and Dr. Spafford's own lack of personal knowledge; and (3) outside the scope of Dr. Spafford's expert report. 5 (Id. at 5 (citing Tr. 2139:5-2140:7); Hilgraeve, Inc. v. Symantec Corp., 271 F. Supp. 2d 964, 973-74 (E.D. Mich. 2003)).) Moreover, Finjan contends that Symantec cannot rely on the copyright notice in the ThunderByte manual to establish availability in the United States, because: it is inadmissible hearsay; shows only that ThunderByte was available in the Netherlands; and this notice fails as a matter of law to demonstrate clearly and convincingly that the product was known or used by others prior to the critical date. (Id. (citing Hilgraeve, 271 F. Supp. 2d at 975; DJX-371-2).) Finjan further argues that the "date modified" information contained in the source code and on which Dr. Spafford relied is irrelevant because this evidence demonstrates only that the source code "was being edited on that date, but does not establish when, if ever, it became available in the United States." (Id. at 6.) In fact, Finjan notes that other files on the ThunderByte CD "had purported modified dates as late as October 16, 1996" and, even assuming that ThunderByte files were still being modified on that date, "it is highly unlikely they were then made available in the United States less than a month later." (Id.) Finally, Finjan contends that Symantec has failed to provide foundational evidence linking the source code and manuals on which it relied to the version of ThunderByte asserted here-ThunderByte 7.0. Specifically, Finjan asserts that the manual about which Dr. Spafford testified did not identify the version of 5 With regard to Finjan's request to strike Dr. Spafford's statement, the court agrees with Symantec that Finjan has suffered no prejudice. Specifically, following a sidebar in which the court decided that Symantec could not elicit testimony from Dr. Spafford regarding whether he understood ThunderByte to be publicly available in the United States, Dr. Spafford testified, without provocation, that ThunderBYTE 7.0 was, in fact, publicly available. See Tr. at 2140:15-23. Dr. Spafford was not privy to the court's instruction to counsel at sidebar. Moreover, Symantec counsel indicated at sidebar that, should Dr. Spafford make such a statement as to ThunderByte 7.0's availability, he would interrupt the testimony. Indeed, immediately after Dr. Spafford's comment on availability, Symantec's counsel instructed him that "[w]e don't need to talk about availability issues." See id. at 2140:16-24. Further, Symantec did not rely on Dr. Spafford's statement during closing arguments as proof that ThunderByte 7.0 was available. Instead, and as Symantec's counsel indicated he would do at sidebar, the questioning of Dr. Spafford was limited to eliciting certain facts, such as the Virus Bulletin, the copyright dates, and the dates modified of the software he examined. See id. at 2140:15-2141:2, 2144:9-2146:13, 2205:3-6. In view of the foregoing, the court declines to grant Finjan's request and does not strike the testimony in question. 10 ThunderByte it corresponds to and, without this evidence, cannot establish relevancy. (Id. at 67.) In light of the evidence presented at trial, however, the court concludes that Symantec introduced substantial evidence sufficient to support a jury verdict of invalidity as to the '194 Patent. The court reviews each piece of evidence below. Dr. Spafford, Symantec's invalidity expert, testified at length about his review and analysis of the ThunderByte 7.0 software product, which was produced in native form as exhibit DJX-368. 6 (Id. at 2 (citing Tr. at 2140:16-2141 :5, 2144:9-24; DJX-368).) The directory containing this software product was titled "TBAV 7.00" and, as Dr. Spafford testified, the date modified for the files he used was February 8, 1996. (Id. at 3 (citing Tr. at 2144:9-24, 2089:9-12; SYMDX9-54).) Dr. Spafford also relied on a user manual contained in DJX-368, which bears a copyright date of 1996. (Id. (citing DJX-371-2; Tr. at 2146:20-22).) In addition, Symantec asserts and the court agrees that, in consideration of the following evidence, the jury could have reasonably found that ThunderByte 7.0 is prior art under 35 U.S.C. § 102(a)-(b) because it was known, used, sold, and on sale in the United States before November 8, 1996. First, Symantec introduced a press release from February 9, 1996 (DX-4348), which was released by ThunderBYTE and CompuServe and announced that ThunderBYTE 7.0 "will be 6 Dr. Spafford described DJX-368 in his direct examination testimony: Q: When you loaded those files, did the files have any information concerning when they were last modified? A: The information that I had in the directory is as shown in this top window, and showed February 8, 1996. Q: So DJX-368, can you tell us what that is? A: That's a listing of the contents on the CD, the files that were on it-not the complete list, but the first few showing the date. Q: Now, if we looked at DJX-368 in its entirety, would we see the dates for the rest of the files? A: Yes. Q: And do you recall what those dates were? A: They were the same. Id. at 2144:9-24. 11 released on CompuServe immediately," and that "users around-the-world can download a free, 30-day, fully-functional trial version of TBAV from CompuServe on the Windows 95 Support Menu." (Id (citing DX-4348-1).) The press release also quotes an employee from CompuServe located in Columbus, Ohio, who discusses the benefits of ThunderByte 7.0, and the Director of Technical Support for ThunderByte in North America. (Id (citing DX-4348-1-2).) Moreover, the date of the press release corresponds to the day after the date modified of the ThunderByte 7.0 software that Dr. Spafford tested and relied upon in assessing invalidity. The press release was loaded into the Lexis-Nexis database on February 10, 1996. (Id (citing Tr. at 2144:9-24; DX-4348-3).) Finjan states that it objected to the introduction of this evidence when Symantec presented it to Dr. Vigna during Finjan's rebuttal validity case. (D.I. 791 at 4 n.4.) Finjan did object when Symantec asked Dr. Vigna about the document as being "[ o]utside the scope" of the direct examination and the court overruled the objection. Tr. at 3132:9-13. Finjan renews the objection at this stage, and argues that the evidence should not be considered for JMOL purposes because it was introduced after the close of Symantec' s case. The court disagrees. "In entertaining a motion for judgment as a matter of law, the court should review all of the evidence in the record[,]" which would include DX-4348. See Reeves v. Sanderson Plumbing Prods., Inc., 530 U.S. 133, 150 (2000). The court also rejects Finjan's contention that Symantec did not authenticate this document because, as noted, the press release was included in the Lexis-Nexis database. See Fed. R. Evid. 902(6) (stating that documents such as press releases from sources whose accuracy cannot reasonably be questioned are self-authenticating); see also In re UnumProvident Corp. Sec. Litig., 396 F. Supp. 2d 858, 876-77 (E.D. Tenn. 2005). Symantec also asserts and the court agrees that Finjan waived this argument because it did not object to 12 DX-4348 on hearsay or authentication grounds. (D.I. 810 at 4 (citing Tr. at 3132:9-14).) Moreover, while Finjan asserts that the press release does not prove availability, the release notes that ThunderByte 7.0 "will be released on CompuServe immediately." (Id. (citing DX-4348-1).) Second, Symantec also presented a 1996 user manual for ThunderByte 7.0 (DJX-371), which notes that the product's developer (ESaSS) maintained "ThunderBYTE support Bulletin Board Systems" containing "updates" and "complete releases" for the product. (Id. (citing DJX371-26, -27, -89).) Though Finjan asserts that this manual shows only that ThunderByte was available in the Netherlands, Symantec argued that the manual contradicts this assertion because it describes: (1) online "ThunderB[yte] support Bulletin Board Systems" that contained "updates" and "complete releases" for the product; and (2) a ThunderByte "U.S. support site." (Id. at 5 (citing DJX-371-26, -27, -89).) Thus, Symantec maintains, because of availability online, this version of ThunderByte 7.0 was accessible to people in the United States who had modems and could access online bulletin board systems, including users of online services such as CompuServe. In addition, the 1996 user manual expressly states that in order "to maintain the highest reliability' of these bulletin boards, "the Dutch and U.S. ThunderB[yte] support sites issue regular beta releases, also containing only the files that have changed." (Id. at 3 (citing DJX-371-27).) In response to Finjan's contention that the 1996 copyright date in the user manual is inadmissible hearsay, Symantec argues that here, unlike in the Hilgraeve case on which Finjan relies, it introduced additional evidence regarding the availability of ThunderByte 7.0, including the February 1996 press release, the May 1996 Virus Bulletin, discussed below, and the availability of prior versions to persons within the United States. In addition, Dr. Spafford expressly linked the user manual to the ThunderByte 7.0 software on which he relied. (Id. at 5 13 (citing Tr. at 2140:25-2141 :5, 2146:20-22)); see also Rackable Sys., Inc. v. Super Micro Computer, Inc., 2007 WL 1223807, at *23 (N.D. Cal. 2007) (distinguishing the Hilgraeve case to cases where other evidence exists besides the copyright date for demonstrating public availability). Third, Symantec introduced a May 1996 Virus Bulletin (DX-4708), which contains a review for ThunderByte 7.0, the same version Dr. Spafford used in conducting his analysis. (Id (citing Tr. at 2144:25-2146:22; DX-4708-23).) In fact, Dr. Spafford testified that he was on the editorial board for the Virus Bulletin at that time and received complimentary copies of the publication. (Id (citing Tr. at 2411 :25-2145 :25).) In response to Finjan' s assertion that the Bulletin did not demonstrate that ThunderByte 7.0 was available in the United States or even commercially available, Symantec notes that the jury was presented with evidence that the Bulletin review provided pricing information for the product and that it was sent to individuals in the United States. (Id at 6 (citing DX-4708-24).) Fourth, Symantec engineer, Cary Nachenberg, also testified that he tested ThunderByte version 6.34 in connection with his master's thesis at UCLA. (Id (citing Tr. at 1832:16-1833:2; DX-4011).) Mr. Nachenberg testified that "ThunderByte was a competing antivirus product with Symantec's products." (Id (citing Tr. at 1832:5-1832:8).) Mr. Nachenberg also explained that, during the prosecution of a patent that he obtained for work related to his thesis, the 1995 user manual for ThunderByte was cited to the PTO, and the tests he performed on version 6.34 of ThunderByte are described in the patent specification. (Id (citing Tr. at 1831:7-1833:2; DX4713-2, -12:31-50).) Fifth, Dr. Spafford discussed a July 18, 1995 article from the Computer Business Review (DJX-122), which states that the MIMESweeper product "comes with interfaces for virus 14 protection packages such as Dr. Solomon's, ThunderB[yte] and F-Prot[.]" (Id at 4 (citing DJX122; Tr. at 2141 :24-2142:4, 2143:9-17).) He also testified about a June 30, 1995 article, which discussed the release of MIMESweeper and the "built in interfaces" on that email gateway product "for virus packages, including ThunderB[yte]." (Id (citing DJX-125; Tr. at 2141 :242143:8).) Sixth, Symantec introduced a September 1995 article by David Stang, who worked at Norman Data Defense Systems in Fairfax, Virginia, which states that "[p]roducts of note which offer heuristic scanning include TBScan (from ESaSS)" and also includes an appendix showing the results of an experiment that Mr. Stang performed using version 6.24 of ThunderByte. (Id. (citing PTX-0005-1, -9, -12).) Symantec argues that Mr. Nachenberg's testimony and the MIMES weeper and Stang articles support the jury verdict. (Id at 6 (citing Constant v. Advanced Micro-Devices, Inc., 848 F.2d 1560, 1569 (Fed. Cir. 1988) ("Evidence of routine business practice can be sufficient to prove that a reference was made accessible before a critical date.")).) Finally, and in response to Finjan's assertion that the CD Mr. Slade provided had files with dates modified after February 8, 1996, Symantec notes that all of the files upon which Dr. Spafford relied had in the ''TBAV 7.00" folder had the February 1996 date as the date modified. (Id at 6 (citing Tr. at 2144:9-24; DJX-368).) Moreover, Symantec counters Finjan's argument that it conceded that it had no other evidence regarding the public availability of ThunderByte 7.0 outside Mr. Slade's testimony. Specifically, Symantec notes that, while Finjan is correct it had no other evidence as to how the CD Mr. Slade provided was prepared or his role as a product reviewer at the relevant time, it presented other evidence regarding public availability, including the multiple references detailed above and the Virus Bulletin, which Symantec notes that it identified at sidebar. (Id (citing Tr. at 2138:11-2139:23).) ii. Enablement: ThunderByte and MIMESweeper 15 Finjan contends that Symantec's invalidity case also fails because Dr. Spafford "did not offer any evidence that the purported teachings of the [ThunderByteand MIMESweeper] manuals were enabled." (Id (citing D.I. 791 at 7).) However, as Syamtec correctly notes, Dr. Spafford relied on these manuals as evidence of how the products themselves functioned and that it was the products that were the basis of his obviousness opinions. See, e.g., Tr. at 2154:8-13, 2161:8-2162:3. Indeed, Dr. Spafford was not required to demonstrate that the user manuals were enabling as part of his obviousness analysis. See Geo. M Marin Co. v. Alliance Machine Sys. Int'! LLC, 618 F.3d 1294, 1302 (Fed. Cir. 2010) ("Under an obviousness analysis, a reference need not work to qualify as prior art; 'it qualifies as prior art, regardless, for whatever is disclosed therein."' (citation omitted)); Zenith Elecs. Corp. v. PD! Commc 'n Sys., Inc., 522 F.3d 1348, 1356 (Fed. Cir. 2008) ("[T]he public use itself need not be enabling."). Finjan's assertion is also inconsistent with its pretrial representation that it "will not offer Dr. Vigna's limited testimony regarding the non-enablement of third-party software products." (D.I. 672 at 1.) Thus, Dr. Spafford's reliance on executable software and user manuals for the publicly-available products as part of his obviousness analysis was appropriate. iii. Whether a Person of Ordinary Skill in the Art Could Have Combined ThunderByte and MIMESweeper Finjan also challenges the jury verdict in asserting that a person of ordinary skill in the art could not have combined ThunderByte 7.0 and MIMESweeper as Symantec proposes and, further, that a skilled artisan would not have been motivated to do so. (D.I. 791 at 7.) Specifically, Finjan notes that Symantec relied on an article stating that MIMESweeper, which is based on a Windows NT platform, has a "built-in interface" for ThunderByte, as proof that such a combination would have been technically possible and obvious. (Id (citing Ex. 34; DJX-125; Tr. at 2142:21-2143:17).) Finjan notes that Dr. Vigna conducted experiments showing that 16 ThunderByte 7.0 was not compatible with the Windows NT System and that Symantec did not cross-examine Dr. Vigna on this testimony or challenge his conclusion. (Id. at 7-8 (citing Tr. at 3059:23-3062:8, 3069:1-11).) Further, Finjan notes that Symantec relied on two non-technical articles stating that MIMESweeper could be combined with ThunderByte by using ThunderByte to scan email attachments. (Id. at 8.) Finjan maintains that these articles do not demonstrate Symantec' s claim because, to yield the inventions, "it would be necessary to combine ThunderByte's heuristic scanning with MIMESweeper (i.e., using MIMESweeper as a gateway), which is not discussed in the articles." (Id. (citing Tr. at 3061:15-3065:21-3066:5).) According to Finjan, these articles only suggest a plan to make MIMESweeper compatible with certain versions of ThunderByte and Symantec did not prove clearly and convincingly that MIMESweeper could be combined with the 7.0 version of ThunderByte. (Id.) However, Symantec did, in fact, present expert testimony that the products could be combined. Specifically, Dr. Spafford testified as to this conclusion by relying on press releases noting that MIMESweeper "comes with interfaces for virus protection package such as . . . ThunderByte" and identified excerpts from the MIMESweeper user manual that discuss virus scanning at the email gateway. (D.I. 810 at 7 (citing Tr. at 2141 :24-2143:17, 2146:23-2147:24; DJX-122; DJX-125-5, -75).) In addition, Symantec questioned Dr. Vigna on cross-examination as to whether he used the MIMESweeper product in his experiment and he indicated that he did not because it was not available. (Id. (citing Tr. at 3131:5-10).) Notably, while Finjan argues that Symantec failed to provide the jury with substantial evidence to counter Dr. Vigna's conclusion or to show that Dr. Spafford had personal knowledge regarding whether it was possible to combine the two products, neither expert conducted an experiment with both 17 products. The jury was free to consider the testimony of each expert, weigh the credibility of their opinions, and conclude that Symantec demonstrated this element. iv. Whether the ThunderByte/MJMESweeper Combination Discloses the Disputed Elements of the Asserted Claims Finjan's final argument is that the ThunderByte/MIMESweeper combination does not disclose the asserted claims of the '194 Patent. Specifically, Finjan asserts that Symantec failed to prove that ThunderByte discloses use of "security profile data," including a "list of suspicious computer operations" used to identify potentially harmful Downloadables because ThunderByte "only looked at file characteristics, not operations." (DJ. 791 at 8 (citing Tr. at 3062:9-3067:8).) As a result, Finjan maintains that ThunderByte only analyzed attributes of a file, not what the file was doing, such that it did not use the claimed "security profile data" and could not satisfy related limitations of comparing file operations against security policies and preventing execution of the Downloadable if a security policy is violated. Regarding the "preventing execution of the Downloadable by the client if the security policy has been violated" claim limitation, Finjan contends that ThunderByte automatically deleted or prompted the user to delete a suspicious file without performing an analysis of the file's operations. (Id at 9 (citing Tr. at 2152:16-2153:13).) Thus, ThunderByte, Finjan argues, was not capable of blocking a suspicious file from executing based on a comparison to a security policy. (Id) Moreover, Finjan maintains that ThunderByte, alone or in combination with MIMESweeper, was not capable of detecting suspicious operations in JavaScript or Visual Basic script within the Downloadable, as required by asserted Claims 35 and 36 of the '194 Patent. (Id (citing Tr. at 3069:12-21).) In particular, Finjan cites to Dr. Spafford's testimony that, although ThunderByte did not mention JavaScript or Visual Basic script, a person of ordinary skill in the art would have considered it obvious to modify ThunderByte to process such files. 18 (Id. (citing Tr. at 2193 :2-11, 2160:5-2161: 19).) Finjan notes that Dr. Spafford did not identify a prior art reference with which ThunderByte and MIMESweeper could be combined to yield this result or the motivation behind the combination of such a reference with ThunderByte/MIMESweeper. (Id.) Therefore, Finjan contends that Symantec failed to establish a prima facie case of invalidity, as conclusory ipse dixit analysis "cannot be enough to constitute clear and convincing evidence in an obviousness case." (Id. (citing Cephalon, Inc. v. Watson Pharms, Inc., No. 2011-1325, 2013 WL 538507, at *6 (Fed. Cir. Feb. 14, 2013) (concluding that ipse dixit statements by an expert are insufficient to sustain an invalidity case)); D.I. 819 at 5 (citing Kinetic Concepts, Inc. v. Smith & Nephew, Inc., 688 F.3d 1342, 1366-67 (Fed. Cir. 2012) (stating that differences between asserted prior art and claimed elements supported the reversal of a finding of obviousness)).) The court disagrees with Finjan's contention that Symantec failed to present substantial evidence on which the jury could rely to conclude that the ThunderByte/MIMESweeper combination disclosed the disputed elements of the asserted claims. Specifically, and with regard to the "list of suspicious operations" element, Dr. Spafford testified in detail how ThunderByte 7.0 identified a list of suspicious computer operations. See Tr. at 2148:24-2151:9, 2151:15-2152:15, 2153:14-2154:7. Dr. Spafford also cited to excerpts from the user manual that the program will disassemble files to detect suspicious instruction sequences. See id. at 2148:242151 :9; DJX-371-8 ("TbScan will disassemble files. This makes it possible to detect suspicious instruction sequences and detect yet unknown viruses."); DJX-371-161 ("By looking into the file's contents and interpreting the instructions, TbScan is able to detect the purpose of these instructions."). Moreover, Dr. Spafford also described the results of experiments that he 19 conducted in forming his conclusion and discussed a screen shot showing some of the identified suspicious operations. (D.I. 810 at 8 (citing Tr. at 2153:14-2154:7; SYMDX9-61).) Regarding the "preventing execution of the Downloadable" limitation, Symantec also presented substantial evidence that this element was met by the ThunderByte/MIMESweeper combination, including Dr. Spafford's testimony and experiments and the ThunderByte user manual. (Id. (citing Tr. at 2152:16-2154:13; DJX-371-64, -65; SYMDX9-61).) In addition, and contrary to Finjan's assertions, Dr. Spafford also demonstrated that, in determining whether to prevent execution, ThunderByte 7 .0 analyzed the operations of the policy and then compared them to a policy. See Tr. at 2148:24-2152:15; DJX-371-161. Thus, the jury was presented with Dr. Spafford's opinion that ThunderByte did, in fact, meet the asserted claim. Finally, the court finds that Symantec presented substantial evidence that it would have been obvious to use the ThunderByte/MIMESweeper combination to detect malicious operations in JavaScript and Visual Basic script. See Tr. at 2159:4-2162:3; DJX-371-63. While Finjan is correct that ThunderByte did not mention JavaScript or Visual Basic script, the evidence Symantec presented that it would have been obvious to use JavaScript or Visual Basic script constituted more than a "conclusory ipse dixit" analysis. Specifically, Dr. Spafford testified that these scripts were developed by others and were known before the claimed invention. See Tr. at 429:8-430:4, 2160:24-2161:7, 2499:1-5; PTX-0001. Indeed, Dr. Spafford testified that the ThunderByte product contemplated scanning files in different languages. (D.I. 810 at 9 (citing DJX-371-63).) Dr. Spafford testified that, according to the principle of defense in depth, it would have been obvious to use ThunderByte to scan for viruses in these scripts, which he explained may be attached to emails. (Id. (citing Tr. at 2159:4-2162:3, 2091 :4-2092:20).) Dr. 20 Spafford also stated that he expressed concern about viruses attached to these scripts to the developers of the MIME standard used in MIMESweeper. (Id. (citing Tr. at 2160:24-2161 :7).) In consideration of the evidence detailed above, the court concludes that Symantec presented substantial evidence that, if found credible, could reasonably support an invalidity verdict. b. The '962 Patent: Prior Art References NA V 95 & HotJava Finjan next argues that the court should grant JMOL overturning the jury's verdict that the '962 Patent is invalid over NA V 95 and other references Symantec presented. Finjan notes that Symantec argued that the asserted claims of the '962 Patent were anticipated by NAV 95, with the exception of Claim 52, which is alleged to be obvious in view of NA V 95 combined with HotJava. Finjan asserts that Symantec improperly relied on a combination of items to allege anticipation based on NAV 95 and failed to show that: (1) NAV 95 and HotJava were available in the United States prior to November 8, 1996; (2) the NA V 95 manuals relied upon were enabled 7; and (3) NA V 95 disclosed the limitations of the asserted claims. (DJ. 791 at 10.) Specifically, Finjan states that Symantec "improperly relied on a combination of purportedly related materials including Norton Antivirus software, source code, and a user manual," and that Dr. Spafford "relied on a mix of the NA V 95 Software, Source Code, and Manual that varied from limitation to limitation." (Id.) Finjan contends that, because each "are admittedly distinct items of prior art, [Dr.] Spafford's opinion that they anticipate the asserted claims in combination fails as a matter oflaw." (Id. at 10-11.) Thus, because, according to Finjan, Dr. Spafford offered no obviousness analysis for the asserted claims of the '962 Patent, except for Claim 52 with 7 For the reasons stated above in Section III.A.I.a.iii, the court disagrees with Finjan's assertion that Symantec had to demonstrate that the prior art was enabled. Specifically, Finjan agreed prior to trial not to raise any issue concerning the enablement of prior art software products. See supra Section III.A. I .a.iii. In addition, because Dr. Spafford relied upon the NAY 95 product, Finjan's argument that he failed to show enablement of the NAY 95 user manual is irrelevant. See id. 21 respect to HotJava, no reasonable jury could find that the asserted claims are invalid in view of NAV 95. (Id. at 11.) First, Finjan argues that Symantec failed to make the threshold showing that NA V 95 and HotJava were publicly available in the United States prior to November 8, 1996. Specifically, Finjan asserts that Symantec improperly sought to demonstrate public availability of NA V 95 in the United States by offering the uncorroborated testimony of two company employees, Symantec Vice President, Carey Nachenberg, and Symantec engineer, Mark Kennedy, and offered no documents in support. (Id. (citing Lacks Indus., Inc. v. McKechnie Vehicle Componenets USA, Inc., 322 F.3d 1335, 1349-50 (Fed. Cir. 2003) (concluding that "oral testimony by interested parties must be corroborated by documentary testimony" and noting that the testimony of one interested witness cannot be used to corroborate the testimony of another witness)).) With respect to HotJava, Finjan maintains that Symantec relied exclusively on the testimony of Jeffrey Nisewanger, who stated that HotJava was not commercially released until March 1997 and that, prior to this date, HotJava was only available in pre-beta form-a release "that is for internal consumption and not something that you would sell as a product to the public." (Id. at 12 (citing Tr. at 2063:11-23, 2128:17-21, 2186:19-25, 3054:11-17).) Second, Finjan asserts that Symantec did not demonstrate by clear and convincing evidence that NA V 95 discloses the limitations of the asserted claims of the '962 Patent. In particular, Finjan argues that NAV 95 cannot invalidate because it did not monitor a "plurality of subsystems" of an operating system and, instead, only monitored filed systems. (Id. at 13.) Finjan notes that Dr. Vigna provided unrebutted testimony that the "input/output" monitoring of NAV 95 was limited to "disk space orientation [e.g., to] format the hard drive, modify the file, modify an attribute of an executable file," all of which are operations of a file system. (Id. 22 l (citing Tr. at 3036:14-3037:7, 3025:4-12, 3040:15-3043:4).) Next, Finjan claims that NAV 95 did not practice the step of "performing a predetermined responsive action based on the comparison." In support, Finjan cites to the testimony of Dr. Spafford and Websense's noninfringement expert, Ms. Frederiksen-Cross, to demonstrate that "the measures that NAV 95 took based on the rules (e.g., blocking an action or prompting the user) were performed exclusively based on the action being performed (e.g., reformatting the hard drive), and were not in response to the comparison of any information about Downloadables to any policies." 