IN THE UNITED STATES DISTRICT COURT FOR THE WESTERN DISTRICT OF TEXAS AUSTIN DIVISION
GoSecure, Inc., § Plaintiff § § v. § § No. 1:25-cv-02088-RP CrowdStrike, Inc. and CrowdStrike § Holdings, Inc., § Defendants §
REPORT AND RECOMMENDATION OF THE UNITED STATES MAGISTRATE JUDGE
TO: THE HONORABLE ROBERT PITMAN UNITED STATES DISTRICT JUDGE Before the Court are Defendants’ Motion to Dismiss for Failure to State a Claim, filed February 27, 2026 (Dkt. 13); Plaintiff’s Response, filed March 20, 2026 (Dkt. 18); and Defendants’ Reply, filed April 3, 2026 (Dkt. 20).1 In this litigation between cybersecurity technology companies, Plaintiff GoSecure, Inc. accuses Defendants CrowdStrike, Inc. and CrowdStrike Holdings, Inc. (together, “CrowdStrike”) of infringing United States Patent No. 10,104,099 (“’099 patent”) issued October 16, 2018, “System and method for monitoring a computer system using machine interpretable code.” Dkt. 1-1 at 1. In addition to monitoring computer systems, the patent is directed to improved methods of distributing tools to detect malicious activities. Id. at 2:12-19. These techniques are intended to address “the so-called zero-day attack that exploits security vulnerabilities previously unknown to software developers or system operators.” Id. at 1:57-59.
1 By Text Order issued April 7, 2026, the Honorable Robert Pitman referred the motion to this Magistrate Judge for a report and recommendation, pursuant to 28 U.S.C. § 636(b)(1)(B), Federal Rule of Civil Procedure 72, and Rule 1(d) of Appendix C of the Local Rules of the United States District Court for the Western District of Texas. In its Complaint, GoSecure alleges that CrowdStrike’s Falcon Platform directly infringes “at least claim 1 of the ’099 patent.” Dkt. 1 ¶ 34. That claim recites: A computer implemented method of monitoring a collector computer system, the collector computer system comprising one or more processors and memory storing an interpreter and compiled instructions for execution by the one or more processors, said method comprising: receiving, by the collector computer system, machine interpretable code that is configured for interpretation by the interpreter, wherein the machine interpretable code is not directly executable by the one or more processors and the machine interpretable code includes: information identifying a first set of one or more monitoring targets within the collector computer system, a method for monitoring the first set of one or more monitoring targets, and predefined reporting criteria; interpreting, by the collector computer system, the machine interpretable code with the interpreter to obtain the first set of one or more monitoring targets, the method for monitoring the first set of one or more monitoring targets, and the predefined reporting criteria; monitoring, by the collector computer system, at least a subset of the first set of one or more monitoring targets for candidate activity that satisfies the predefined reporting criteria by executing compiled instructions that correspond to the method for monitoring the first set of one or more monitoring targets; obtaining, by the collector computer system, candidate event information that is associated with the candidate activity; and reporting, by the collector computer system, the candidate event information to a computer