8 (Id at 14-15 (citing Tr. at 3045:14-3046:5).) Thus, Finjan argues that NAV 95 did not perform this limitation because the identity of the Downloadable performing the action was unknown. (Id) Finally, Finjan contends that a person of ordinary skill in the art would not have been motivated to combine NAV 95 and HotJava in the "hodge-lodge fashion" Dr. Spafford proposed and, therefore, that Symantec failed to prove invalidity of Claim 52. Specifically, Finjan maintains that there would have been no motivation to combine the two programs because they were directed to different tasks-HotJava monitored Java applets run by a web browser and NA V 95 monitored file systems. (Id at 15 (citing Tr. at 3051 :22-3053 :2).) Moreover, Finjan argues that Claim 52 is not invalid because these products did not monitor "an operating system" and NA V 95 did not perform the "adding information pertaining to the Downloadable to a suspicious Downloadable database" as required by Claim 55. (Id. (citing Tr. at 3048:8-15, 3050:23-3051 :21 ).) Thus, Finjan asserts that Symantec failed to present substantial evidence from which a reasonable jury could find that it proved invalidity clearly and convincingly. 8 Finjan argues that Drs. Spafford and Ms. Frederiksen-Cross' testimony demonstrated that NAV 95 simply blocked certain actions, regardless of the sources performing the action, and did not, therefore, perform the comparison to a security policy of information that "pertain[s] to the Downloadable." (D.I. 791 at 14 (citing Tr. at 2110:7-2111: 11, 2867: 13-19, 3027:21-3029:4, 3037: 16-24, 3043:5-3045: 13).) 23 In view of the record before it, the court disagrees. First, regarding Finjan's assertion that Symantec improperly premised its anticipation argument on a combination of references, under relevant law it was appropriate for Dr. Spafford to rely on the NA V 95 executable software, user manual, and source code to show how NAV 95 operated. Specifically, and as Symantec correctly notes, where, as here, a product is alleged to anticipate, the fact that "the offered product is in fact the claimed invention may be established by any relevant evidence, such as memoranda, drawings, correspondence, and testimony of witnesses." (D .I. 810 at 9-10 (citing Laboratory Skin Care, Inc. v. Limited Brands, Inc., 2011 WL 4005444, at *5 (D. Del. Sept. 8, 2011) (citing Sonoscan, Inc. v. Sonotek, Inc., 936 F.2d 1261, 1263 (Fed. Cir. 1991)).) In fact, the NAV 95 software product upon which Dr. Spafford relied included both the executable software and a copy of the user guide explaining how the product worked. (Id at 10 (citing Tr. at 2098:49; Zenith Elecs., 522 F.3d at 1358; Unitherm Food Sys., Inc. v. Swift-Eckrich, Inc., 375 F.3d 1341, 1352 (Fed. Cir. 2004)).) In addition, Finjan's claims that Dr. Spafford testified that the NAV 95 manual was considered by the Patent Office and that the user guide is a different piece of prior art than the source code and software, is not supported by the record. (D.I. 791 at 11.) With regard to Dr. Spafford's testimony concerning whether the PTO considered NAV 95, this testimony was directed to alleged similar technology in the Endrijonas reference. (D.I. 810 at 10 (citing Tr. at 2172:6-2175:13).) Moreover, Dr. Spafford consistently testified that he relied upon the functionality of the NA V 95 product itself, as shown by the user guide, software, and source code, and did not "conced[e]," as Finjan asserts, that each is a separate piece of prior art. (Id (citing Tr. at 2088:24-2089:5, 2200:6-15).) i. Whether NA V 95 and HotJava are Prior Art 24 The court finds that there was substantial evidence in the record for the jury to find that NA V 95 and HotJava were publicly used, known, or on sale in the United States prior to November 8, 1996. Despite Finjan's assertions to the contrary, Symantec presented evidence to corroborate witness testimony that NA V 95 was available in the United States. Specifically, in addition to presenting Mr. Nachenberg and Mr. Kennedy's testimony that NAV 95 was released in August of 1995, at the same time Windows 95 was released, Mr. Kennedy obtained a shrinkwrapped box of NAV 95 that contained the user manual, floppy disk, and warranty card, which was introduced into evidence as DX-4469 and DX-4649. (Id. at 11 (citing Tr. at 1888:211889:18).) Mr. Kennedy also obtained the source code for NAV 95 (DX-4470) and verified that the dates and binary copies of the source code correspond to the dates and binary codes on the floppy disks in DX-4469. (Id. (citing Tr. at 1890:13-1891:13).) Moreover, consistent with the testimony presented, the user manual and executable program contain copyright dates of 1995 and indicate that the product was available in the United States, 9 and the source code contains data modified stamps prior to August 1995. (Id. (citing DX-4649-4, -78, -156; DX-4470, p. 1, 95, 127; SYMDX9-24).) Mr. Touboul, the inventor of the asserted patents, also testified that he was familiar with Norton Antivirus products in 1995-1996. (Id. (Tr. at 591:24-592:9, 631:1518).) Thus, it is clear that there was evidence in the record corroborating the "interested" testimony of Mr. Nechenberg and Mr. Kennedy. The testimony regarding the public availability of HotJava in the United States was likewise corroborated by documentary evidence. Specifically, an Oracle representative, Mr. Nisewanger, testified that the pre-beta 1 release of the HotJava browser and the source code on which Dr. Spafford relied were released to developers in the United States in May 1996. (Id. 9 As the court explained in Section III.A.1.a.i, in connection with Finjan's copyright hearsay arguments, the court agrees with Symantec that Finjan failed to object to the copyright date as hearsay at trial and, regardless, Symantec presented evidence in addition to the copyright date to support its argument. 25 (citing Tr. at 2063:6-23, 2068:5-2070:20; DX-4140).) In addition, contrary to Finjan's assertion that Dr. Spafford "confirmed that pre-beta release means 'possibly intended only for internal consumption or a very select audience,"' he testified that a pre-beta release "is generally one that has most of the flaws worked out, most of the implementation in place and is shipped to the users to provide feedback prior to the final release." (Id at 12 (citing Tr. at 2185:3-2186:25; Oracle Corp. v. Parallel Networks, LLP, 588 F. Supp. 2d 549, 570 (D. Del. 2008) (relying upon a beta release of the alleged prior art software)).) Thus, in view of the foregoing, the court concludes that the jury could have relied on substantial evidence in the record demonstrating that both NA V 95 and HotJava were available in the United States before November 8, 1996. ii. Whether NAV95 Discloses the Disputed Elements of the Asserted Claims of the '962 Patent The court further finds that Symantec presented substantial evidence through Dr. Spafford's testimony that NAV 95 disclosed the four claim elements. With regard to the "plurality of subsystems" element, Dr. Spafford testified that NAV 95 monitored the file subsystem and the I/O subsystem of the operating system. (Id (citing Tr. at 2100:2-2140:15).) The NAV 95 user manual and software demonstrate that the product monitored multiple subsystems, and the NA V 95 source code also described a "file system event manager" and a separate "I/O system event manager." (Id (citing DX-4649; DX-4469; SYMDX9-27, -28, -33; DX-4470, p. 18, 95, 127).) A Microsoft book also described the "block I/O subsystem" in Windows 95. (Id (citing DX-4336-17).) Thus, the jury could conclude that Dr. Vigna's opinion was inconsistent with this evidence, including the Windows 95 book, as well as his own lecture notes, and the NA V 95 source code, which he did not review. 3123:24-3125:3; DX-4346-8).) 26 (Id (citing Tr. at 3030:3-6, Regarding the "information pertaining to a Downloadable" element, Dr. Spafford explained that NAV 95 examined two types of information pertaining to a Downloadable: (1) it examined the request; and (2) it compared the identity of the program making the request against an exclusion list. (Id. at 12-13 (citing Tr. at 2110:15-2112:8, 2116:22-2117:5).) Symantec also notes that Finjan's expert, Dr. Medvidovic, testified that a request made by a Downloadable is information pertaining to the Downloadable and that, during claim construction, Finjan conceded that the identity of a Downloadable is information pertaining to that Downloadable. (Id. at 13 (citing Tr. at 1002:3-21; D.I. 182 at 14).) Moreover, Symantec notes that Dr. Spafford did not testify that NAV 95 would simply "avoid[] examining certain files" (D.1. 791 at 14), but instead opined that it would monitor for a request, compare information about the Downloadable to the policy, and then perform a predetermined response based on information pertaining to the Downloadable. (D.I. 810 at 13 (citing Tr. at 2112:19-2113:14).) Further, and with respect to Finjan's citing to Websense's non-infringement expert on this issue, Symantec notes that Finjan did not accuse Websense of infringing the '962 Patent and, therefore, Websense's expert did not address any term related to the claims of the '962 Patent that NA V 95 was found to invalidate. (Id. at n.5.) In response to Finjan's assertion that there was no motivation to combine NAV 95 and HotJava, Dr. Spafford testified that there would have been such motivation based on the principle of defense in depth. (Id. (citing Tr. at 2135:23-2136:19).) Dr. Spafford also demonstrated how the products could be used on the same computer and how the combination would monitor multiple subsystems of the operating system, including the network subsystem. (Id. (citing Tr. at 2129:4-2131:12).) In its briefing, Finjan maintains that Dr. Spafford's testimony was conclusory and failed to establish a particularized motivation in the art. 27 Specifically, Finjan cites to such testimony as Dr. Spafford's statement that, "you would run extra programs, to make sure you were defended against everything," in support. (D.1. 791 at 8 (citing Tr. at 2136:1-3).) However, Dr. Spafford testified in detail that defense in depth was a concept well known in the prior art and in the security community at least since 1986, when he referenced the concept in his book. See Tr. at 2091 :4-2092:6. Consequently, the court is not persuaded by Finjan's argument that Dr. Spafford's testimony on this point can be characterized as conclusory or that there was insufficient evidence in the record. Rather, the court finds that the jury could have concluded that Dr. Spafford's opinion as to motivation in the art was grounded in the concerns reflected in the defense in depth concept. Finally, the court also agrees with Symantec that it presented substantial evidence that NA V 95 added information pertaining to the Downloadable to a suspicious Downloadables database. (D.1. 810 at 13.) Specifically, Dr. Spafford testified that NAV 95 would add information about the Downloadable to an "activity log," which was a database of suspicious Downloadables. (Id. at 14 (citing Tr. at 2118: 14-2120:8; DX-4649-83, -84; SYMDX9-39).) Finjan contends that Claim 55 is not met because NAV 95 "has nothing resembling the claimed 'Downloadable Database' other than an 'activity log,' which is just a simple text file," and that, as a matter of claim construction, "such a simple text file is not a database." (D.I. 791 at 8 (citing MySpace, Inc. v. Graphon Corp., 756 F. Supp. 2d 1218, 1232 (N.D. Cal. 2010), aff'd, 672 F.3d 1250 (Fed. Cir. 2012) (construing database as a "collection of data with a given structure that can be stored and retrieved.")).) However, Dr. Spafford testified that, m his opinion, this claim limitation was met because, for reasons not fully recited here, he was able to "configure the activity log to indicate what suspicious activities [he] wanted to log, or to store in the database, along with the name of 28 the file to be created, the database, and how large it could be." See Tr. at 2119:9-16. To this end, files were "added by the predetermined responsive action, setting the log, and indicating what it is ahead of time that you wanted to store, it's information pertaining to the Downloadable because it's the name of the file, its location, what it tried to do and when it happened." Id at 2119:24-2120:8. Thus, Dr. Spafford concluded that because the files "are in the suspicious Downloadables database," Claim 55 is invalid. See id Here, database was not construed during claim construction and Dr. Spafford provided his opinion based on his review of the claims and ofNAV 95. While Finjan is correct that Dr. Vigna presented a different opinion as to whether NAV 95 disclosed the claim elements, it was within the province of the jury to assess the credibility of each opinion and, ultimately, to accept Dr. Spafford's conclusions. In consideration of the evidence presented above, the court finds that the jury could have reasonably found substantial evidence in the record to support that conclusion. 2. Anticipation At trial, Sophos and Websense asserted an anticipation invalidity defense against the '194 and '962 Patents based on the prior art reference SWEEP-InterCheck. The court discusses the parties' arguments, the evidence presented at trial, and the jury verdict below and finds, for the reasons that follow, that the jury's finding of invalidity was supported by substantial evidence. Finjan asserts that the record is "devoid of evidence" that the specific prior art reference on which Sophos and Websense rely-version 2. 72 of Sweep and version 2.11 of InterCheckwas available in the United States as a combined product before November 8, 1996, if ever. (D.1. 821 at 2.) Instead, Finjan maintains that Sophos presented the jury with "an assortment of generalized evidence, unrelated to the specific combination actually asserted as prior art" and 29 included "many plainly erroneous and internally inconsistent dates." (Id. at 2-3.) For instance, Finjan notes that Sophos' invalidity expert, Mr. Klausner, claimed that disks not created until at least 1996 had been sold in 1995, that a CD ROM created in 2011 contained prior art, and that files dated 1995 and 1996 were not created until this litigation. (Id. at 3.) Finjan also asserts that Sophos failed to establish that the manuals on which it relied were enabled 10 and did not provide a "legally sufficient basis for combining the disparate versions, materials[,] and even a thirdparty hardware component that it presented to the jury as a purported single anticipating prior art reference." (Id.) Finally, Finjan contends that Sophos did not establish that Sweep-InterCheck disclosed the claim limitations: (1) checking Downloadables with a server serving as a "gateway" to the client; (2) using a security policy; (3) a server preventing execution of files; and (4) processing JavaScript and Visual Basic Script. (Id.) In light of the evidence presented at trial, the court disagrees and finds that the jury's verdict of invalidity was, in fact, based on substantial evidence. The court disagrees and concludes that Sophos did present evidence sufficient to support the jury's verdict of invalidity as to the patents-in-suit, including: (1) testimony from Sophos founder and inventor, Dr. Jan Hruska; (2) testimony from Sophos software engineer Tim Twaits; (3) expert testimony from David Klausner demonstrating that every limitation of the asserted claims were present in SWEEP-InterCheck; (4) an in-court demonstration proving that SWEEPInterCheck performed every limitation of the asserted claims; and (5) documentary evidence including a sales contract, source code, and product manuals. In fact, the court finds that the testimony and corroborating evidence could have led the jury to reasonably conclude that 10 See supra note 7. Again, the court will not address the issue of enablement, as Finjan represented before trial that it would not be introducing enablement testimony with respect to any of the alleged pieces of prior art. 30 SWEEP-InterCheck was available in the United States at least as early as August 5, 1995. The court addresses each of Finjan's JMOL arguments below. i. Whether Substantial Evidence Demonstrated that SWEEPInterCheck Was Available in the United States Before November 8, 1996 Finjan maintains that Sophos did not provide relevant evidence of the availability of a combination of Sweep 2. 72 and InterCheck 2.11 as a combined product in the United States before the November 8, 1996 priority date. Specifically, Finjan argues that Sophos relied on several purported versions of source code for Sweep and InterCheck and never entered into evidence an actual commercially available product corresponding to Sweep 2. 72, InterCheck 2.11, or any other version of those software products, "let alone a combination of the two programs in a single product." (D.I. 790 at 4.) Finjan notes as contrast that Symantec entered into evidence a purported box copy of the NA V 95 product that it alleged to be prior art. (Id.) Here, Finjan states that Sophos showed the jury a demonstrative form of a CD ROM purporting to contain Sweep and InterCheck code, but that the disk was not created until 2011. In addition, Finjan contends that Sophos failed to establish that the combination product was ever sold in the United States because: (1) Sophos relied on an unsigned August 1995 contract of Sophos' alleged sale of unidentified versions of Sweep and InterCheck that were for a Macintosh version of InterCheck, making it irrelevant here; (2) Dr. Hruska relied on this unexecuted contract to form his belief that Sweep-InterCheck was on sale in the United States before the priority date, which was uncorroborated and does not rise to clear and convincing evidence; (3) the October 2, 1994 source code comment on which Mr. Klausner relied to show U.S. availability of Sweep version 2.66 is inadmissible hearsay 11 ; and (4) the testimony of 11 Finjan also asserts that Sophos presented "evidence riddled with inconsistencies and errors regarding dates associated with lnterCheck and Sweep. (D.I. 790 at 7.) For instance, Finjan notes that Mr. Klausner's 31 Sophos employees, Dr. Hruska and Mr. Timothy Twaits, did not establish availability. (Id at 47.) Based on the evidence presented at trial, the court finds substantial evidence to support the jury verdict. Specifically, the court agrees with Sophos that Finjan mischaracterizes Dr. Hruska's testimony in its Opening Brief in Support JMOL, stating that he "testified that he 'believed' SWEEP-InterCheck was on sale in the United States before the priority date, but did not provide any testimony beyond the insufficient disclosure of the document." (D.1. 812 at 4 (citing D.I. 791 at 5; DX-9047).) Rather, Dr. Hruska testified that SWEEP-InterCheck was sold in the United States before November 1995 and that he was personally involved in selling products to the World Bank in Washington, D.C. in 1995. (Id) Dr. Hruska also authenticated, laid foundation for, and testified about the 1995 contract. (Id (citing Tr. at 2354:15-2355:12).) Sophos sought to demonstrate this availability via Dr. Hruska's testimony that SWEEPInterCheck for Windows 95 was sold in the United States by 1995, which was corroborated by the fact that one of Sophos' U.S. distributors was listed in the user manual for that product. (Id (citing Tr. at 2340:3-17; DX-8406).) In addition, Sophos introduced evidence to demonstrate its claim of priority by showing a comment in the SWEEP-InterCheck source code adding certain functionality to the product in demonstrative exhibits had modification dates ranging from 1990 to 1995, "calling into serious question the verifiability of other times and data relied upon by Sophos." (Id.) In addition, Finjan asserts that Mr. Klausner told the jury that he was relying on software found in floppy disks he showed the jury that he claimed were shipped in 1995, when they were, in fact, dated 29/07/96, which was "long after Mr. Klausner claimed they were available." (Id. at 7-8.) Finjan also argues that: the SWEEPNT version 2.87 purportedly on the disks was not the Sweep 2.72 and InterCheck version 2.11 upon which Mr. Klausner relied; the CD ROMs that were to contain the purported prior art have a "copyright and build date as late as 2011 "; and Mr. Klausner used various versions of InterCheck, raising "significant doubt regarding the accuracy of the release dates of these versions of InterCheck because the release dates for software versions are not chronologically linked to the version number." (Id.) In light of these inconsistencies, Finjan maintains that Sophos did not present clear and convincing evidence of invalidity. (Id. at 8.) The court discusses these assertions in its disposition of Finjan's Motion for a New Trial infra. See infra Section IIl.D. 32 October 1994 "for a US customer." 12 (Id (citing SOP DX4-5, citing DX-8418).) While Finjan argues that this source code comment is inadmissible hearsay, Sophos correctly notes that Finjan did not raise this objection at trial. (Id) Moreover, even if Finjan could introduce an objection to this evidence at this stage, its reliance on Hilgraeve to support its proposition is misplaced, as detailed above. Specifically, unlike in that case, where the defendant could not demonstrate that certain references were prior art because the only evidence offered was conclusory declarations, copyright labels, and other date stamps, here, Sophos has offered: testimony of the inventor of the prior art reference who established sales of it prior to the critical date; the World Bank contract; dated source code; dated manuals; and Mr. Twait's testimony about the InterCheck product development. (Id at 5 (citing Hilgraeve, 271 F. Supp. 2d at 975 ("it is noteworthy that Defendant has failed to produce contemporaneous shipping records or sales receipts to prove that SAM 1.3 was actually shipped and sold to customers prior to February 1990")); Tr. at 2340:3-17, 2354:15-2355:12, 2351:9-12; DX-9047; DX-8406).) Finjan's argument that SWEEP-InterCheck is not prior art because the demonstrative programs had multiple modification dates, and are, therefore, unreliable, also fails to prove a lack of substantial evidence. Indeed, Finjan's assertion that there is "significant doubt" as to the release dates of the versions of InterCheck presented at trial, is supported by a citation to demonstrative exhibit, SOP DX4-2. (Id at 6.) Dr. Hruska and Mr. Twaits testified about how Sophos maintained its products and revision histories and each explained the use and procedures for the dates of various versions of Sophos products. (Id (citing Tr. at 2331:3-2332:15, 2348:918, 23 51 :9-12).) If the jury found this testimony credible, as it appears to have done in this case, it could reasonably have found that the dates were not inconsistent as Finjan alleges and that the 12 Finjan asserts that, "to the extent the comment in the source code is offered for the truth regarding the date SWEEP became publicly available, it is inadmissible hearsay." (D.1. 790 at 6 (citing Hilgraeve, Inc. v. Symantec Corp., 271 F. Supp. 2d 964, 974 n.4 (E.D. Mich. 2003)).) 33 SWEEP-InterCheck release date was proven clearly and convincingly. Notably, Finjan did not cross-examine Dr. Hruska or Mr. Twaits on their explanations. Having failed to establish through cross-examination any dispute as to the veracity of the dates on each and every release of the Sophos software, it cannot now argue that Sophos' evidence is deficient as claimed. (Id. (citing Symbol Techs., Inc. v. Opticon, Inc., 935 F.2d 1569, 1576 (Fed. Cir. 1991) (concluding that a party who chooses not to cross-examine a witness on an issue cannot later "recoup for its failed litigation strategy"); GNB Battery Techs., Inc. v. Exide Corp., 876 F. Supp. 582, 604 (D. Del. Nov. 12, 2009) (same); Linear Tech. Corp. v. Monolithic Power Sys., Inc., 2009 WL 3805567, at *6 (D. Del. Nov. 12, 2009) (same)).) Finjan's criticism of Mr. Klausner's reliance on a floppy disk is also unavailing. Specifically, and as Sophos notes in its brief in opposition to JMOL, Mr. Klausner used the floppy disk to demonstrate how SWEEP-InterCheck met the claim limitation "computer readable storage medium," rather than to show when SWEEP-InterCheck was released. (Id. (citing Tr. at 2467: 17-25).) Indeed, Mr. Klausner testified specifically as to which release he used in his invalidity analysis, stating that he relied on SWEEP version 2. 72 and InterCheck version 2.11, as well as on InterCheck versions 2.01 and 2.10, which were earlier versions of the program incorporated into version 2.11. (Id. at 5-6, n.6 (citing Tr. at 2488:8-11, 2413:1-2476:6).) In view of the foregoing, the court finds that Sophos presented substantial evidence on which the jury could have reasonably relied in reaching its conclusion that SWEEP-InterCheck was available in the United States before the November 1996 priority date of the patents-in-suit. ii. Whether Sophos Improperly Relied on Multiple References to Demonstrate Invalidity by Anticipation Finjan further asserts that Sophos: (1) "improperly argued anticipation based on a combination of references," including "a combination of documents, versions of source code[,] 34 and executable files"; and (2) presented a "flawed" anticipation defense because it relied on a "third-party 'network interface card"' to satisfy the claim limitation "interface for receiving an incoming Downloadable addressed to a client" in Claim 32. (D.1. 790 at 9, 11.) In response to Finjan's first argument, Sophos maintains that it used a single product, SWEEP-InterCheck, to prove anticipation. Specifically, Sophos notes that its citations to source code were to a single version of SWEEP (version 2.72) and a single version oflnterCheck (version 2.11), which were sold together as a single software product. (D.I. 812 at 7 (citing Tr. at 2419:2-11, 2431:242432:7, 2435:4-19).) Mr. Klausner also testified that he used these versions of the software in the SWEEP-InterCheck demonstration that he displayed at trial and confirmed this point during cross-examination. 13 (Id (citing Tr. at 2420:18-2424:15, 2446:6-2448:22, 2487:16-2488:11, 2489:22-2490:21).) Mr. Klausner even testified that he did not perform an obviousness analysis because the software was sold as a single product. (Id at 8 (citing Tr. at 2491: 11-14).) Sophos further challenges Finjan's "multiple references" argument, by detailing that the user manuals and source code are not independent prior art references, but rather are proof of how the SWEEP-InterCheck product operated and functioned at the relevant time. (Id (citing 2383:4-9, 2415:2-2416:5).) As the Federal Circuit clarified in Enzo Biochem, Inc. v. Gen-Probe, Inc., the combination of a product with a contemporaneous manual that ships with the device is a single reference for anticipation. (Id (citing 424 F.3d 1276, 1285 (Fed. Cir. 2005) (using the product and "accompanying instructions" in an anticipation analysis)).) The court finds the Federal Circuit's opinion in Enzo Biochem, Inc. v. Gen-Probe, Inc., to be more analogous to the instant case, than Kyocera Wireless Corp. v. ITC, which Finjan cites in support of its contention 13 Sophos details that the evidence on which Mr. Klausner relied to establish the functionalities of SWEEPInterCheck consisted of the source code for SWEEP version 2.72, InterCheck version 2.01, and InterCheck version 2.11, while his demonstration of the working product was confined to SWEEP version 2.72 running on Windows NT 3.51 and InterCheck version 2.11 running on a Windows 95 client computer. (D.I. 812 at 7 n.4 (citing Tr. at 2420: 12-2426: 15, 2384: 19-2388:25).) 35 that Sophos relied on distinct pieces of prior art that cannot be characterized as a single product. See 545 F.3d 1340, 1351-52 (Fed. Cir. 2008) (concluding that a collection of technical specifications collectively known as the GSM standard, written by several different authors over several years and each constituting a separate document in its own right, do not function as a single prior art reference). Here, as noted above, Mr. Klausner relied on the user manuals and source code simply to demonstrate and support how SWEEP-InterCheck functioned at the time, not as distinct references. (D.I. 812 at 8 (citing Tr. at 2340:3-17, 2354:15-2355:12, 2351:9-12; DX-9047; DX-8406).) Moreover, and in response to Finjan's assertion that it improperly relied on a "third-party 'network interface card,'" Sophos makes several arguments. First, Sophos argues that Claim 32 is, in fact, directed to a "system for execution by a server that serves as a gateway to a client," and, therefore, any component that is part of the "server that serves as a gateway to a client" is necessarily part of the claimed system. (Id. (citing '962 Patent at Claim 32).) Second, Sophos details that Mr. Klausner testified that the network card was an "example" of the claimed interface, and that the interface could be in hardware or software. (Id. (citing Tr. at 2440:9241 :15).) To this end, Sophos asserts that it "proved in multiple ways that SWEEP-InterCheck discloses this claim limitation." Third, Sophos contends that, in any event, a network interface is inherent in SWEEP-InterCheck. (Id. at 8-9 (citing Schering Corp. v. Geneva Pharmaceuticals, 339 F.3d 1373, 1377 (Fed. Cir. 2003) ("A prior art reference may anticipate without disclosing a feature of the claimed invention if that missing characteristic is necessarily present, or inherent, in a single anticipating reference.")).) Specifically, Sophos notes that, just as a computer is necessary to run SWEEP-InterCheck, a network interface is necessary to "receiv[e] an incoming Downloadable addressed to a client." (Id. at 9 (citation omitted).) Thus, because SWEEP- 36 InterCheck was "indisputably able to receive incoming [D]ownloadables," which the jury saw during Mr. Klausner's demonstration, Sophos asserts that it is clear that SWEEP-InterCheck satisfies the "interface" limitation of Claim 32. (Id) The court agrees with Sophos that, because Claim 32 is directed to "system for execution by a server that serves as a gateway," a component that is a part of the "server that serves as a gateway to a client" is a necessary part of that claimed system. Indeed, as Sophos details, as SWEEP-InterCheck receives incoming Downloadables, a functionality that the jury observed, it is clear that a network interface would be necessary to receive that Downloadable. The network interface card that Mr. Klausner referenced served as an example of the claimed interface and he concluded that SWEEP-InterCheck disclosed this claim. 14 Thus, the court finds that there was sufficient evidence in the record for the jury to find, accepting Mr. Klausner's testimony as credible, that Claim 32 was disclosed in SWEEP-InterCheck. iii. Whether SWEEP-lnterCheck Discloses Each Limitation of the Asserted Claims of the '194 Patent In addition to the foregoing, Finjan also contends that Sophos failed to demonstrate that SWEEP-InterCheck discloses each limitation of the asserted claims. Specifically, Finjan asserts, with respect to the '194 Patent, that SWEEP-InterCheck: (1) did not disclose a server, acting as a gateway to a client, that checks incoming Downloadables before they are delivered to the client, because, as Dr. Vigna testified, it did not have a gateway 15 and, instead, allowed for delivery to a 14 Specifically, Mr. Klausner testified, in response to the question "[h]ow do you find that limitation to be met by the SWEEP/InterCheck product," that he found this limitation: [b]y an example of an interface. I am holding up an interface. This is inside the machine, in the back. And you plug the Internet into that hole. You plug the cable into that hole. And this is called officially a network interface card .... This is SOP DX-7. Tr. at 2440:9-25. Mr. Klausner also noted that SOP DX-7 is a 1995 era interface card and, in his opinion, meets the claim limitation. Id. at 2441: 1-5. 15 Finajn also argues that Sophos conceded that SWEEP-InterCheck did not have a gateway via the testimony of Mr. Twaits, who confirmed that a Downloadable file can be downloaded from the Internet onto a client computer without being scanned by the SWEEP server. (D.1. 790 at 12 (citing Tr. at 2395:18-2400:2).) Moreover, 37 l client before the server checked the Downloadable (D.I. 790 at 12); (2) did not satisfy the step of "comparing, by the server, Downloadable security profile data pertaining to the Downloadable" because the comparison must be done by the server that serves as a gateway for the client (id. at 13 (citing Tr. at 3078:25-3079:13)); (3) did not meet the limitation that "the Downloadable security profile data includes a list of suspicious computer operations that may be attempted by the Downloadable, against a security policy to determine if the security policy has been violated" in all asserted claims or "decomposing the Downloadable into Downloadable security profile data," because these limitation require analysis of operations and SWEEP-InterCheck only provided traditional fingerprint/signature matching based detection, not protection based on the operations of a file (id. at 13-14 (citing Tr. at 3079: 14-3080:21)); (4) did not perform the step of "preventing execution of the Downloadable by the client if the security policy has been violated, recited in all asserted claims" because the server must perform this step and in SWEEPInterCheck, the server did not prevent downloading of a Downloadable or execution of a file by a client (id. at 14 (citing Tr. at 3080:22-3083:3)); (5) failed to invalidate Claims 10, 11, 33, 35, and 36, which recited evaluating Downloadables with either JavaScript or Visual Basic Code because Sophos' invalidity expert conceded that SWEEP-InterCheck was not capable of examining such code in a Downloadable for malware (id. (citing Tr. at 2473:3-17, 2499:4-15, 3093:4-6)); and (6) did not satisfy the limitation that "the Downloadable security profile data includes a list of suspicious computer operations that may be attempted by the Downloadable" and Mr. Klausner did not reference it in his testimony (id. at 14-15). However, in view of the record before it, the court finds that Sophos presented substantial evidence via Mr. Klausner's testimony, that SWEEP-InterCheck did, in fact, disclose each Finjan cites to Mr. Twaits testimony as supporting the proposition that a file recognized by the client as a known file would be executed without any call to the SWEEP-server program. (Id. (citing Tr. at 3160: 13-3161 :7).) 38 l limitation of the asserted claims of the '194 Patent. See Gomez v. Allegheny Health Servs., Inc., 71 F.3d 1079, 1083 (3d Cir. 1995) (finding that a jury verdict should not be overturned where the record is not "critically deficient of the minimum quantum of evidence" to sustain it). First, and with regard to Finjan's assertion that SWEEP-InterCheck did not employ a "gateway," as required by the claims, Sophos cites to Mr. Twait's testimony to the contrary. Specifically, Mr. Twait testified that the Downloadable cannot be downloaded to a client computer without first being scanned by SWEEP and, further, that this scan acts as the required gateway. (D.I. 812 at 9 (citing Tr. at 2383:20-2388:1, 2396:14-2400:2).) In addition, Dr. Hruska testified that the Downloadable is not executable on a computer before being checked by the SWEEP server. (Id. (citing Tr. at 2372:14-16 (testifying "incorrect," in response to the question "[s]o it was already downloaded onto one of the computers before it hit the SWEEP server, correct?").) Indeed, Dr. Hruska explained that SWEEP-InterCheck would "make sure that you can't do anything with [the Downloadable] before it's been checked." (Id. at 9-10 (citing Tr. at 2400: 1-2, 2399:72400:3).) In light of this testimony, it was reasonable for the jury to conclude that this claim limitation was met. Second, and with regard to the "security policy" limitation, Sophos notes that Mr. Klausner "methodically established" that SWEEP-InterCheck discloses the use of a security policy. See Tr. at 2435:4-2436:6. In addition, Sophos maintains that Finjan inaccurately characterizes SWEEP-InterCheck as a signature-based technology, even though Finjan failed to establish this position at trial. Rather, Sophos presented evidence to demonstrate that SWEEPInterCheck could detect unknown malware, such as polymorphic viruses and, further, that its security policy was used to determine whether malware, including such viruses, were present. (D.I. 812 at 10 (citing Tr. at 2349:5-2351:5, 2434:25-2435:19, 2456:14-24).) Moreover, 39 regarding Finjan's claim that the "decomposing" element of Claim 66 is missing from Mr. Klausner's analysis, Mr. Klausner did testify as to the functionality of the decomposing element of Claim 66, which could reasonably establish that SWEEP-InterCheck used a security policy as required by the '194 Patent. Therefore, the court finds that if the jury agreed with Sophos' witnesses, it could have reasonably found that SWEEP-InterCheck disclosed the "security policy" limitation. Third, Sophos also points to evidence in the record from which the jury could conclude that SWEEP-InterCheck disclosed the "prevent[s] the execution of the Downloadable" limitation. In making this argument, Sophos challenges Finjan's assertion that the server must prevent the execution of the downloadable, noting that nothing in the asserted claims requires the server to prevent such execution of the Downloadable. (Id.) Instead, the claims recite "preventing execution of the Downloadable by the client if the security policy has been violated," without specifying what must prevent the execution of the Downloadable. (Id. (citing '194 Patent at Claim 1).) And, regardless, Mr. Klausner testified that SWEEP-InterCheck prevented the client from executing the Downloadable by telling the client to block the file. (Id. at 10-11 (citing Tr. at 2435:4-2436:3, 2442:10-2443:3).) Fourth, Sophos asserts that it proved, with unrebutted testimony and a demonstration, that SWEEP-InterCheck could process JavaScript and Visual Basic Downloadables. (Id. at 11 (citing Tr. at 2424:25-2426:9, 2443:11-2444:15).) Despite this evidence, Finjan contends that SWEEPInterCheck did not possess this capability. However, as Mr. Klausner testified, the claims do not require that the Downloadable based on JavaScript or Visual Basic script contain the malware. (Id. (citing Tr. at 2473:3-17).) Thus, there was, in fact, evidence in the record supporting Sophos' position that SWEEP-InterCheck met this claim limitation. 40 Finally, and in response to Finjan's argument that Mr. Klausner "ignore[d]" a limitation in Claim 65, Sophos details that this allegedly "admitted" claim appears verbatim in several other claims, including Claim 1. (Id. (citing SOP DX4-36).) Indeed, Mr. Klausner testified repeatedly at trial that his analysis of identical claim limitations in different claims was the same. (Id. (citing Tr. at 2446:10-19).) Notably, Finjan does not contest that SWEEP-InterCheck practices the same limitation of Claim 1. (Id. (citing Tr. at 2432:8-2433:19).) Therefore, Finjan's assertion that Sophos, or Mr. Klausner specifically, somehow ignored this claim limitation is unpersuasive. In view of the foregoing, the court finds that there was substantial evidence in the record, via Mr. Klausner and Dr. Hruska's testimony and Sophos' demonstration, that SWEEPInterCheck meets each of the limitations of the asserted claims. The jury heard from both sides' experts and was within its right to determine which opinion was credible as to anticipation. The court will not, therefore, grant JMOL and overturn the jury's invalidity verdict with respect to the ' 194 Patent. iv. Whether SWEEP-InterCheck Discloses Each Limitation of the Asserted Claims of the '962 Patent Finally, Finjan asserts that Sophos failed to show that SWEEP-InterCheck disclosed the limitations of the asserted claims of the '962 Patent. In particular, Finjan argues that SWEEPInterCheck: (1) did not "monitor[] substantially in parallel a plurality of subsystems of the operating system," because, as Dr. Vigna explained, it only monitors a single file subsystem, does not monitor other subsystems, and cannot be compensated for by the interrupt disk input/output operations and BIOS services (D.I. 790 at 15 (citing Tr. at 3094:21-3095:8)); (2) did not monitor files "during runtime," as required by the asserted claims because, as Mr. Klausner acknowledged, runtime "means during the execution of the program," such that all actions that 41 take place before or after a program is executed (id at 16 (citing Tr. at 2453:17-2454:18)); (3) did not perform the step of "comparing information pertaining to the Downloadable against a predetermined security policy, because this limitation requires looking at the Downloadable and it only looked at information about the "target" of a Downloadable's operation, not the Downloadable program trying to execute the target (id); and (4) failed to disclose the step of monitoring a "network system," because its function was limited to monitoring network drives, which are just part of a file that are remotely accessed and did not monitor network subsystems of an operating system (id at 17 (citing Tr. at 3101 :1-3102 :5)). In consideration of the evidence detailed below, the court disagrees and finds that the jury's invalidity verdict as to the '962 Patent is supported by substantial evidence. First, Sophos argues that it presented evidence that SWEEP-InterCheck monitored a plurality of subsystems. Specifically, Mr. Klausner testified about the various subsystem calls for the file systems and disk access, referencing InterCheck source code to explain how the subsystems are handled. (D.1. 812 at 12 (citing Tr. at 2451:24-2453:2).) In addition, Sophos notes that the Dr. Vigna testimony to which Finjan cites to support its contention that SWEEP-InterCheck did not monitor a plurality of subsystems, includes Dr. Vigna's opinion about NAV 95, an unrelated product. (Id. (citing 790 at 16).) In its Reply, Finjan clarifies its argument and disagrees with Mr. Klausner's testimony that SWEEP-InterCheck was capable of monitoring multiple subsystems because it monitored "file system," "disk access," and "disk input/output" interrupts. (D.1. 820 at 7 (citing D.I. 812 at 12).) In contrast, Finjan maintains that Mr. Klausner did not demonstrate monitoring of a plurality of subsystems because each of the "interrupts" Mr. Klausner identified are "file operations contained in a File System, a single subsystem of the Operating System," such that 42 Sophos did not rebut its showing that "monitoring disk access and disk input/output simply means writing and reading files within a single subsystem and not multiple subsystems, as required by the asserted claims." (Id) Finjan also argues that Sophos did not rebut Finjan's "explanation that BIOS (Basic Input/Output System) operations are not within one of the subsystems of the operating system because they are performed when a computer is first booted up, before an operating system is loaded and, thus, cannot satisfy the limitation of monitoring an operating system." (Id) Importantly, however, Mr. Klausner's testimony included his opinion, based on his assessment of the product and its source code, that the interrupts were "different than files" and were, instead, "another subsystem." See, e.g., Tr. at 2450: 14-2. While Dr. Vigna came to a different conclusion and Finjan disagrees with Mr. Klausner's analysis, the jury was entitled to weigh the credibility of both opinions and agree with Mr. Klausner that SWEEPInterCheck monitored a plurality of subsystems, satisfying this claim limitation. In addition, the court finds that Sophos did introduce evidence that SWEEP-InterCheck monitored files during "runtime." Specifically, Mr. Klausner detailed how SWEEP-InterCheck monitored files during runtime and referenced source code, a demonstrative showing runtime monitoring, and other evidence in support. For instance, Mr. Klausner testified as to examples of opening, closing, and writing a file to establish this claim and counter Dr. Vigna's testimony that SWEEP-InterCheck only provided access scanning. (D.I. 812 at 12 (citing Tr. at 2453:17- 2454: 18).) Again, the court finds that both sides presented the jury with evidence as to whether SWEEP-InterCheck met the runtime claim limitation and that it was reasonable for the jury to find substantial support for Mr. Klausner' s opinion. Similarly, Sophos also presented evidence through Mr. Klausner's testimony that SWEEP-InterCheck disclosed a comparator and response engine, contrary to Finjan's assertion 43 that it did not compare information pertaining to the Downloadable. (Id. (citing D.I. 790 at 1216).) In particular, and as Sophos notes, a similar element in the ' 194 Patent requires comparison against a security policy and Finjan does not dispute that SWEEP-InterCheck practiced that element. Regardless, Mr. Klausner cited and displayed source code that compared information pertaining to a Downloadable (e.g., through control.asm) against a predetermined security policy (e.g., abort_call). (Id. (citing Tr. at 2456:14-2458:3).) In addition, Mr. Klausner described how SWEEP-InterCheck's comparator and response engine would compare the Downloadable against the predetermined policy to recognize whether the Downloadable contained any malware. (Id. at 13 (citing Tr. at 2456:10-2458:3).) Thus, the court finds that the jury had evidence sufficient to reasonably reject Finjan's claims that the comparator and response engine did not exist in SWEEP-InterCheck. Finally, with respect to the claimed elements, Sophos also presented substantial evidence from which the jury could find that SWEEP-InterCheck monitors a network system. Specifically, Mr. Klausner discussed how SWEEP-InterCheck checked multiple subsystems, including network systems, and identified the various systems being monitored. (Id. (citing Tr. at 2469:18-2471:18; DX-8419; DX-8421).) Mr. Klausner explained that these subsystems included a file system, network system, process system, and memory systems. (Id.) Thus, despite Dr. Vigna's testimony to the contrary that SWEEP-InterCheck was limited to monitoring network drives, which are just part of the file system that are remotely accessed-not a network subsystem of an operating system-Mr. Klausner presented a different conclusion with which the jury could reasonably agree. With regard to the jury's agreement with Mr. Klausner's opinion that SWEEP-InterCheck anticipated the asserted claims of the '962 Patent, it was within the province of the jury to assess 44 the credibility of each side's experts and draw reasonable conclusions. As Sophos points out in its briefing, Dr. Vigna testified that he did not review the SWEEP-InterCheck source code in forming his opinion. (D.I. 812 at 13 (citing Tr. at 471:21-472:1, 724:4-5, 3143:3-3144:13).) Sophos also notes that even one of Finjan's experts referred to the source code as "the DNA of the system in question," and that, despite the importance of source code, Dr. Vigna did not review a "line of it" in conducting his analysis, because he did not sign the Protective Order between the parties (Id. at 14 (citing Tr. at 471 :21-472:1, 724:4-5, 3143:3-3144:13).) While Dr. Vigna did testify generally on direct examination that he reviewed the binary code to determine how the products functioned, the court prevented him from elaborating during redirect on this analysis. 16 Indeed, as Sophos notes, Dr. Vigna was the only expert Finjan offered to challenge the Sophos' validity defense and Dr. Vigna opined on SWEEP-InterCheck for less than ten pages of his two-hundred and fifty page expert report. Thus, for the reasons outlined above, the court concludes that it would have been reasonable for the jury to find the patents-in-suit invalid in light of SWEEP-InterCheck based on the substantial evidence in the record. The court also notes that, as Sophos correctly asserts in its Brief in Opposition to Finjan's JMOL motion, the jury's invalidity verdict is further supported by the prior art asserted by the other defendants. In fact, the jury verdict form made this point clear in asking: "Do you find that any of the Defendants have proven by clear and convincing evidence that any of the asserted claims [of each asserted patent] are invalid because they are anticipated by prior art?" (Id. at 15 16 Specifically, the court engaged in the following discussion with counsel at sidebar: Finjan's Counsel: Now, you mentioned binary code in connection with Sweep/InterCheck, and you thought this was a better source of material. Why is that? The Court: Let me see counsel. (The following discussion took place at sidebar.) It's not my job to judge this witness' credibility, but I am not going to let him confuse this jury with a discussion about binary code. No expert in this case has talked about binary code, including this gentleman on his direct testimony. Tr. at 3159:15-3160:1. The court discusses its rationale in precluding Dr. Vigna from testifying in greater detail as to his review of the binary code irifi-a. See irifi-a Section III.D. 45 (citing D.I. 746 at 4).) The jury's verdict of invalidity based on anticipation and obviousness further demonstrates that the jury considered all the prior art, because Sophos did not make an obviousness argument based on SWEEP-InterCheck. Therefore, it appears that the jury must have relied on other prior art to find the patent obvious. While Finjan overlooks this point in its briefing, it does support the jury verdict in this case. B. Infringement Finjan also moves for judgment as a matter of law on the issue of infringement. The court will address infringement separately with respect to each defendant. 1. The Jury's Finding of Sophos' Noninfringement Finjan moves for JMOL as to the jury's verdict that Sophos' HIPS Runtime products infringe the '962 Patent and that its Behavioral Genotype products infringe the '194 Patent. In support, Finjan asserts that Sophos did not challenge its evidence of infringement and, to the contrary, admitted during closing arguments that "Finjan filed patents, and the Patent Office granted patents, and those patent claims cover what we do." (D.I. 790 at 18 (citing Tr. at 3351 :25-3352:2).) Finjan also cites to Sophos' closing argument statement that it had not "contended for a minute in this case that our products are not covered by their patents. They are. We did it first. That invalidates the patents." (Id. (citing Tr. at 3352:3-5).) Moreover, Finjan notes that its expert, Dr. Brumley, provided a detailed analysis demonstrating Sophos' infringement on a claim by claim basis and that Sophos did not challenge his infringement opinions, but, instead, focused its line of inquiry entirely on invalidity and which products and features were accused of infringement. (Id. (citing Tr. at 1091 :22-1168:5, 1169:20-1176:1, 1195:8-1248:16, 1249:7-1273:8 (Brumley)).) Thus, Finjan argues that Sophos did not dispute infringement at trial and, as a result, the jury's verdict was unsupported by the evidence. Indeed, 46 I Finjan asserts that Sophos did not dispute infringement until its opposition to Finjan's first motion for JMOL, which is insufficient and serves merely as "unsupported attorney argument." (Id at 18-19 (citing D.I. 761).) Specifically, Finjan highlights that, with respect to the '194 Patent, Sophos' only noninfringement argument was that its Behavioral Genotype products do not operate as a "server that serves as a gateway to the client," but raised this argument only in its opposition to Finjan's Rule 50(a) JMOL. (Id (citing D.I. 761).) Finjan contends that this unsupported attorney argument cannot overcome the dispositive evidence presented at trial-Dr. Bromley's unrebutted testimony that Sophos' products infringe the '194 Patent: (1) by serving as a gateway by scanning Downloadables before they can infect the client (id (citing Tr. at 1196:15-1200:16 (Brumely))); (2) having the gateway implemented as a web proxy (id (citing Tr. at 1242:61243:7 (Brumley); Ex. 30, JTX-292)); and (3) by their functionality, which is demonstrated through deposition and documents describing the products' functionality and pointing to various portions of Sophos' source code, which proves that the accused products do, in fact, have this functionality (id (citing JTX-292; Ex. 1; Tr. at 1198:14-1200:16). Finjan argues that this testimony, coupled with Sophos' failure to challenge the Claim 66 infringement allegation, combines to render the jury verdict of noninfringement invalid. (Id.) Likewise, Finjan maintains that Dr. Bromley's testimony and Sophos' failure to challenge his analysis or present a noninfringement argument on the '962 Patent, renders the jury's finding of noninfringement for that Patent unsupported by substantial evidence. Specifically, Finjan argues that it proved that Sophos' HIPS Runtime Products practice all limitations of the asserted claims of the '962 Patent through Dr. Bromley's testimony that: (1) Sophos' products perform the required monitoring (id. at 19 (citing Tr. at 1102:15-1104:4 47 (Brumley))); (2) Sophos installs hooks, which notify Sophos when files are modified (id. at 1920 (citing Tr. at 1054: 19-1055: 12 (Brumley))); and (3) Microsoft does not'support or recommend this approach (id. at 20 (citing Tr. at 1102:18-1103:7 (Brumley))). In addition, Finjan highlights that Sophos' invalidity expert, Mr. Klausner, also confirmed the way that hooking works as: "It's a way to-if there is a path through the operating system that says, do this, this, this, this, and this, hooking interrupts that path and says, by the way, take a detour right here so I can check something." (Id. (citing Tr. at 2456:4-8 (Klausner)).) To this end, Sophos installs these hooks for monitoring and then interrupts the processing of the requests and calls the SAV engine to do its analysis. (Id. (citing Tr. at 1102:18-1103:14 (Brumley)).) Dr. Brumley testified that this, and the evidence in the record, indicates that "Sophos is doing the monitoring substantially in parallel for an event," a point that Finjan states Mr. Klausner confirmed by his testimony that Sophos' predecessor products do interrupt processing of the request. (Id (citing Tr. at 1052:19-1055:7 (Brumley); Tr. at 2455:9-2456:13 (Klausner) (noting, in support of its argument that Sweep-InterCheck satisfies the "interrupting processing of the request" limitation, that Mr. Klausner testified: "we are interrupting a program that's running, that's trying to access some file in order to allow us to allow the checking of that file before we have that program continue to execute")).) Finjan further maintains that Mr. Twaits, a senior software development engineer at Sophos, likewise confirmed that its products perform the monitoring step. (Id. (citing Tr. at 1052:19-1055:7 (Twaits)).) Thus, Finjan urges the court to grant its motion for JMOL against Sophos and find the asserted claims of the '194 and '962 Patents infringed. (Id) In response, Sophos asserts that: (1) Finjan had the burden of proof on infringement and failed to meet that burden (D.I. 812 at 16); and (2) statements made by Sophos' counsel 48 constitute attorney argument, not evidence, and, therefore, have no bearing on the jury's ultimate findings (id). For the reasons set forth below, the court agrees and finds that the jury's finding of noninfringement with respect to Sophos' products was not against the weight of evidence. Importantly, and as Sophos correctly notes, it was Finjan's burden to prove infringement of the '962 and '194 Patents, not Sophos' burden to prove noninfringement. Indeed, while Sophos did not present a separate noninfringement argument at trial, the record was not devoid of evidence supporting a conclusion of noninfringement and Sophos did challenge the credibility of Dr. Brumley' s findings. First, Sophos argues that both of its co-defendants, Symantec and Websense presented non-infringement arguments that were equally applicable to Sophos and, therefore, it would have been "unreasonable and inconsistent for the jury to find noninfringement for Symantec and Websense while finding [that it] infringed." (D.I. 812 at 16.) The court disagrees with Sophos that its co-defendants' infringement arguments were equally applicable to Sophos, because there is no evidence and no party argued that the defendants' products were similar or operated similarly. However, the court does agree that if the jury found that Dr. Brumley's opinions were not credible with respect to Symantec and Websense, as compared to the opinions asserted by the other defendants' witnesses, the jury could reasonably have applied its credibility assessment in evaluating Dr. Bromley's conclusion that Sophos infringed the asserted patents. See Star Scientific, Inc. v. R.J. Reynolds Tobacco Co., 655 F.3d 1364, 1378 (Fed. Cir. 2011) (concluding that where expert testimony was needed to establish infringement, it was not unreasonable for the jury to discredit the testimony of the patentee's expert and find noninfringement). Second, regarding the '962 Patent, the parties arguments focused on whether the Sophos' products practice at least the claim limitation "monitoring substantially in parallel a plurality of 49 I subsystems of the operating system." Sophos asserts and the court agrees, that it was reasonable for the jury to conclude that Finjan failed to prove infringement of this claim limitation through the evidence it adduced at trial. (Id. at 17.) Specifically, contrary to Finjan's assertion that Mr. Klausner's testimony demonstrates that the products practice this element through Sophos' installation of the hooks for monitoring in the SWEEP-InterCheck system, this testimony regarding invalidity did not necessarily show that the accused products also operate in the same way. (Id.) In addition, Sophos notes that Finjan cites to only conclusory statements of Dr. Brumley that Sophos installed the hooks for monitoring and, thus, performed the limitation. Importantly, Dr. Brumley only stated that Sophos performed this monitoring step because Sophos interrupts the request and did not tie Sophos to the monitoring requirement. Sophos further asserts that Dr. Brumley did not sufficiently explain how Sophos met the claim limitation in Claims 12 and 21, requiring a plurality of the operating system interfaces operating substantially in parallel, such that, absent further analysis, which was not provided, the jury could have reasonably found that Finjan failed to establish infringement of these elements. (Id.) Finally, Sophos argues that Finjan failed to consider that the deposition testimony it relied on from Mr. Twaits described how the Sophos products "hook" the Microsoft operating system and, that by hooking into this operating system, it was Microsoft-not the Sophos products-that performed the "monitoring" element required by the claims. (Id. at 17 (citing Tr. at 1054:19-1055:12 (Twaits)).) In particular, Mr. Twaits' deposition testimony detailed how the "operating system [] will notify" Sophos when its registry values and keys have been modified. (Id. (citing Tr. at 1054:19-1055:2 (Twaits)).) Thus, because the operating system performs this monitoring, it was reasonable for 50 jury to find that Sophos' accused products do not perform this limitation and, therefore, do not infringe. Third, and with regard to the '194 Patent, the court likewise finds that the jury verdict of noninfringement was reasonable and was not against the weight of evidence. Specifically, Dr. Brumley relied on Virus Description Language ("VDL") to prove, at least in part, that the Sophos products practiced the "comparing" element of the '194 Patent that is present in each of the asserted claims. Importantly, on cross-examination, Sophos established that Dr. Brumley considered only a small portion of the source code available to him and questioned whether he sufficiently determined the functionality of the products at issue. Tr. at 1263:9-1264:2. Dr. Brumley also admitted on cross-examination that he did not know what VDL stood for until the trial began, which, Sophos maintains, demonstrated a gap in his understanding of the products. See id. at 1265:2-23, 1270:20-1272:11. In light of this cross-examination, the jury could have reasonably questioned the credibility and completeness of Dr. Brumley' s analysis, entitling it to find that Finjan failed to carry its burden of proving infringement. Indeed, the Third Circuit has clarified that if, at the very least, the "record contains the minimum quantum of evidence" from which a jury could reasonably find a verdict, a JMOL motion should be denied. See Keith v. Truck Stops Corp. of America, 909 F.2d 547, 548 (3d Cir. 1986); Price v. Delaware Dep't of Correction, 40 F. Supp. 2d 544, 549-50 (D. Del. 1999). In sum, the court agrees with Sophos that the jury's verdict was not against the weight of the evidence, as the jury could have reasonably found that Dr. Bromley's testimony did not conclusively establish infringement of each of the elements of the asserted claims of the patentsin-suit for the reasons detailed above. 51 Finally, the court finds that Sophos' closing argument statements, quoted above, do not undermine the jury's finding of noninfringement or establish that that verdict was not based on substantial evidence. It is well established that attorney argument does not constitute evidence. See, e.g., Gemtron Corp. v. Saint-Gobain Corp., 572 F.3d 1371, 1380 (Fed. Cir. 2009) (noting that "unsworn attorney argument ... is not evidence"); Johnston v. /VAC Corp., 885 F.2d 1574, 1581 (Fed. Cir. 1989) (concluding that attorney argument is no substitute for evidence). Thus, the jury should not have considered-and, evidently, did not consider-Sophos' counsel's statements to be evidence that Sophos' products infringe the patents-in-suit. Rather, the jury was tasked with assessing the evidence in the record in reaching its conclusion as to whether Finjan met its burden of proving infringement and, here, could have reasonably concluded that it did not. In reaching its conclusion, the court rejects Finjan's contention that Sophos' counsel's closing argument statements should constitute an "admission" of infringement, necessitating JMOL. Specifically, Finjan argues that "Sophos took an unequivocal position at trial in admitting infringement, and used it to support an invalidity argument," and, therefore, "cannot now 'assume a contrary position simply because the decision in retrospect was a tactical mistake, or pherahps a candid but regrettable conclusion."' (D.I. 820 at 9 (citing Fleck v. KD/ Sylvan Pools, Inc., 981 F.2d 107, 116-17 (3d Cir. 1992)).) First, and with regard to Finjan's assertion that Sophos made its statement "admitting infringement" to support its invalidity argument, attorney argument is not evidence and the jury properly did not consider the statement as evidence in reaching its verdict. Second, the court also disagrees with Finjan's position that Sophos' statements constituted an "unequivocal" admission, as required. See Childs v. Franco, 563 F. Supp. 290, 292 (E.D. Pa. 1983) ("If unequivocal, an admission of counsel during the 52 course of trial is binding on the client."). Indeed, while an attorney's statement "may" constitute an admission, it must be unequivocal to result in a binding admission on the client. See id Here, while Sophos did not present a noninfringement case, it was not Sophos' burden to do so and Sophos' questioned the credibility of Finjan's infringement expert on cross-examination. In addition, Sophos included infringement in the parties' Pretrial Order as an issue in dispute and the jury Verdict Form tasked the jury with determining whether Sophos' products infringed the patents-in-suit. Aside from Sophos' counsel's statements during his closing argument, there is no evidence in the record or in the litigation of this action, indicating that Sophos admitted to infringement. Thus, the court disagrees with Finjan's assertion that Sophos' counsel's statements constituted an admission requiring JMOL. In view of the foregoing, the court concludes that the jury could have reasonably found that Finjan failed to carry its burden of demonstrating infringement by the required standard. See Start Scientific, Inc. v. R.J Reynolds Tobacco Co., 655 F.3d 1364, 13778 (Fed. Cir. 2011) (concluding that where expert testimony is needed to establish infringement, it is not unreasonable for a jury to discredit the testimony of the patentee's expert and find noninfringement). Therefore, the court finds that the jury verdict was not against the weight of the evidence and Finjan's JMOL with regard to Sophos' alleged infringement is denied. 2. Symantec & the Jury's Finding of Noninfringement a. Noninfringement of the '194 Patent Finjan maintains that the dispute between it and Symantec on the issue of infringement centered on whether, with respect to the '194 Patent, Symantec's Matrix accused technology meets the "a list of suspicious computer operations" limitation of the asserted claim. (D.I. 791 at 16.) Finjan asserts that, on this question of infringement, a reasonable jury could only find that 53 Symantec infringes the asserted claims of the '194 Patent. Specifically, Finjan argues that the jury verdict of noninfringement went against the weight of evidence because: (1) Symantec's expert, Dr. Maggs, conceded on cross-examination that Matrix's checking for "signature matches" encompasses "operations" within the meaning of claim; (2) Symantec's noninfringement arguments depended on an improper construction of the "list" limitation, making them "critically flawed"; and (3) Symantec's argument that Matrix does not generate "Downloadable security profile data," including "a list of suspicious computer operations," from the Downloadable code conflicts with the court's plain and ordinary meaning construction of the limitation. (D.1. 791 at 16-17.) In consideration of the evidence presented at trial and the relevant law, the court disagrees and concludes that the evidence presented was sufficient to support the jury's verdict of noninfringement. As Symantec details in its Answering Brief in Opposition to JMOL, Symantec did, in fact, present substantial evidence that could reasonably support a finding of noninfringement. Specifically, Symantec, through the evidence it presented, sought to demonstrate that the accused Matrix technology does not infringe the '194 Patent, because it does not "compar[e], by the server, Downloadable security profile data pertaining to the Downloadable, the Downloadable security profile includes a list of suspicious computer operations that may be attempted by the Downloadable, against a security policy to determine if the security policy has been violated." (D.I. 810 at 14 (citing Tr. at 1944:19-24, 1953:6-24; PTX-1, 10:11-15).) Indeed, Symantec presented fact and expert witnesses who testified that, rather than comparing a list of suspicious computer operations against a security policy, Matrix instead applies signatures to a "tokenized version of a Visual Basic Script, JavaScript, or HTML file to determine if there is a match." (Id 54 (citing Tr. 1914:17-1915:3 ("Matrix is a signature scanner that looks for patterns in VBScript, JavaScript, and HTML content."); Tr. at 1920:2-15, 1920:25-1921:19, 1945:6-13).) In addition, Symantec's expert, Dr. Bruce Maggs, also addressed each piece of evidence that Finjan relied upon to show infringement and explained why it did not support a finding of infringement. (Id (citing Tr. at 1968:2-24, 1970:1-1974:10, 1976:1-1977:11 (Maggs)).) As further support, Symantec also directly rebutted, or at the very least cast doubt on, Finjan infringement expert, Dr. Medvoidovic's attempt to demonstrate the operation of the accused Matrix technology, by presenting evidence that his demonstration actually used a non-accused signature scanning component called the Trojan Scanner. (Id (citing Tr. at 959:15-965:14, 967:9-974:13, 1923:8-1926:20, 1936:23-1937:8, 1961:7-1962:21).) Moreover, in response to Finjan's assertion that Dr. Maggs conceded infringement because he acknowledged that a "signature" could include a list of suspicious operations, Symantec notes that its expert actually testified that the entire step of comparing the list of suspicious computer operations against a security policy is not performed. (Id (citing Tr. at 1953:6-24 (Maggs) ("As I said, the whole claim element, starting with comparing by the server, is not met. .. ");Tr. at 1964:8-14, 1974:11-1975:25 (Maggs)).) To this end, Symantec disagrees with Finjan that the only disputed limitation of the '194 Patent at trial was "a list of suspicious computer operations." (Id (citing D.I. 791 at 16).) Notably, Symantec argued that, even assuming that a signature includes a list of suspicious computer operations, that list would still need to be compared against a security policy to meet the claims-and Matrix does not do this. (Id) Dr. Maggs testified to this point: Instead, in Matrix, you take these signatures that have been predefined by Symantec employees. One by one, you apply each signature to a tokenized version of the program. And you look for a match. And then you just record, was 55 there a match or not. The way you do that is you record what was the identification number, the threat ID, of the signature. (Id (citing Tr. at 1955:20-1956:1; see also Tr. at 1971:19-1972:3 (Maggs)).) Ken Coleman, a Symantec engineer who wrote the code for Matrix, likewise testified and confirmed this testimony. (Id (citing Tr. at 1915:1-1923:7; DX-4170).) Symantec asserts that, as Dr. Maggs and Mr. Coleman explained, the signature is applied to the tokenized file or "program" to determine if there is a match-nowhere is the signature compared against a security policy. (Id (citing Tr. at 1944:12-1946:2).) Thus, Symantec argues that the evidence it presented demonstrates that "it is irrelevant whether the signatures include a list of suspicious computer operations, because the signatures are never compared against a security policy, as the claims require. 17 (Id (citing Tr. at 1920:2-11 ). ) In light of this evidence, Symantec argues that a reasonable jury could conclude that Matrix does not perform this claimed comparison. Finally, Symantec's noninfringement evidence extended to challenging Finjan's assertion that its argument that the threat ID does not correspond to a list of suspicious computer instructions "was critically flawed because the asserted claims do not preclude the invention from labeling a list of suspicious operations with some type of identifier." (Id (citing D.I. 791 at 17 Symantec further notes that Finjan did not present any evidence or testimony that the Matrix signatures are compared to a security policy. Rather, Finjan's expert, Dr. Medvidovic, testified that the signatures or "script definitions" are used "to pluck out a set of tokens that tum out to be potentially malicious" and that "[t]hose tokens are the potential threats." (D.I. 810 at 16 (citing Tr. at 867: 19-25, 871: 1-9).) Dr. Medvidovic further testified that the list of suspicious computer operations correspond to a "tokenized downloadable" created after the signatures or "script definitions" are applied and did not argue that the signatures correspond to the list of suspicious computer instructions or that they are ever compared against a security policy. (Id. (citing Tr. at 868:19-25, 871:1-9).) Symantec disputed Dr. Medvidovic' s characterization of Matrix at trial through the testimony of Mr. Coleman, who explained that no list of suspicious computer operations is ever extracted-or "plucked out"-from the tokenized file. (Id. (citing Tr. at 1919:1-1920:1, 1011:12-19, 1964:15-19).) Similarly, Dr. Maggs confirmed this point in testifying that "[t]here is never a step where you take, let's say, the tokenized representative of the JavaScript or Visual Basic Script and go out and pick out certain operations and put them on a list." (Id.) Dr. Medvidovic also confirmed this point on cross-examination, noting that "tokenization" "retain[s] all of the critical information from the code that you tokenized." (Id. (citing Tr. at 1011:12-19).) Thus, Symantec's expert and fact witnesses maintained that the tokenized file includes all operations, not merely the suspicious ones, which, Symantec contends, is sufficient evidence for the jury to conclude that the tokenized files do not correspond to the claimed list of suspicious computer operations. (Id.) 56 17).) Symantec argues that Finjan "misses the point" and that there is no list of suspicious computer operations. Instead, the "threat ID is just a number" that "does not contain a list of anything." (Id at 16-17 (citing Tr. at 1921:7-11, 1956:2-18, 1965:22-1966:5).) If a match is identified after applying the signatures to the tokenized file, then a single threat ID-a numberis returned to the AV Engine by Matrix. 18 (Id at 17 (citing Tr. at 1921 :12-24, 1956:7-12).) In consideration of the evidence presented at trial and the required JMOL standard, the court denies Finjan' s motion with respect to the '194 Patent. Here, both Finjan and Symantec offered expert testimony explaining Symantec' s Matrix product and whether it infringes the asserted claims of the '194 Patent. It is the province of the jury to assess the testimony of each expert witness and determine, viewed in light of the other evidence presented at trial, which was most credible and/or persuasive. Neither side presented evidence that went unchallenged and, 18 Symantec also challenges Finjan's assertion that Symantec incorrectly argued at trial that Matrix does not generate Downloadable security profile data including a list of suspicious computer operations from the Downloadable code. (DJ. 808 at 17 (citing DJ. 791 at 17).) Symantec argues that, although the independent claims may not require "extracting" a list of suspicious computer operations from the Downloadable, all of the asserted claims "nonetheless require a list of suspicious computer operations." (Id.) Symantec further maintains that, according to the '194 Patent, "this list is obtained from the downloadable itself by disassembling the downloadable, resolving the commands, and determining whether each command is suspicious." (Id. (citing Tr. at 1953:251955:11; SYMDX12-9).) In contrast, Symantec and its expert contend that the signatures used by Matrix are created by Symantec employees and not derived from the Downloadable itself, supporting a noninfringement verdict. (Id. (citing Tr. at 1915:23-1916:15, 1955:20-21).) Finjan is correct that the court did not construe "Downloadable security profile data pertaining to the Downloadable" to require, as the defendants argued, "data that was decomposed from the code for the receiving Downloadable." (DJ. 326 at 2 n.2.) Instead, the court construed the term as having its plain and ordinary meaning and noted, in rejecting the defendants' proposed construction, that the independent claim does not specify how the Downloadable security profile is generated, and instead simply requires "comparison." (Id.) Symantec's experts presented their interpretation of this claims based on the court's plain and ordinary meaning construction. See LG Elecs. US.A., Inc. v. Whirlpool Corp., 798 F. Supp. 2d 541, 554 (D. Del. 2011) (noting that, where the court construes a disputed term to have its plain and ordinary meaning, the jury may consider any evidence at trial, including expert testimony, to understand the meaning of that term). The court acknowledges that its construction of this term did perhaps lend to some confusion, in that it construed the term to have a plain and ordinary meaning, but also noted in this construction that only "comparison," not "decomposing," was required by the claim. As noted above, however, Symantec asserted and provided evidence to show that its Matrix product does not infringe this claim because it does not include a list of anything and Dr. Maggs testified that he confirmed this from the source code. (DJ. 810 at 17 (citing Tr. at 1921:7-11, 1956:2-18, 1965:22-1966:5).) Thus, regardless of Symantec's interpretation of this claim as requiring "decomposing," the evidence it provided was sufficient to demonstrate that Matrix did not include a list and could not meet the claim limitation. The court, therefore, concludes that any confusion resulting from the court's claim construction was not dispositive in assessing noninfringement. Symantec presented substantial evidence from which the jury could conclude that the Matrix product did not include a list and could not infringe this claim. 57 therefore, the jury was free to accept or reject the testimony of each witness in whole or in part. Thus, the court concludes that the evidence presented was sufficient for the jury's verdict of noninfringement. b. Noninfringement of the '962 Patent Finjan likewise maintains that the court should grant its motion for JMOL as to Symantec's noninfringement of the asserted claims of the '962 Patent. (D.I. 790; D.I. 791.) Specifically, Finjan argues that a reasonable jury could only find that Symantec infringes the '962 Patent because it performs each of the three claim limitations that Symantec disputed at trial: (1) "performing a predetermined responsive action based on the comparison"; (2) "interrupting the processing of the request"; and (3) "operating system interfaces." With respect to the first limitation, Finjan contends that it was undisputed at trial that BASH performs a predetermined action of allowing "good" files to execute, thus meeting this limitation. (D.I. 791 at 18.) In addition, Finjan notes that, with regard to "bad" or malicious Downloadables, "Finjan's expert presented substantial, irrefutable evidence of infringement at trial," through, for instance, pointing to source code demonstrating that the "reputation" or "exoneration check" is part of the "security policy." 19 (Id. at 18-19 (citing Tr. 784:6-25, 810: 12-811: 11 ).) Thus, Finjan argues, Symantec's contention that BASH does not infringe because it does not always perform "a predetermined responsive action" is unsupported. Regarding the second limitation, Finjan asserts that it proved by substantial evidence that Symantec infringes this limitation because it is Symantec-not Microsoft-that performs the step of this limitation. (Id.) Specifically, Finjan asserts that it demonstrated that Symantec's 19 Finjan also notes that its infringement case is supported by: (I) Symantec's technical documents, which listed predetermined responsive actions taken after a security policy "check" or "comparison" (D.I. 791at19 (citing Tr. at 1997:15-16 (Dr. Maggs point to "possible types of responses that could be taken" after the "reputation check"); and (2) the testimony of Mr. Satish, Symantec's co-developer of BASH, who testified that the "reputation check" is not always performed and ifthe Downloadable was bad, it may be immediately remediated" (id. (citing Tr. at 1045:15-1047:15))). 58 BASH was, in fact, "interrupting" and notes that it showed the BASH architectural design to the jury and that this design makes clear that it is the Symantec drivers that carry out the "interrupting" process. (Id. (citing Tr. at 748:6-753:9, 802:10-803:8, 805:2-809:25, 819:14- 820:16, 828:12-829:9, 833:18-834:11, 834:19-835:25, 843:11-844:15).) Finjan also details that Dr. Medvidovic's testimony, the BASH technical guide, and an Integration Functional Specification, all presented at trial, support its contention that it is Symantec that performs the "interrupting" function. (Id. (citing Tr. at 741:4-742:13, 748:6-749:9, 827:6-828:2, 835:4-19; Ex. 14, PTX-868).) Similarly, with respect to the "operating system interfaces" limitation, Finjan argues that Symantec failed to rebut the substantial evidence it presented that BASH has the "operating system interfaces" detailed in Claims 12 and 15 and that this operating system is not provided by Microsoft. 20 (Id. at 20.) Finjan states that it demonstrated this fact by introducing Symantec technical documents and source code showing that BASH meets this limitation. (Id. (citingEx. l, Tr.at728:12-739:17, 775:2-777:25).) For reasons similar to those stated above in connection with examination of Symantec's noninfringement position regarding the '194 Patent, the court finds that Symantec presented evidence sufficient for a reasonable jury to find that its BASH product does not infringe the '962 Patent. Specifically, it is clear to the court that, contrary to Finjan's assertion that the evidence it presented was irrefutable, both sides presented evidence, supported by expert testimony, which the jury was free to assess. For instance, Symantec contends that it did, in fact, present a noninfringement argument that consisted of evidence that, if the jury deemed credible, demonstrates that Symantec' s accused product does not: ( 1) perform "a predetermined ° 2 Finjan argues that Symantec's expert, Dr. Maggs, had no rebuttal for the evidence presented and, instead, simply stated "in a conclusory fashion" that "[t]hese aren't operating system interfaces," without providing any "substantive explanation." (Id at 20 (citing Tr. at 1989:19-1990:15).) 59 responsive action based on the comparison"; (2) perform the "interrupting processing of the request" limitation; and (3) provide the "operating system interfaces." (D.I. 810 at 17-20.) In support of its first contention, Symantec argues that the "evidence showed that the accused BASH technology does not perform 'a predetermined responsive action based on the comparison,' as required by the asserted claims because BASH performs a reputation check before taking any action." (Id. at 17 (citing Tr. at 1981:9-12, 1989:16-1994:5).) The reputation is not "predetermined," because it can change at any moment. (Id. (citing Tr. at 1993: 13- 1994:5).) Symantec also asserts that, contrary to Finjan's argument that Symantec did not dispute that no "reputation check" is performed in the case of "good" Downloadables, it was Finjan that failed to prove this point. (Id. at 18.) Specifically, Symantec notes that the only evidence Finjan cites in support of this argument is the deposition testimony of Symantec engineer, Mr. Satish, which was played during trial. In particular, Mr. Satish responded "correct," to the question "[a]nd then if the disposition returned by BPE is good, then the activity is allowed to go through. Correct?" (Id. (citing Tr. at 1047:12-15).) Symantec argues that this testimony is insufficient to establish that there is no reputation check in the case of "good" Downloadables because, for example, it would be entirely consistent with Mr. Satish's testimony that the reputation check could occur before the BPE returns "good." (Id. (citing Tr. at 1993:2022 ("After BASH comes up with a tentative action, there is always this last step of going out to the reputation system."), 1843:10-1844:1).) Notably, Finjan's expert did not testify as to the alleged infringement by good Downloadables. (Id.) Moreover, Symantec argues that Finjan's infringement contention with respect to "bad" Downloadables was not supported by substantial, irrefutable evidence. (Id.) To the contrary, Symantec notes that Mr. Nachenberg, the inventor of Symantec's reputation technology, testified 60 that "BASH will not block a file even if its behavior is suspicious unless that file also has a certain threshold, low level of reputation, where it will say it is also not associated with sterling users, for instance." (Id at 18-19 (citing Tr. at 1843:10-16).) In addition, Dr. Maggs explained that reputation is not predetermined "because the reputation of a file can change day by day, hour by hour, even minute by minute." (Id at 19 (citing Tr. at 1993:13-1994:5).) Dr. Maggs supported his testimony by showing the BASH source code where the reputation check occurs and by addressing each document Finjan presented in support of its theory, explaining why that evidence was insufficient to prove infringement. (Id (citing Tr. at 1994:22-1995:24, 1995:252002:10; PTX-868-14).) Further, and with regard to the second limitation asserted in the '962 Patent, Symantec notes that Finjan cites extensively to the testimony of its expert, Dr. Medvidovic, but ignores the contrary testimony of Dr. Maggs, who presented evidence that the claimed "interrupting" is performed by Microsoft and, further, that the operating systems of BASH are likewise Microsoft provided. (Id at 19-20 (citing Tr. at 1981:3-8, 1987:25-1988:6).) For the "interrupting" claim, Dr. Maggs relied upon Microsoft's website to show that the filter manager provided by Windows "actually does the interrupting" when requested, as well as on Symantec's source code and confidential documents to support his position. (Id at 19 (citing Tr. at 1981: 18-1982:6, 1982:251985:4; SYMDX-12-4; DX-4322).) For instance, Dr. Maggs explained that, per Symantec's technical document, BASH would not work without the filter manager Windows provided. (Id (citing Tr. at 1983:8-1986:13; PTX-1083-7).) Again, Dr. Maggs reviewed each piece of evidence Dr. Medvidovic provided and explained why it did not show that the BASH product infringes. In fact, Symantec references Dr. Medvidovic's testimony on cross-examination that, among other things, the set of filters "exists within an operating system," and that Symantec's 61 probes are "implement[ed] on top of Windows." (Id. at 20 (citing Tr. at 997:1-1001:18, 1000:17024, 1982:7-24, 2030:6-2031:14).) Dr. Medvidovic also did not rely on source code for his infringement analysis of this limitation. (Id. at 19 n.8 (citing Tr. at 1996:2-5).) Similarly, Symantec correctly notes that Finjan focuses its JMOL motion with respect to the third limitation on Dr. Medvidovic's testimony, while avoiding Dr. Maggs testimony. Indeed, Dr. Maggs testified that "Microsoft provides the operating system interfaces" and further explained that Microsoft seeks to provide these interfaces in order to "control ... the stability of the operating system." (Id. at 20 (citing Tr. at 1987:25-1988:6, 1988:7-1989:14).) Dr. Maggs also explained that the "interfaces" described in Symantec' s documentation refers to other parts of the code-not the operating system interfaces-and that nothing in PTX-1076-19 describes such interfaces. (Id. (citing Tr. at 1989:19-1990:15; PTX-1076-19).) In view of the foregoing and for the reasons stated in connection with denial of Finjan's '194 Patent JMOL motion, the court finds that both sides presented evidence of noninfringement through exhibits, fact, and expert testimony, such that the jury had reasonable grounds to find noninfringement on substantial evidence. The court will not, therefore, overturn the jury's verdict or assessment of the evidence presented to it. 3. The Jury's Finding of Websense's Noninfringement Finjan asserts that a reasonable jury could only find that Websense infringed the asserted claims of the '194 Patent because: (I) Websense' s RTSS technology uses a "list of suspicious computer operations" (D.I. 788 at 3-6); (2) Websense's RTSS compares downloadable security profile data using a "server that serves as a gateway" (id. at 6-7); (3) Websense's RTSS decomposes Downloadables into DSP data (id. at 7-8); and (4) there was overwhelming evidence at trial that Websense willfully infringed the '194 Patent (id. at 8-10). 62 First, and in support of its infringement position regarding the "list of suspicious computer operations" claim, Finjan maintains that Websense's principal noninfringement argument that its accused RTSS technology does not use a "list of suspicious computer operations" is entirely unsupported by the evidence. Specifically, Finjan contends that this argument fails because it is premised on reading two non-existent limitations into the claimsspecifically, that: "(1) the list of suspicious operations is generated in real time (as opposed to used in real time, as the claims require); and (2) the suspicious operations cannot be detected by matching text (even though the claims require only "comparing, by the server, Downloadable security profile data pertaining to the Downloadable, the Downloadable security profile data includes a list of suspicious computer operations that may be attempted by the Downloadable")." (D.I. 788 at 4.) With regard to the former, Finjan notes that Websense's noninfringement argument at trial was that the claimed "list of suspicious computer operations" must be generated from the Downloadable code in real-time, and that this limitation is not satisfied when RTSS uses information created "offline" in Websense's "ThreatSeeker Labs" to search for malware." (Id. (citing Tr. at 2796:19-20, 2799:12-21, 2858:18-2859:1).) Finjan maintains that this argument is inconsistent with the court's claim construction of this term, which specifically rejected the defendants' argument that the limitation requires that the security data be generated from the Downloadable itself. (Id. (citing D.I. 326 at 2 n.2).) Thus, Finjan argues that Websense's noninfringement position was contrary to the law of the case. (Id.) Moreover, Finjan asserts that because RTSS "undisputedly searches in real-time for threats by using a list of data that pertain to Downloadables," this limitation is clearly met. Regarding the latter argument, Finjan asserts that Websense's improperly argued at trial that RTSS does not use a list of suspicious operations 63 because it only examines Downloadables by searching for matches of plain "text" signatures. (Id. at 5.) Because, Finjan contends, the asserted claims do not specify how the list of suspicious operations is used to inspect Downloadables, it does not exclude searching for text corresponding to suspicious operations. (Id. (citing Ex. 3, '194 Patent at 10:11-15 (Claim 1)).) Second, Finjan asserts that Websense's noninfringement defense that RTSS does not have the claimed "server that serves as a gateway" because it uses two different servers to perform the claimed comparison--one at the gateway and one not at the gateway-was entirely unsupported at trial and based on an incorrect claim construction position. Specifically, Finjan argues that Websense's documents and witnesses proved that the alleged second "policy server' was functionally part of the same server "that serves as a gateway" and, therefore, is covered by the asserted claims. (Id. at 6 (citing Tr. at 1320:1-21, 1343:11-23, 1367:1-1369:7, 1376:10-22).) Third, and with regard to the "decomposing the Downloadable into Downloadable security profile data" limitation, Finjan contends that the jury's verdict of noninfringement went against the weight of the evidence because it "presented substantial evidence that RTSS performs this step by parsing Downloadables (i.e., breaking the HTML down into elements)" and Websense's expert "effectively conceded" this point in testifying that: "[t]he parsing that is taking place here is breaking HTML content into various types of buffers that will be scanned by specific groups of signatures."21 (Id. at 8 (citing Tr. at 2886:23-25; JTX-406 at WEBS 01026172).) Finally, Finjan maintains that it was clear from the substantial evidence presented at trial that Websense's infringement was willful based on its monitoring of Finjan as a competitor, knowledge of Finjan's patents, and specific knowledge of the '194 Patent. (Id. at 8-13.) 21 In support, Finjan also cites to Websense's expert, Ms. Frederiksen-Cross' testimony that the "bloom filter" component, at the very least, is "part of the process used to see if a particular piece of the [D]ownloadable may go on to be matched by threat profiles." (D.I. 788 at 8 (citing Tr. at 2965:9-11).) Finjan asserts that this testimony acknowledges that RTSS decomposes Downloadables into pieces to be analyzed. (Id) 64 Conversely, Websense argues that the jury finding was, in fact, reasonable and supported by substantial evidence because: (1) every disputed term of the '194 Patent, except "Downloadable," was construed to have its plain and ordinary meaning, such that the parties were allowed to provide expert testimony as to a person of ordinary skill in the art's understanding of those terms; (2) Websense's expert, Ms. Frederiksen-Cross, who Finjan stipulated was of ordinary skill in the art, explained the disputed terms to the jury as she understood them; (3) Finjan's own experts agreed with Ms. Frederiksen-Cross' understanding of these terms; and (4) the accused RTSS module does not use any list of suspicious computer operations, as required by the "list of suspicious computer operations" claim. (D.I. 808 at 7-15.) Websense also maintains that the jury's finding of no willful infringement is likewise supported by substantial evidence. The court agrees that the jury verdict of noninfringement is supported by substantial evidence and will address each argument in turn. 22 22 Websense argues, as an outset consideration, that Finjan has waived its Rule 50(b) JMOL arguments because it failed to assert the grounds in its Rule 50(a) motion. (D.1. 808 at 4.) Websense maintains that Finjan did not, as is required, raise the grounds for its Rule 50(b) motion in its Rule 50(a) motions-namely, Websense's introduction of a person of ordinary skill in the art testifying to their understanding of the plain and ordinary meaning of the terms in the '194 Patent. (Id.) Specifically, Websense argues that Finjan did not raise this issue in connection with: (1) the term Downloadable security profile data must be generated at the gateway; and (2) whether the parsing ofDownloadables by its RTSS module satisfied the decomposing limitation in Claim 2. (Id. (citing D.I. 733 at 5-6; Tr. at 2983:7-11).) Websense asserts that Finjan's failure to provide adequate notice of these new arguments deprived Websense of the chance to cure any evidentiary defects during trial and should, therefore, be deemed waived. (Id. (citing Rule 50, Advisory Committee Notes to 1991 Amendment ("The purpose of the requirement is to assure the responding party an opportunity to cure any deficiency in that party's proof that may have been overlooked until called to the party's attention by a late motion for judgment."). The court disagrees and finds that Finjan did, in fact, preserve its infringement arguments by asserting them in its Rule 50(a) motion and by citing to infringement evidence in the record. (D.I. 821 at 7-8.) Specifically, in its Rule 50(a) motion, Finjan identified what it viewed as substantial evidence at trial and cited to the record to demonstrate that Websense failed to rebut this evidence. (See D.I. 733.) The Federal Circuit has made clear that even a cursory motion suffices to preserve an issue on JMOL so long as it "serves the purpose of Rule 50(a), i.e., to alert the court to the party's legal position and to put the opposing party on notice of the moving party's position as to the insufficiency of the evidence." See, e.g., Western Union Co. v. MoneyGram Payment Sys., Inc., 626 F.3d 1361, 1367 (Fed. Cir. 2010) (citation omitted); Tex. Instruments Inc. v. Cypress Semiconductor Corp., 90 F.3d 1558, 1566 n.6 (Fed. Cir. 1996) (finding pre-verdict motion requesting judgment of no infringement sufficient to support post-verdict motion concerning the doctrine of equivalents); Malta v. Schulmerich Carillons, Inc., 952 F.2d 1320, 1324-25 (Fed. Cir. 1991) (same). In addition, the court also finds that Finjan did not waive its right to dispute Websense's expert's interpretation of the "plain and ordinary meaning" of the term "Downloadable security profile data includes a list of suspicious computer operations." Contrary to Websense's assertion that Finjan failed to object to this testimony at 65 l First, and with regard to Ms. Frederiksen-Cross' testimony as to her understanding of "what ... downloadable security profile data is," Websense argues that, because the disputed term was given its plain and ordinary meaning, her understanding of the claim term was relevant evidence for the jury to consider and was not improper claim construction. (Id. at 7 (citing LG Elecs. US.A., Inc., 798 F. Supp. 2d at 554; Active Video Networks, Inc. v. Verizon Commc 'ns, Inc., 694 F.3d 1312, 1326 (Fed. Cir. 2012) ("It was up to the jury to determine from the evidence presented at trial whether the ActiveVideo system satisfied the plain and ordinary meaning of the 'superimposing' limitations.")).) Websense notes the relevancy of her interpretation is reinforced by the Jury Instructions in this case, which tasked the jury with determining the meaning of those terms for which they were not provided a definition. (Id. (citing Tr. at 3236:15-3237:5).) Ms. Frederiksen-Cross explained her understanding of the terms in the '194 Patent during trial: Q: What is your understanding of what the downloadable security profile data is? A: The downloadable security profile is information that pertains to the specific downloadable in the specification. And you heard Dr. Medvidovic say that, you know, it's extracted from the downloadable. So it's information that comes right out of that downloadable, and that includes this list of suspicious operations. (Id. (citing Tr. at 2867:13-20).) Websense also asserts that Finjan experts, Drs. Medvidovic and Vigna, both agreed with this interpretation. Specifically, Websense cites to Dr. Vigna's statement that the '194 Patent requires extraction of Downloadable security profile data that includes a list of suspicious trial, Finjan's counsel objected to this testimony in advance of Ms. Frederiksen-Cross' direct examination. (D.I. 821 at 8 (citing Tr. at 2837: 1-2841 :8).) Specifically, Finjan's counsel objected to this expert witness "using the prosecution history to sneak in a new claim construction that was contrary to the [c]ourt's claim construction: I just don't want this jury to be prejudiced-this kind of blends into the second argument. I just don't want this jury to be focusing on the file history for infringement purposes and trying to take the [c]ourt's claim construction, which is plain and ordinary meaning, and try to read limitations from the prosecution history, the specification, or for that matter, into it. Tr. at 2840: 18-24. While the court allowed Ms. Frederiksen-Cross to provide this testimony at trial, the court concludes that it is clear that Finjan noted its objection to this testimony on the record. 66 computer operations at the gateway, 23 as well as to Dr. Medvidovic's testimony agreeing that the patent requires that a list of suspicious computer operations be presented online and extracted online at the gateway. 24 (Id. at 8.) Thus, Websense argues that "Finjan cannot be heard to complain now that Websense's expert understood the term 'pertaining to the Downloadable' to mean that the DSP data must be extracted at the gateway, because that testimony comes originally from Finjan's own experts." (D.I. 808 at 9.) Websense also notes that Finjan had used the extraction of the list of suspicious computer operations at the gateway, as opposed to signatures created beforehand by off-line human researchers, as a point of novelty for the '194 Patent. (Id at 9 (citing Batcher Deel., DJX0410 at 12-13; see also Tr. at 436:23-438:14, 476:14477:19, 1498:6-15).) Notably, Finjan clarifies, however, that its experts did not understand "extract" to have the same meaning as Websense's expert. In particular, Finjan details that Drs. Medvidovic and Vigna did not understand "extract" to mean "generate" and testified to that effect, stating that "extract" is synonymous with "identify." (D.I. 821 at 4 (citing Tr. at 496:2-19, 1441:9-14, 1479:7-12).) It appears to the court that Finjan is correct in noting that Drs. Medvidovic and Vigna did not use "extract" in the same way as Websense's expert and, therefore, did not reach the same conclusion as to the meaning of the disputed term. 23 Websense cites to Dr. Vigna's testimony that: "[t]he '194 Patent focuses on the gateway, so the basic idea is the patent that describes the technology that operates at the gateway and receives this new threat, extracts what operation they might possibly execute, and by comparing me [sic] with a security report is to decide if this security is to be let go or to be-let go to the client or to be blocked." Tr. at 441:5-14; see also id. at 475:3-9 ("Yes, I think that the concept of the '194 Patent was to extract a profile from this downloadable that contains a list of operations."). 24 Dr. Medvidovic testified: Q: This word operations becomes fairly important to this Claim 1 of the '194 Patent. Right? Because this Patent requires that a list of suspicious computer operations be present online, extracted online at the gateway. Right? A: Yes. Q: And so in order to infringe there has to be list of suspicious operations, as you said, that gets extracted at the gateway? A: I might have said that, sure. Id. at 1497:9-17; see also id. at 1440:20-23. 67 Websense further argues, regardless of the conflicting interpretation of "extract" and Ms. Frederiksen-Cross' interpretation of the plain and ordinary meaning as requiring "extracting" or "decomposing," its RTSS analytic "does not use a list of suspicious computer operations at all, let alone one generated or extracted at the gateway." (DJ. 808 at 9.) In fact, Ms. FrederiksenCross testified that Websense's accused analytic does not "contain the logic that is capable of identifying or determining that a particular string of text is in [sic] operation" and "does not have the ability to evaluate any aspect of the behavior." (Id (citing Tr. at 2861:13-18).) Instead, Websense's analytic "merely signature matches" and uses "a more traditional signature-scanning approach." (Id (citing Tr. at 2876:25-2877:9, 2881:12-2883:20 ("I have studied some of these threat profiles and it's very clear that they are not just lists of suspicious operations.")).) Websense notes that it also presented documents and fact witnesses confirming that its RTSS analytic only uses signature-based pattern-matching, and not a list of suspicious operations. (Id (citing Tr. at 2663:23-2664:7, 2794:7-8, 2801 :7-2803:9; Batcher Deel.; Ex. D [JTX-406]; Ex. E [JTX-417]).) Thus, Websense asserts that it presented substantial evidence that, if accepted by the jury, would result in a reasonable verdict of noninfringement in connection with the "list of suspicious computer operations" limitation. The court agrees. As explained in connection with Finjan's similar argument with respect to Symantec's Matrix technology, the court's claim construction of this term may have generated some confusion, in that the term was construed to have a plain and ordinary meaning, but the court's construction also rejected the defendants' "decomposing" is required by the claim language. Markman argument that However, as the court found regarding Symantec, here, Websense presented substantial evidence from which the jury could conclude 68 that the Websense technology did not include a "list" and, therefore, did not meet the claim limitation. 25 Second, Websense contends that it presented sufficient evidence for the jury to find that RTSS does not infringe the "using a server that serves as a gateway to the client and compares the Downloadable security profile data against a security policy" limitation. Specifically, Websense maintains that substantial evidence supports the jury's conclusion that Websense's policy server does not serve as a gateway to the client, such as: (1) JTX-423, which shows both a "gateway server" or "WTG" and a separate "policy server [which] is a part of the legacy Web Filter server" (Id at 10 (citing Tr. at 2922:13-16; JTX-423 at WEBS 01082644)); (2) JTX-441, showing that Websense customers even had to install the Websense policy server separately from installing the Websense proxy server (WCG) (id (citing JTX-441 at WEBS 00093240; Tr. at 2923:13-2924:18)); (3) JTX-365, demonstrating that Websense customers can separately license the product that contains the Websense policy server from the product containing the gateway proxy server (id (citing JTX-365 at WEBS 00134197; Tr. at 2925:10-2926:1)); and (4) Websense's source code, showing that the policy server is separate from the gateway proxy server (id (citing Tr. at 2926:4-12)). In light of this evidence, Ms. Frederiksen-Cross testified that Websense's policy server only compares Websense's "category" and "reason" codes returned by the RTSS to a security policy, but does not receive a Downloadable addressed to a client and does not serve as a gateway to the client. (Id (citing Tr. at 2922:9-2926:12).) Further supporting this conclusion, Websense asserts that Finjan "relies upon misstatements and mischaracterizations of the document evidence and witness testimony," for instance citing to the deposition of Websense engineer, Hai Nguyen, to suggest that Websense's policy server acts as a gateway, when he was testifying about the proxy, not policy, server. (Id 25 See supra note 18. 69 at 11 (citing Tr. at 1320:9-21).) Moreover, Websense maintains that, contrary to Finjan's assertion in its Opening Brief in Support of JMOL, Ms. Frederiksen-Cross did not state that the policy server and proxy server functioned together as a gateway, but instead testified that the policy server is distinct from the gateway server and only performed a comparison to the security policy, not to a list of suspicious computer operations. 2973:12-2974:7).) (Id. (citing Tr. at 2922:9-2923:12, Finally, Websense clarifies that Ms. Frederiksen-Cross testified that the physical presence of two servers within a single "box" did not make those two servers a single server that serves as a gateway. (Id. (citing Tr. at 2972:25-2974:7).) In view of the foregoing, the court concludes that the jury's finding of noninfringement with respect to this claim limitation is supported by substantial evidence. Indeed, the court agrees with Websense that Finjan's arguments for infringement center on issues of conflicting evidence and expert testimony regarding Websense's policy server and, therefore, are insufficient to set aside the jury verdict. 26 See Energy Transp. Group, Inc. v. Sonic Innovations, 26 The court notes that Finjan also argues that Websense infringes by using a "server that serves as a gateway" to "compar[e]" the Downloadable security profile data" against a security policy and that this finding is supported by the substantial evidence Finjan introduced showing that Websense infringes under the stipulated definition of"a server" as "one or more servers." (D.1. 821at5.) Specifically, Finjan asserts that the asserted patent claims do not require that the "server" be a single, physical server, such that Websense's noninfringement argument that it has a "policy server" that is physically separate, can be installed by itself, and, therefore, is not the claimed "gateway server," is incorrect. (Id.) In addition to quoting the language from Claim l, which reads "[a] computerbased model, comprising the steps of: receiving an incoming Downloadable addressed to a client, by a server that serves as a gateway to the client, comparing, by the server," Finjan also cites in support, its expert's testimony providing the same interpretation, as well as Ms. Frederiksen-Cross' testimony that "from the very beginning, where a request comes in," there is a "back and forth between the two servers" where they communicate via a "WISP communication that's document." (Id. (citing '194 Patent, Claim 1 at col. 10, II. 8-18; Tr. at 2926:6-10; Tr. at 1342:25-1343:6).) Finjan further maintains that Mr. Nguyen's description of the accused product as a "proxy" only supports a finding of infringement because he describes a "proxy" that "sits in between the users and the Internet," which, Finjan argues, is a "gateway." (Id. at 6-7 (citing Tr. at 1320:1-21).) Finjan argues that, because the "policy server" performs "a comparison to the security policy," as Websense acknowledged in its Brief in Opposition, the jury could not have reasonably found that the accused product does not infringe. (Id. at 7 (citing D.I. 808 at 11).) In view of the evidence before, the court finds that the jury's noninfringement verdict is based on substantial evidence and, thus, rejects Finjan's request to set it aside or order a new trial. Websense argued at trial that Claim 1 of the '194 Patent requires that the "comparing" be done by "the server," which is "a server that serves as a gateway to the client," and does not allow a non-gateway server to perform the Downloadable security profile data comparison, as Finjan asserts. (D.1. 808 at 12.) To this end, Websense cites to the same language Finjan quotes in Claim 1, but argues that the term "the server" in line 11 is the same "server" as in line 10 of Claim l," because "a server that serves as a gateway to the client" is the antecedent for "the server" in line 11. (Id. at 12-13 (quoting e.g., 70 Inc., C.A. No. 05-422 (GMS), 2011 WL 2222066, at *21 (D. Del. June 7, 2011) ("[T]he court will not disturb the jury's credibility determinations or substitute resolution of the conflicting evidence for that of the jury."). Third, Websense maintains that Finjan's JMOL motion should be denied with respect to the "decomposing the Downloadable into Downloadable security profile data" recited in Claims 2 and 66, because the jury finding of noninfringement was based on substantial evidence. Contrary to Finjan's contention that it demonstrated that RTSS performs this step by "parsing Downloadables (i.e., breaking the HTML down into elements)," Websense argues that its RTSS product does not meet this limitation because it "parses HTML content into various buffers for signature scanning," but "cannot and does not identify operations." (D.I. 808 at 14 (citing Tr. at 2886:16-2887:23, 2861:5-18; JTX-406 at WEBS 01026169-73; JTX-417).) Therefore, as Ms. Frederiksen-Cross testified, "none of the accused Websense products is capable of decomposing a Downloadable into Downloadable security profile data that includes a list of suspicious computer operations." (Id. (emphasis in original) (citing Tr. at 2801:7-2803:9).) Ms. Frederiksen-Cross also testified that the "Bloom Filter" has nothing to do with decomposing or parsing content into a list of suspicious operations and is instead a pre-screen to remove content that would not be matched by a subsequent signature, rejecting Finjan's assertion that Ms. Zollar Satelite Alarm Sys. v. Motorola, Inc., No. C 06-00044 JW, 2007 U.S. Dist. LEXIS 9552, at *29 (N.D. Cal. Dec. 21, 2007) ("Under the conventions of claim drafting ... the first time a part is mentioned, it should be preceded by the indefinite article 'a,' i.e., 'a selection circuit.' Subsequent references to that circuit should be preceded by the definite article 'the' or with 'said."')).) Websense cites to several Federal Circuit cases in support. See id. at 13. Websense also maintains that this interpretation comports with the prosecution history of the ' 194 Patent. In particular, Websense notes that, in order to overcome the prior art, the applicant amended Claims 1, 32, and 65 to include the limitation "a server that serves as a gateway to the client." (Id. at 13 n.6 (citing DJX-0135 at 177-85).) Thus, Websense contends that Finjan's argument that Claim 1 permits multiple servers because "a" means "one or more" servers is "beside the point," as "[e]ach such server must still 'serve as a gateway to the client."' (Id.at 1314.) Websense cites to the exchange between its counsel, Mr. Grimm, and Finjan's counsel, Mr. Hannah, as further support for its understanding of the parties stipulated agreement to the meaning of server. (Id. at 14 (citing Tr. at 2920: 17-2921 :6).) Considering the evidence presented at trial detailed above, the court concludes that Websense presented substantial evidence that its policy server does not serve as a gateway to the client, argued that the "one or more must be the same one or more" server, and, therefore, provided the jury with evidence sufficient for it to reasonably conclude that Websense did not infringe the '194 Patent. 71 Frederiksen-Cross conceded infringement of this step when she testified that the "bloom filter" is "part of the process used to see if a particular piece of a Downloadable may go on to be matched by threat profiles." (Id at 14-15 (citing Tr. at 2886:16-2887:23).) Finjan asserts that Ms. Frederiksen-Cross' testimony acknowledges that RTSS decomposes Downloadables into pieces to be analyzed," which would meet the limitation. (D.I. 788 at 8; D.I. 821 at 7.) Specifically, Finjan argues that, even if RTSS "does not contain the logic that is capable of identifying," as Websense asserts, it still infringes because: "all the claims require is that the Downloadable security profile data includes a 'list of suspicious operations"'; "'operations' are identified from the Downloadable elements, and the process of identification is not restricted by the claims"; and regardless of whether the "bloom filter" is a pre-screen, it still infringes because "a particular piece of the Downloadable may go on to be matched by threat profiles." (D.I. 821 at 7.) In consideration of the record before it and the parties' arguments, the court disagrees with Finjan that the jury verdict was not based on substantial evidence. While Finjan is correct that Dr. Medvoidovic comprehensively explained why, in his opinion, RTSS infringes the "decomposing the Downloadable into Downloadable security profile data" limitation in Claims 2 and 66, Ms. Frederiksen-Cross likewise presented her opinion. In fact, in stating her opinion, Ms. Frederiksen-Cross directly challenged Dr. Medvoidovic's findings, expressing disagreement with his overall opinion and explaining that his analysis was, in her view, inaccurate due to incomplete understanding of the RTSS process. Ms. Frederiksen-Cross also explained to the jury why the RTSS system does not infringe the asserted claims and did so by detailing her understanding of each claim and the product. Thus, it is clear to the court that Websense 72 presented a noninfringement defense and that the jury, if it agreed with Websense's expert, could find noninfringement based on substantial evidence. Finally, Finjan requests that the court set aside the jury verdict with respect to the jury's willful infringement finding, because it provided substantial evidence that Websense knew of the '194 Patent before June 2008. 27 (D.I. 788 at 8-13.) Specifically, Finjan argues that Websense was aware of Finjan's patents, "plainly recognized the danger that Websense's products would infringe the '194 Patent, and, nevertheless, developed and sold the accused products despite an objectively high likelihood that its actions constituted infringement. Finjan maintains that this "objectively-defined risk was either known or so obvious that it should have been known to Websense," resulting in willful infringement. (Id. at 8 (citing In re Seagate Tech., LLC, 497 F.3d 1360, 1371 (Fed. Cir. 2007)).) Finjan details that it presented, as a sampling of the evidence introduced at trial: (1) that Websense began monitoring Finjan, its patents, and its products, starting in 2005, as shown by an email to Dan Hubbard, Websense's Chief Technology Officer, describing research into Finjan's patents and sent in response to Hubbard's email forwarding an article regarding Microsoft's licensing ofFinjan's security patents (id at 9 (citing Tr. at 1309:1-1310:24, 1312:9-14, 2822:42823:15, PTX-1367)); (2) Mr. Hubbard's testimony that he was aware, at the time he sent the referenced email, that Finjan had patents (id (citing Tr. at 1310:16-24)); (3) Websense did "competitive testing" of Finjan's products and frequently reviewed its website and white papers (id (citing Tr. at 2819:8-9)); (4) Websense's Board of Directors had discussions about Finjan, cross-licensing, and other strategies to "get around patent issues," according to Mr. Hubbard's testimony (id at 10 (citing Tr. at 2823:16-21)); (5) in October 2006, Websense was developing 27 The court notes that Websense stipulated that it was aware of the '194 Patent as of June 6, 2008, the date that it filed a reexamination request ofthat Patent. (D.1. 808 at 15 n.7.) 73 ( \ its web security gateway product and at least five Websense participants, including Mr. Hubbard and other managers, scheduled a conference call to "Discuss Finjan History, capability, ip and partnering prospects" (id. (citing PTX-1331)); (6) there was a December 2007 email exchange in which Websense's CEO and President, among others discussed boards that Websense's CEO and former CEO should be on and, in that exchange, Mr. Hubbard recommended joining Finjan's board "mostly for patent protection and future IP" because he "believe[d] there is a strong chance they could come after us post Dorado 28 release" (id. at 11 (citing PTX-13 97; Tr. at 1312:15-1313:25)); and (7) Shlomo Touboul, former Finjan CEO, testified that Finjan always marked its products, either with "patent pending" or with patent numbers after the patents were issued, such that Websense would have been aware of them 29 (id. at 12 (citing Tr. at 532: 10-18).) Conversely, Websense contends that Finjan has failed to demonstrate willful infringement by clear and convincing evidence because Finjan has not introduced evidence sufficient to show that Websense knew of the '194 Patent prior to June 6, 2008. (D.I. 808 at 15.) Moreover, Websense argues that, in light of the evidence in the record and the jury's finding that the '194 Patent is invalid, it is clear that there was no objectively-high likelihood of infringement as required for a willful infringement claim. (Id. (citing DePuy Spine, Inc. v. Medtronic Sofamor Danek, Inc., 567 F.3d 1314, 1336-37 (Fed. Cir. 2009) (affirming JMOL of no willfulness where the defendant presented a "substantial question" of noninfringement)); Spine Solutions v. Medtronic Sofamor Danek USA, 620 F.3d 1305, 1319-20 (Fed. Cir. 2010) (finding that the accused infringer raised a "substantial question" of obviousness sufficient to defeat a charge of 28 The "Dorado release" refers to Websense's development of an accused web security gateway product. (D.1. 788 at 11 n.5.) 29 Finjan also notes that, though the court did not allow the evidence at trial, it was prepared to introduce evidence that Websense monitored Finjan's lawsuit against Secure Computing in which the '194 Patent was asserted. (Id. at 12-13.) Finjan renews its request that this evidence be considered as proofofWebsense's willful infringement. The court will not, however, consider this evidence in assessing whether the jury verdict was reasonable and based on substantial evidence because the jury did not hear it. See Goodman v. Pa. Turnpike Comm 'n, 293 F.3d 655, 665 (3d Cir. 2002). 74 willfulness)).) In view of the relevant law, the evidence presented, and the jury's verdict, the court agrees with Websense that Finjan has not demonstrated that there was an objectively-high likelihood of infringement. In addition, the court also finds that the jury could have reasonably concluded, based on the evidence Finjan presented, that Websense did not subjectively think it infringed the '194 Patent. For instance, Websense notes that Mr. Hubbard testified that the email from Joe Jarcoch addressed to him, which Finjan cites as PTX-1367, did not identify the '194 Patent. (D.I. 808 at 16 (citing PTX-1367).) In addition, Mr. Hubbard testified that he did not recall sending the email or receiving a response and does not remember clicking on the hyperlinks in the email that would have led him to the patent in question. (Id. (citing Tr. at 2809:12-2810:1).) Similarly, PTX-1335, the email from Devin Redmond to Mr. Hubbard and Ramon Peypoch, does not indicate that Websense was considering a cross-license with Finjan "to get around patent issues," but instead only refers to the possibility of "offer[ing] strategic investment into CP Secure to get their patent rights for streaming scanning to get around Trend patent," not at issue here. (Id. (citing PTX-1335).) Further, contrary to Finjan's assertion in its Opening Brief in Support of JMOL that "Websense's Board of Directors had discussions about Finjan and was concerned about infringing Finjan's patents," Mr. Hubbard actually stated that "[t]here were discussions about [Finjan] on the board. There was also discussions about them licensing some of our technology." (Id. (citing Tr. at 2823:16-21).) In fact, Mr. Hubbard testified that Websense's Board discussed licensing its URL filtering technology to Finjan and stated that he was "not particularly" interested in Finjan's patents. (Id. (citing Tr. at 2820:10-21).) Additionally, Websense CEO, John McCormack, testified that Websense never had access to any of Finjan's 75 confidential information and "absolutely" did not believe that it infringed Finjan's patents. (Id. (citing Tr. at 2662:6-11, 2663:5-9).) Finally, in response to other evidence presented and to which Mr. Hubbard and Mr. McCormack responded, Websense details that: (1) PTX-1326, "Preemptive Web Security: Keeping Two Steps Ahead of the Treats," written by Mr. Hubbard, does not identify any specific Finjan patent and suggests nothing more than that Websense might investigate Finjan's patents (Id. (citing PTX-1326 at WEBS 00233330); (2) PTX-1397, the email from Mr. Hubbard to Mr. McCormack, does not relate to the '194 Patent; and (3) Mr. Hubbard testified that he only knew about one Finjan patent when he wrote the email and that patent related to client-side sandboxing technology, not the inventions claimed in the '194 Patent. (Id. (citing Tr. at 1310:16-1311:12).)30 At trial, the jury was presented with testimony from Mr. Hubbard and Mr. McCormack and was in a position to evaluate their credibility and consider the evidence. The court concludes, based on the evidence presented at trial and recited above, that the jury, if it found Mr. Hubbard and Mr. McCormack credible, could have reasonably found that Finjan did not satisfy the subjective prong and, therefore, there was no willful infringement. Indeed, it is the province of the jury to weigh such evidence and determine the credibility of witnesses. The jury's conclusion on this prong, coupled with the finding that there was no objectively-high likelihood of infringement based on the defendants' invalidity arguments, must result in denial of Finjan's JMOL motion. 30 The court notes its agreement with Finjan that Websense cannot, as it attempts to do in its Brief in Opposition to JMOL, assert a constructive notice argument at this stage. Specifically, Websense contends that "Finjan's argument that Websense had notice prior to [June 6, 2008] from Finjan's product marking fails because marking creates at most a 'factual dispute as to constructive notice' that is not appropriate for resolution as a matter of law." (DJ. 808 at 15 n.7.) However, as Finjan correctly notes, Websense did not challenge Finjan's markings at trial, such that there can be no reasonable factual dispute on the issue. (DJ. 821 at 9.) In addition, Websense and the other defendants withdrew their initially proposed jury instruction on marking after Finjan's witnesses testified. (Id. (citing Tr. at 532:10-18, 655:4-665:2, 660:10-661:15).) Thus, because the jury was never charged with instructions regarding constructive notice, the court will not address Websense's contention that there is a factual dispute. 76 C. Websense's Motion for Attorney's Fees Websense filed a Motion for an Award of Attorney's Fees and Expenses. (D.I. 762.) In support of its motion, Websense contends that Finjan: (1) accused two of its technologiesUniform Resource Locator ("URL") filtering and RTSS-of infringement, despite knowing that neither could infringe31 ; (2) asserted method claims based solely on Websense's sales of products with no allegations, let alone evidence, of contributory infringement or inducement of infringement, increasing Websense's litigation costs; (3) improperly relied on the Entire Market Value Rule ("EMVR"), which was objectively baseless as a matter of law and was contradicted by Finjan's own experts; (4) had no reasonable basis to allege infringement under the doctrine of equivalents; and (5) acted in subjective bad faith by granting fact witnesses a stake in the outcome of the case and by failing to preserve evidence relating to the litigation after it knew of its duty to preserve such evidence. In deciding whether to award attorney's fees, the court must undertake a two-step inquiry. Interspiro USA, Inc. v. Figgie Intern. Inc., 18 F.3d 927, 933 (Fed. Cir. 1994). First, the court "must determine whether there is clear and convincing evidence that the case is 'exceptional."' Id. (quotation omitted). Second, the court must decide whether "an award of attorney fees to the prevailing party is warranted." Id. Exceptional cases include: "inequitable conduct before the PTO; litigation misconduct; vexatious, unjustified, and otherwise bad faith litigation; a frivolous suit or willful infringement." Epcon Gas Sys., Inc. v. Bauer Compressors, Inc., 279 F.3d 1022, 1034 (Fed. Cir. 2002) (citation omitted). 31 Websense asserts that Finjan knew that its URL could not infringe the '194 Patent because it had licensed URL filtering from Websense for sale in its products. Websense also argues that Finjan learned during discovery that RTSS did not infringe because Finjan's own experts opined that signature-scanning cannot infringe the '194 Patent. (D.l. 763 at6-13.) 77 An award of attorney fees under § 285 is not intended to be an "ordinary thing in patent cases," and should be limited to circumstances in which it is necessary to prevent a "gross injustice" or bad faith litigation. Forest Labs, Inc. v. Abbott Labs., 339 F.3d 1324, 1329 (Fed. Cir. 2003); see also Aptix Corp. v. Quickturn Design Sys., Inc., 269 F.3d 1369, 1375 (Fed. Cir. 2001) (affirming an award of attorney fees under § 285 for the "extreme misconduct" of falsifying evidence); Beckham Instruments, Inc. v. LKB Produkter AB, 892 F.2d 1547 (Fed. Cir. 1989) (affirming an award under § 285 following repeated violations of a permanent injunction and a district court finding of a "strategy of vexatious activity"). Having reviewed the parties briefing in connection with Websense's motion, the record before it, and the applicable law, the court will deny Websense's request for an award of attorney's fees. First, and with regard to Websense's assertions that Finjan improperly brought infringement claims against its URL and RTSS technologies despite knowing that they did not infringe, the court finds that the filing of these claims does not warrant an attorney's fees award. With respect to the URL infringement claims, Finjan initially brought allegations of infringement against Websense's Web Filter and Web Security products based on what it asserts to be a good faith belief that the products shared the same code base as the gateway products. (D.I. 774 at 6.) Finjan ultimately withdrew these allegations on March 8, 2012, after a February 7, 2012 deposition of Mr. Hubbard, during which it was revealed that these products do not include the same product code found in the gateway products. (Id.) Moreover, Websense's claim that Finjan should have known that the products did not infringe before the completion of discovery because Finjan licensed the "SurfControl" URL database from Websense, does not persuade the court that Finjan acted in bad faith. As Finjan notes in its Brief in Opposition, the SurfControl URL database was a "legacy database" 78 Websense acquired from another company and was never an accused product or at issue because no Websense product used SurfControl URL. (Id.) Moreover, Finjan licensed access to the URL database, not the program code for the products. (Id.) Thus, it is not clear to the court that Finjan knew what program code was included in Websense's products before it completed discovery. Further, and with regard to Websense's RTSS technology, Finjan put forth expert testimony, numerous Websense documents, source code, and deposition testimony describing the operation of the accused products in support of its infringement argument. Although Dr. Vigna did testify that the '194 Patent does not cover traditional "fingerprint" signatures, the technology that he discussed uses specific signatures to match a single malicious Downloadable. (Id. at 4-5.) Dr. Medvidovic also testified that the accused Websense gateway products receive a Downloadable, apply rules which identify different function cells or operations within the Downloadable, and then block or allow the Downloadable based on the intent of the Downloadable and the corresponding security policy. (Id. at 5.) Indeed, Finjan presented expert testimony, which, if the jury found the opinions to be credible, could render the Websense products covered by the asserted claims. Thus, although the jury found noninfringement, the court is not persuaded that Finjan's pursuit of this claim rises to litigation tactics or bad faith worthy of attorney's fees. 32 See iLOR, LLC v. Google, Inc., 631 F.3d 1372, 1377 (Fed. Cir. 2011) (noting that infringement is "often difficult to determine" and therefore an infringement action is not "unreasonable in terms of[§ 285] if the infringement can reasonably be disputed"). Second, and in response to Websense's contention that Finjan's method claims against it were unfounded, Finjan asserts that these claims were based on Websense's testing and use of 32 The court notes that it considers each of Websense's arguments alone and in combination, taking into account whether each individually or combined amounts to wrongful litigation conduct or bad faith rising to support an award of attorney's fees. 79 the accused products. (D.1. 774 at 9.) The Federal Circuit has established that testing and use is sufficient evidence to prove infringement of a method claim. See Linear Tech. Corp. v. In 't Trade Comm 'n, 566 F.3d 1049, 1062 (Fed. Cir. 2009). Here, Finjan identified evidence that Websense uses and tests its products, directly practicing the asserted method claims. In addition, Dr. Medvidovic testified that Websense's accused products infringe the asserted method claims and computer-readable claims and that this testing of products occurs in the United States. (D.I. 774 at 9-10.) As one example, Dr. Medvidovic testified that he reviewed deposition testimony from Websense engineers and executives indicating that Websense tested the Websense Web Security Gateway products. Consequently, the court does not find Finjan's claims that Websense infringed the asserted method claims to be brought in bad faith or objectively baseless. Third, the court also finds that Finjan's allegations of infringement under the doctrine of equivalents do not warrant an award of attorney's fees. Specifically, Dr. Medvidovic provided testimony for each element of Claim 1 that the products containing RTSS technology performed substantially the same function, in substantially the same way, to obtain substantially the same result as the claimed limitations. (Id. at 11 (citing Tr. 1358:1-1360:21).) He provided similar testimony for the other remaining claim elements. In fact, the parties stipulated, with respect to Dr. Medvidovic's testimony, that to conserve time, he would only testify regarding the doctrine of equivalents for Claim 1 and then for the remaining claims he would testify that Websense infringes in the same fashion. (Id. at n.11 (citing Tr. at 1318:18-1319:12).) Websense was also denied the opportunity to file a motion for summary judgment on this issue. See Medtronic Navigation, Inc. v. BrainLAB Medizinische Computersysteme GmbH, 603 F.3d 943, 954 (Fed. Cir. 2010). 80 Fourth, the court similarly rejects Websense's argument that attorney's fees should be granted based on Finjan's use of the EMVR, because it does not find Finjan's use of this rule to be objectively baseless. The court held a Daubert hearing and ordered rounds of briefing on the question of whether the EMVR could be introduced and, ultimately, did not exclude presentation of the Rule in its entirety. Rather, the court modified Dr. Parr's proposed definition of the "smallest salable patent practicing unit." (D.I. 774 at 13 (citing Tr. at 932:10-24).) In support of applying EMVR, Finjan relied on: Dr. Parr's opinion that the specific accused technology was needed to provide complete, effective protection against malware, which was the basis of customer demand; its past licenses to the '194 Patent; and industry reports from third party market analysts. (Id. at 16.) Thus, Finjan's attempted application of the rule was not objectively baseless. Finally, Websense's argument that Finjan engaged in litigation misconduct that merits an award of attorney's fees is unpersuasive in view of the applicable standard. With respect to Websense's assertion that Finjan wrongfully and improperly gave fact witnesses a financial stake in the outcome, Finjan responds that it no longer has active employees and, therefore, employed Mr. Touboul, Finjan's founder and the named inventor on multiple Finjan patents, and Mr. BenItzhak, Finjan's former Chief Technology Officer and named inventor on multiple patents, to provide information regarding the company's patent portfolio and other matters. (Id. at 17.) Mr. Touboul's agreement specifies multiple services, including providing advice regarding Finjan's intellectual property portfolio and reexaminations. (Id.) Mr. Ben-Itzhak's consulting agreement also specifies providing multiple services, such as working with other employees, consultants, or service providers to commercialize Finjan's intellectual property and assist with questions related to Finjan's patent applications. (Id.) 81 Thus, Finjan argues that these fact witnesses were not signed as consultants simply to testify in this litigation. For instance, Mr. Ben-Itzhak has been paid by Finjan for consulting services since he left the company in 2009, advising on many technical patent matters, and both he and Mr. Touboul are still employed after the litigation ended. (Id.) Neither consultation agreement made payment for services contingent on the outcome of the litigation or the content of their testimony and neither has control over how cash proceeds are distributed to shareholders by the Board. (Id. at 17-18.) Moreover, both witnesses were questioned on cross-examination as to their consulting work for Finjan and both testified that they were not being paid for their testimony and had no stake in the litigation outcome. (Id. at 18.) Finjan further asserts that, under the ABA Standing Committee on Ethics and Professional Responsibility, paying a fact witness for his or her time is appropriate so long as that payment is not being made for the substance of that individual's testimony. (Id.) Additionally, and with regard to Websense's assertion that Finjan destroyed documentation relevant to the litigation, Finjan argues that Websense has presented no evidence that it "destroyed" documents or failed to preserve documents related to this case. (Id. at 19.) Finjan notes that it searched for and produced non-privileged documents in response to the defendants' document requests and, ultimately, turned over thousands of documents, including all documents produced in the prior Secure Computing litigation, financial statements, technical documents, white papers, source code, product specifications, board presentations, marketing documents, licenses, competitive analyses, product manuals, stock purchase agreements, emails, invoices, and corporate documents. (Id.) In response to multiple subpoenas, M86 also produced documents to Websense, including stock purchase agreements with Finjan, financial statements, competitive analyses, and license agreements. 82 Moreover, Finjan notes that the document Websense cites to show that Finjan contemplated litigation against Websense since 2008, 33 was a board meeting presentation stating that Finjan wanted to "enforce patents against any active infringers" and stated that Websense was interested in an opportunity to engage in a strategic combination with Finjan. (Id at 20.) In light of this evidence, Finjan asserts and the court agrees, that Websense has not clearly and convincingly demonstrated that Finjan destroyed or failed to preserve documents in anticipation of this action or that it improperly compensated fact witnesses. In view of the foregoing, the court concludes that Finjan's conduct in this case does not rise to a level of bad faith or vexatious litigation that warrants an award of attorney fees and costs. While the parties in this litigation certainly engaged in "hardball" litigation tactics throughout the pendency of this litigation, none of their conduct was "exceptional" in that regard. See Forest Labs., Inc. v. Ivax Pharms., Inc., No. 03-891-JJF, 2008 U.S. Dist. LEXIS 14623, at 6- 7 (D. Del. Feb. 26, 2008) (concluding that "hard-fought" litigation does not necessarily constitute "vexatious or bad faith litigation" for purposes of awarding attorney fees under § 285). For the most part, the parties defended their respective positions throughout this litigation in apparent good faith and the court does not find evidence in the record sufficient to support the assertion that Finjan acted in subjective bad faith or conducted its litigation in a manner warranting attorney fees. The court finds, therefore, that Websense is not entitled to an award of attorney fees and costs in this case. D. Finjan's Motion for a New Trial In addition to its renewed motions for JMOL, Finjan also filed a Motion for a New Trial. (D.1. 773.) Finjan bases its motion on three grounds: (1) substantial errors in the admission and 33 Websense asserts that Finjan transferred its assets to M86 in November 2009 and only kept documents that its counsel deemed related to its patents. (D.1. 763 at 20.) Websense further argues that Finjan transferred all other documents to M86 and did not retain any copies of such documents. (Id) 83 rejection of evidence and in the jury instruction unfairly influenced the jury verdict; (2) the jury verdict of noninfringement and invalidity was against the clear weight of the evidence; and (3) the jury verdict was facially inconsistent. (Id.) In consideration of the parties' briefings in connection with Finjan's motion, the evidence in the record before it, and the relevant law, the court will deny Finjan's Motion for a New Trial. The court addresses each of Finjan's arguments in turn below. First, Finjan contends that the errors made in the admission and rejection of evidence as well as in instruction to the jury includes: (1) excluding Dr. Vigna's testimony regarding his review of binary and assembly language code for the asserted prior art; (2) instructing the jury to deem the prior art source code as evidence of how the asserted prior art operates; and (3) excluding evidence and argument that Sophos' evidence regarding the availability of SWEEPInterCheck was flawed and unreliable. (D.1. 789 at 3.) Finjan argues that these alleged errors, individually and, particularly, in combination: "seriously compromised" its validity rebuttal case because "it prevented Finjan from showing the jury substantial deficiencies in [the defendants'] foundational evidence"; and impacted the credibility of Finjan's technical experts, "leaving them open to inappropriate and unwarranted criticism regarding the use of source code," which may have impacted the validity and infringement verdicts. (Id.) Finjan asserts that these errors were, particularly with respect to its validity case, "so prejudicial that denial of a new trial would be 'inconsistent with substantial justice.'" (Id. (citing Mondzelewski v. Pathmark Stores, Inc., C.A. No. 96-359 MMS, 2000 WL 654137, at *20 (D. Del. Mar. 20, 2000) (quotation and citations omitted)).) Regarding Dr. Vigna's excluded testimony about his review of binary and assembly language code, Finjan asserts that the court excluded this testimony because it believed that Dr. 84 Vigna did not testify about this topic on his direct examination or cross-examination, when in fact he had. Specifically, Finjan states that Dr. Vigna testified that he looked at the executable binary and assembly code for the asserted prior art to understand "what functions are called and what is done by the program, without looking at any source code." (Id. at 3-4 (citing Tr. at 3030:3-3031: 11 ).) Dr. Vigna also testified on direct that binary code is instructive in determining how a product actually works because that code is a set of instructions that a computer actually follows, as opposed to source code, which is not executed by a computer and, instead, is used to generate assembly and binary code. (Id. at 4 (citing Tr. at 3140:9-14 ("the very ultimate way to understand how the program works is to look at the binary code because the same source code can actually be compiled into different binary code, and therefore, the only real way to know what gets executed is to look into the binary code")).) Finjan notes as well that on cross-examination Dr. Vigna testified, in response to a question as to whether source code is "a very important set of instructions on how the program operates": Right. But what I am saying is the very ultimate way to understand how the program works is to look at the binary code because the same source code can actually be compiled into different binary code, and, therefore, the only real way to know what gets executed is to look into the binary code .... Actually, I can go to a lower level, which is using debuggers and disassemblers to look actually at how the binary code operates. Tr. at 3140:7-14, 3147:14-19. Finjan contends that the court's exclusion of this testimony severely prejudiced its case, particularly because: Sophos' counsel tried to discredit and admonish Dr. Vigna for not reviewing the source code (id. (citing Tr. at 3139:21-3140:6, 3143:3-3144:8)); Finjan was not able to rehabilitate Dr. Vigna's testimony and expound on his statement during direct examination that the binary code "was a better source of material" (id. (citing Tr. at 3159: 1517)); and the defendants highlighted that Dr. Vigna did not review the source code in their 85 closing arguments (id (citing Tr. at 3331 :6-9, 3339: 11-21, 3346:4-5, 3361 :8-19, 3362:233363:16-23)). Thus, Finjan asserts that the court's exclusion of Dr. Vigna's testimony was incorrect because he did testify as to binary code on direct as well as on cross-examination. The court disagrees with Finjan's assertion that the exclusion of Dr. Vigna's testimony on this issue warrants a new trial. As the defendants note in their Brief in Opposition to Finjan's Motion for a New Trial, throughout the trial, the parties focused on the source code of the accused products and prior art products as the best evidence of how the products operate. (D.I. 811 at 3-4.) Indeed, during its opening statement, Finjan's counsel explained that "[s]ource code, to computer scientists, that is the good stuff. That is the DNA of what is happening." (Id at 4 (citing Tr. at 339:16-18).) Likewise, Finjan's infringement expert testified that source code is the DNA of the system in question. (Id (citing Tr. at 725:2-5 ("I relied on source code, which is kind of, as it was characterized earlier in the proceedings, the DNA of the system in question.")).) The defendants' invalidity experts also focused on the source code of the prior art products. (Id (citing Tr. at 2097:12-20, 2102:3-2105:3, 2128:22-2129:3, 2129:16-2130:13).) However, because Finjan's validity expert, Dr. Vigna, founded and works for a company that competes with the defendants, he was unable to sign the Protective Order and, therefore, could not review the source code for the asserted prior art products or the accused products. (Id.) To compensate for this inability to review the source code of the prior art products, Dr. Vigna testified on direct examination that he reviewed the executable code. Specifically: Q: When you say you looked at the program itself, did you look at the assembly language or anything along those lines? A: I looked at the executable code because, of course, I had no access to the source code. And in order to understand to the best of my knowledge what the program was doing, I opened the manual-the assembler and look at the assembly. 86 Q: Would you describe generally speaking what is assembly code? A: Programs, when we buy them and we install them in our system, most of the time are in binary form. So they are sequences of ones and zeros. These sequences are loaded into memory and executed. And every single little sequence represents an instruction. If you look at them as sequences of ones and zeros, it is super-boring and almost impossible to understand what's really going on. But there is a small increase in the level of abstraction called assembly code in which the code that is being executed at the machine level is actually presented in a way that is human-readable. So you can see, for example, if there is an instruction that jumps to a certain address, if a certain function is called. By that you can understand how the program operates. Q: Did you do anything to confirm that your understanding of how NAV 95 operates was correct, at least according to the source code? A: So I ran the program, so I saw how it operates, how it scans files. I looked at the assembly, of course, to understand what functions are called and what is done by the program, without looking at any source code. Tr. at 3030:7-3031-11. As noted above, Dr. Vigna then testified on cross-examination, m response to a question as to whether source code is important in assessing how a program operates, that the "very ultimate way to understand how the program works is to look at the binary code" and, further, that "the only real way to know what gets executed is to look into the binary code." Id at 3140:7-14, 3147:14-19. On redirect, Finjan's counsel asked Dr. Vigna, "[n]ow, you mentioned binary code in connection with SWEEP/InterCheck, and you thought this was a better source of material. Why is that?" (D.I. 811at5 (citing Tr. at 3159:15-3160:1).) The court directed the parties to sidebar and stated: "It's not my job to judge this witnesses' credibility, but I am not going to let him confuse this jury with a discussion about binary code. No expert in this case has talked about binary code, including this gentlemen on his direct testimony." Tr. at 3159: 15-3160: 1. As is clear from the court's statement quoted above, it excluded Dr. Vigna's testimony on binary code so as to prevent juror confusion and because, on direct examination, Dr. Vigna 87 provided only conclusory testimony that he reviewed the binary and assembly code for products such as NAV 95. During his direct testimony, Dr. Vigna did not provide any details concerning his alleged review of the binary and assembly code and did not testify-contrary to the statement in Finjan's question on redirect-that these materials were better or more meaningful than source code. Rather, the only statement that Dr. Vigna made to this affect was in response to a question on cross-examination related to source code and, in his reply, Dr. Vigna stated simply that reviewing binary code "is the very ultimate way to understand how the program works" and "to know what gets executed." Tr. at 3140:7-14. At no point in his direct or cross-examination testimony did Dr. Vigna provide any specific or meaningful testimony as to his analysis of the binary code. Thus, it was proper for the court to exclude Dr. Vigna's testimony on whether binary code is better than source code, as this testimony would have been unreliable, misleading, and potentially confusing to the jury. Indeed, and as noted above, throughout trial the parties and all other technical experts addressed only source code, not binary code. The only discussion of binary code in the record is the testimony passages the court cites above. This direct examination testimony and Dr. Vigna's cross-examination response were insufficient to establish whether binary code is on par with or more meaningful than, source code. Notably, Finjan's counsel did not submit an offer of proof at sidebar for the testimony that Dr. Vigna would have offered and did not explain the relevance of such testimony. The court, therefore, precluded redirect examination on binary code to prevent confusion and did so properly. 34 34 Moreover, even if the court did err in excluding this testimony, which it did not, the court finds that Finjan has not shown that the error was so prejudicial that denial of a new trial would be inconsistent with substantial justice. Indeed, the jury could have found invalidity based on the separate prior art references Symantec introduced, which the court discussed in greater detail above. See Reeves v. Sanderson Plumbing Prods., Inc., 530 U.S. 133, 150 (2000) ("in entertaining a motion for judgment as a matter of law, the court should review all of the evidence in the record"). The jury was presented with information regarding all of the relevant facts on which Dr. 88 The court further notes that Finjan presented no legal or technical support for the proposition that binary code is more relevant than source code or that Dr. Vigna "performed a more relevant and deeper analysis by examining the actual machine executable code." (D.I. 789 at 5.) On direct, Finjan did not seek to elicit any meaningful testimony regarding the details of the binary or machine code for any prior art reference, thus undercutting this argument in its entirety. In fact, as the defendants note, Finjan presumably did not elicit such testimony because Dr. Vigna's rebuttal report was devoid of any substance regarding this issue and any testimony would likely have been inadmissible on this point. Second, Finjan maintains that the jury should not have been instructed to assume that source code correlated to alleged prior art and that this instruction "eviscerated one of Finjan's major validity arguments" because Finjan had repeatedly argued that the defendants had failed to lay a proper foundation establishing that the source code corresponded to software products available in the United States before the priority date. (Id. at 5-6.) Specifically, Finjan takes issue with the court's instruction, during Finjan's closing argument, that: I think [Mr. Andre] has made a statement, perhaps unintentionally, that might be misleading to you, I want to give you a brief bit of guidance, as to source code and what he just said. The defendants in this case relied on products as prior art, the products as prior art. They relied on source code, and the witnesses, the experts talked about source code, to demonstrate how the prior art products work and therefore demonstrate the invalidity, in their view, of the particular Finjan patents that are at issue. Tr. at 3415:12-24. Finjan argues that this instruction was in error because: Dr. Vigna was precluded from offering his analysis of assembly and binary code to rebut the defendants' "incorrect claim that his validity analysis was flawed for lack of source code review"; "the [c]ourt' s comments regarding the relevance of source code (in the context of Finjan' s discussion Vigna relied in forming his opinions and could have properly decided to believe the competing testimony of the defendants' experts. 89 of Dr. Vigna's analysis) effectively endorsed [d]efendants' incorrect claim that their invalidity experts had undertaken a more thorough and appropriate analysis"; and, as noted above, the instruction undermined Finjan's argument that the defendants had failed to lay a proper foundation for tying the source code to the asserted prior art. (D .I. 789 at 6-7.) Considering this instruction in the context in which it was made, the court disagrees. Contrary to Finjan's assertion that the court instructed the jury to assume that the source code corresponded to the alleged prior art, and as is clear from the quoted passage below, the instruction was given in response to and to correct an assertion made by Finjan's counsel. Specifically, Finjan's counsel stated: [The defendants] all attack Dr. Vigna. Dr. Vigna didn't review the source code. Why didn't he review the source code? Because the law tells him not to. He was a validity expert and a tutorial expert. It states in Section 4.3 again that the references defendants have asserted are prior art. Defendants must prove on a claim-by-claim basis that it is accessible to the public or commercially exploited in the United States. He was required to rely on public information. Source code is not public information. That was what the law requires. And he got beat up for it by all three advocates. Tr. at 3413 :6-18 (emphasis added). Because the prior art the defendants asserted was the products themselves, Finjan's statement was incorrect as a matter of law and misleading to the jury. Rather, it was appropriate for the defendants' experts to rely upon the source code to explain how the products worked. See Touchcom, Inc. v. Bereskin & Parr, 790 F. Supp. 2d 435, 453-54 (E.D. Va. 2011) (rejecting the argument that a product is not prior art because the public would not have been able to see its source code); Lab. Skin Care, Inc. v. Limited Brands, Inc., 2011 WL 4005444, at *5 (D. Del. Sept. 8, 2011) (concluding that "the offered product is in fact the claimed invention may be established by any relevant evidence, such as memoranda, drawings ... and testimony of witnesses" (citation omitted)). 90 Recognizing this, the court explained to the jury that the defendants had "relied on source code, and the witnesses, the experts talked about source code, to demonstrate how the prior art product worked." Tr. at 3415:19-24. This correction did not undermine "Finjan's argument that [d]efendants failed to lay a proper foundation connecting the source code to the asserted prior art," as the court did not instruct the jury to assume anything other than the fact, under the law, it was appropriate for the defendants to use source code and witnesses testimony to try to establish how the asserted prior art worked. (D.I. 789 at 6-7.) The court made no statements endorsing the defendants' representations regarding the prior art. Notably, Finjan did not argue during its closing argument that the defendants had failed to lay a proper foundation connecting the source code to the prior art. Moreover, it was appropriate for the court to issue this instruction because Finjan agreed that it would not raise any issues concerning the enablement of the prior art software products. (D.I. 672 at 1.) Finjan also argues that the .court's instruction prevented it from offering testimony regarding Dr. Vigna's analysis of assembly and binary code. (D.I. 789 at 6.) However, during the sidebar, the court clearly explained: "I think it is very disingenuous of you to argue to this jury that source code is not publicly available. We all know that. These defendants have clearly relied on these products." Tr. at 3414:12-15. Thus, Finjan understood that the court's instruction had no relation to Finjan's proffering of any testimony regarding Dr. Vigna's analysis of assembly and binary code. Third, Finjan contends that it should have been permitted to introduce evidence showing that Sophos' SWEEP-InterCheck evidence was unreliable. Specifically, Finjan states that it was improperly prohibited from showing the jury: (1) that the floppy disks that Sophos presented at trial did not correspond to the asserted versions of SWEEP-InterCheck and were not prepared 91 until late 1996, even though Mr. Klausner had incorrectly testified that the disks were shipped "in 1995 and prior"; (2) the CD ROMs Sophos relied upon as containing the purported prior art had a copyright and build date of no earlier than 2011 and, therefore, cannot be evidence of the availability of SWEEP-InterCheck in 1996; and (3) that Mr. Klausner's demonstrative programs had file modification dates ranging from 1990 to 1995, even though he testified that he did not prepare these demonstratives until recently, suggesting that the system clock on his computer had been set back to that time period, and calling into serious question the verifiability of other times and date data upon which Sophos relied. (Id. at 7-8.) Finjan argues the exclusion of this evidence severely prejudiced its case because a central feature of its response to Sophos' invalidity case was that Sophos did not provide clear and convincing evidence that the purported combination of Sweep 2. 72 and InterCheck 2.11 was available in the United States before the priority date and that Sophos did not reliably demonstrate the actual functionality of the purported combination. (Id. at 8.) Based on the record, the court cannot agree. Specifically, during trial Sophos presented live testimony and documentary evidence that SWEEP-InterCheck was available in the United States before the priority date. During trial, Finjan had the opportunity to cross-examine Sophos' founder, Dr. Hruska, regarding this issue, but did not sufficiently do so. In particular, Finjan failed to ask detailed questions about SWEEP 2.72 or InterCheck 2.11, which was the subject of Dr. Hruska's testimony. Instead, Finjan inquired as to whether SWEEP and InterCheck were sold independently, as well as the place the first sale of the product was made. Finjan did not ask any questions about any specific version of the product. See Tr. at 2370:9-19. Based on this line of questioning, Dr. Hruska testified, 92 consistent with his past testimony, that InterCheck was always sold with SWEEP, and that the first sale occurred in 1993. Id. Finjan did not ask any other questions regarding dates. Having failed to cross-examine Dr. Hruska on this issue at trial, Finjan cannot now seek to rectify this failure through a new trial. See GNB Battery Techs., Inc. v. Exide Corp., 876 F. Supp. 582, 604 (D. Del. 1995), afj"d, 78F.3d 605 (Fed. Cir. 1996) (denying a motion for a new trial made on grounds that the expert opined on issues beyond the scope of his qualifications because the defendants failed to take advantage of the opportunity to conduct cross examination on those issues); see also Symbol Techs. Inc. v. Opticon, Inc., 935 F.2d 1569, 1576 (Fed. Cir. 1991) (a party choosing not to cross examine a witness on an issue cannot later "recoup for its failed litigation strategy []"). Thus, Finjan's assertion that it was precluded from rebutting Sophos' evidence that SWEEP 2.72 and InterCheck 2.11 were available in the United States before the priority date is not persuasive. Moreover, Finjan argues that various demonstratives that Sophos used to aid the jury's understanding of SWEEP-InterCheck as prior art improperly influenced the jury because Finjan was not allowed to show information regarding those demonstratives. (D.1. 789 at 7-8.) However, Finjan had the opportunity to cross-examine Mr. Klausner, who presented the floppy disk, CD ROMs, and demonstratives, and did not do so. Therefore, for the same reasons advanced in connection with Finjan' s failure to cross-examine Dr. Hruska, Finjan cannot remedy its failure to explore this issue with a new trial. Finjan also argues in its Reply that it was not required to cross-examine Dr. Hruska about Sophos' source code, as the defendants suggest, because the excluded arguments relate to Mr. Klausner's invalidity presentation. Thus, Finjan argues that it should have been allowed to use this evidence during its rebuttal case on invalidity. Tr. at 2467: 17-25. Indeed, Finjan did raise 93 the issue of presenting this evidence through Dr. Vigna's testimony and the court engaged in a lengthy discussion with the parties as to the inclusion of this evidence. 35 Id. at 3000:17-3013:6, 3172: 10-3173 :5. During this discussion, Finjan asserted that Sophos did not provide it with copies of the floppy disks and CR ROMs before trial and did not receive them until the trial began, at which time it recognized the inconsistent dates. Id. at 3004:16-21, 3006:1-22. Based on these inconsistent dates, Finjan argued that it should have the opportunity to introduce this fact to the jury so that the jury could consider whether the program versions shown on the machine at trial corresponded to the dates represented. Id. at 3004:22-3006:22. Sophos, however, responded that the floppy was simply a "dummy" and that the dates Sophos represented with respect to the version on the machine were accurate, rejecting Finjan's allegation to the contrary. Id. at 3009:2-9. In precluding Dr. Vigna from testifying as to the dates on the floppy disks, CR ROMs, and demonstratives, the court explained: I have got officers of the Court here who have made representations that, if proven false, would be sanctionable. I have to believe that we are all honorable people here and that I can rely on the representations that are being made concerning this factual dispute. This is a dispute over what you say is on the machine and what Sophos says is on the machine. . . . We are ending this discussion. I have ruled concerning Dr. Vigna's ability to talk about source code. I think that should be clear. That's the end of that. Tr. at 3009: 11-24. For the reasons articulated during that ruling, the court finds that its exclusion of Dr. Vigna's testimony was proper. Finjan did not cross-examine Mr. Klausner as to the dates on the floppy disks and CD ROMs or dates displayed in the demonstrative when it had the opportunity to do so and the court properly relied on the representations made by Sophos' 35 Finjan also notes that it raised these topics in its proffer. See Tr. at 3172: 10-3173:5. 94 counsel that the items in question were "dummy" versions and not the versions on the machine. A new trial is not warranted. 36 Fourth, Finjan claims that it is entitled to a new trial because, as detailed more fully in its submissions in connection with its renewed motions for JMOL, the jury verdict was against the weight of the evidence. On this point, Finjan and the defendants highlight the arguments they advanced in their JMOL briefing. Because the court has presented its examination of the record with respect to Finjan's renewed requests for JMOL above, it does not restate those findings here. In sum, for the reasons stated above, the court finds that jury verdict of both invalidity and noninfringement was not against the clear weight of the evidence in this case. Consequently, a new trial is not warranted on this ground. Finally, Finjan contends that the court should grant a new trial because the jury verdict was facially inconsistent, "proving that the jury was confused as to the undisputed facts, the law[,] or both." (Id at 9.) With regard to Sophos, Finjan argues that the jury could not have logically concluded that the asserted claims were both invalid and not infringed. Specifically, Finjan notes that during trial Sophos' defense was based on the theory that earlier versions of its accused product, which Sophos alleged operated in the same way as the accused products, were prior art to and fell within the scope of the asserted claims. (Id.) As discussed above in connection with Finjan's JMOL motion as to Sophos, Finjan notes that Sophos' counsel made this point expressly in his closing argument. 37 (Id. at 9-10.) Finjan further asserts that the same is true with respect to Websense, as Websense counsel stated in his closing: "If you find that the '194 Patent is invalid, it means that that patent 36 As the defendants note, Finjan could have had an expert analyze the SWEEP-InterCheck source code. Finjan did not and, as a result, was left to cross-examination of Sophos' witnesses. Finjan did not do so and cannot seek a new trial at this stage on that ground. 37 See supra Section IIl.B.1. 95 and all the claims that are found invalid are invalid as to Websense, too. And that means that there could be no infringement." (Id at 10 (citing Tr. at 3380:4-8).) This, Finjan argues, is inconsistent with the jury verdict form, which asked the jury to first determine infringement and then separately determine invalidity. Thus, Finjan contends that the "jury may have found (incorrectly) that the asserted claims were invalid in view of Sophos' prior art and then followed the incorrect instruction of Websense's counsel and improperly found no infringement by Sophos and the other defendants for that reason alone." (Id at 10-11.) Finjan notes that it had requested that the verdict form direct that the jurors identify any specific reference found to render a patent anticipated or obvious and that only the defendant that presented the evidence be named in the verdict question. (Id at 11.) The court, however, had the parties file a joint verdict form and removed the question asking jurors to identify which reference was found to be anticipatory or obvious. (Id.) Therefore, Finjan asserts that it is not possible to determine what or whose evidence the jury used to determine that the patent was invalid. On this point, Finjan maintains that, under Third Circuit precedent, a new trial is warranted because, when a jury verdict is irreconcilably inconsistent on two points, "the appropriate remedy is ordinarily, not simply to accept one verdict and dismiss the other, but to order an entirely new trial." (Id at 10 (citing Calloway Golf Co. v. Acushnet Co., 576 F.3d 1331, 1344-45 (Fed. Cir. 2009); Comaper Corp. v. Antee, Inc., 596 F.3d 1343, 1355 (Fed. Cir. 2010)).) Again, the court cannot agree. First, and with respect to Websense counsel's closing argument statement that a finding of invalidity "means that there could be no infringement," this statement was not an incorrect recitation of the law. Indeed, "an invalid claim cannot give rise to liability for infringement." Medtronic, Inc. v. Cardiac Pacemakers, Inc., 721 F.2d 1563, 1583 (Fed. Cir. 1983). The Federal Circuit has also recognized that one cannot infringe an invalid 96 l patent as a matter of law. Importantly, Finjan failed to object to this statement at trial and, therefore, waived its claim to a new trial on this ground. Murray v. Fairbanks Morse, 601 F.2d 149, 152 (3d Cir. 1979) ("[F]ailure to object precludes [a party] from seeking a new trial on the grounds of the impropriety of opposing counsel's closing remarks." (citation omitted)); Waldorf v. Shuta, 142 F.3d 601, 629 (3d Cir. 1998) ("[I]t is clear that a party who fails to object to errors at trial waives the right to complain about them following trial."); Matsushita Elec. Indus. Co., Ltd. v. Samsung Elecs. Co., Ltd., 2006 WL 3193982, at *14-15 (D.N.J. Nov. 2, 2006) (motion for a new trial denied on the ground that "counsel's argument to the jury telling them to analyze the invalidity issues before addressing the infringement issue" confused the jury, because the movant failed to object to this statement at trial). The court further finds that its jury instruction and the jury's question during the deliberations regarding their duty to consider both infringement and invalidity make clear that the jury was not confused. Specifically, the court instructed the jury that it was to determine infringement as to each defendant, and then, after that deliberation was complete, determine if the asserted patents are invalid. See Tr. at 3230:20-3233:6. The court's instruction that the jury should determine infringement before determining invalidity cured any potential prejudice or confusion from Websense's counsel's statement. See Mente Chevrolet Oldsmobile, Inc. v. GMAC, 728 F. Supp. 2d 662, 679-80 (E.D. Pa. 2010) (denying a motion for a new trial based in part on alleged jury confusion resulting from the scope of expert testimony and noting that any confusion was cured by "an appropriate jury instruction"); Klink v. Harrison, 332 F.2d 219, 225 (3d Cir. 1964) (noting that there "is a presumption that a verdict is rendered in accordance with the instruction of the trial judge"). Moreover, the jury's question demonstrated that it was not confused, as it determined that none of the defendants infringed the patents-in-suit before 97 assessing whether the patents were invalid. Specifically, the jury asked, "If the jury finds that Finjan has not proven infringement by any of the defendants, is it necessary to answer Verdict Question 7 through 8 [pertaining to invalidity]?" See Tr. at 3429:3-10. Thus, it is clear that the jury considered these two questions separately. It is well established that it is the patentee's burden to prove infringement. Here, the jury found that Finjan did not meet this burden and the jury's verdict of noninfringement and invalidity was supported by sufficient evidence in the record. Absent proper support that the verdicts were inconsistent, which Finjan has not shown, the court cannot grant its request for a new trial on this ground. The court further finds that the jury verdict form was, in fact, proper. Indeed, the jury was not required to identify the basis for invalidity or the specific prior art reference or references upon which it relied. The form was also consistent with other patent cases involving multi-reference invalidity arguments. See, e.g., Cordance Corp. v. Amazon.com, Inc., 658 F.3d 1330, 1333 (Fed. Cir. 2011); i4i Ltd. P'ship v. Microsoft Corp., 598 F.3d 831, 845 (Fed. Cir. 2010). Notably, it is within the court's discretion to determine the content and structure of the verdict form. Wyers v. Master Lock Co., 616 F.3d 1231, 1248 (Fed. Cir. 2010). The court finds that it properly exercised this discretion here, and Finjan does not provide case support for its proposition that verdict form requires the level of specificity that Finjan advances. Notably, Finjan opposed the defendants' request to require a similar level of specificity in the verdict form as it relates to the alleged infringement. (D .I. 716 at 1; D .I. 725 at 1.) In the Third Circuit, inconsistent verdicts "may constitute grounds for ordering a new trial . . . if 'no rational jury could have brought back the verdicts that were returned."' See Monaco v. City of Camden, 366 Fed. Appx. 330, 331-32 (3d Cir. 2010) (citing Mosley v. Wilson, 98 102 F.3d 85, 91 (3d Cir. 1996)). Finjan has not demonstrated that the jury's verdicts were irreconcilably inconsistent, that the jury verdict resulted from its confusion as to the validity and infringement positions advanced at trial, or that the verdicts were irrational. To the contrary, as explained in the court's JMOL analysis above, the jury could have reasonably reached its decisions of noninfringement and invalidity based on substantial evidence in the record. Finjan also has not demonstrated that the jury was confused or that it should have been required to supply more specific information on the jury form. Thus, for the reasons set forth in this Memorandum Opinion, the court finds that a new trial is not warranted in this case. V. CONCLUSION For the reasons stated above, the court will deny all of the outstanding post-trial motions. Dated: September .fl_, 2013 99 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF DELA WARE FINJAN, INC., Plaintiff, v. SYMANTEC CORP., SO PH OS, INC., and WEBSENSE, INC., Defendants. ) ) ) ) ) ) ) ) ) ) C.A. No. 1O-cv-593 (GMS) ~~~~~~~~~~~~~~~~-) ORDER For the reasons stated in the accompanying Memorandum of the same date, IT IS HEREBY ORDERED that: 1. Finjan's Renewed Motions for Judgment as a Matter of Law (D.I. 770; D.I. 771; D.I. 772) are DENIED; 2. Finjan's Motion for a New Trial (D.I. 773) is DENIED; and 3. Websense's Motion for Attorney Fees (D.I. 762) is DENIED. Dated: September l 1' , 2013
]]>
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You
should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
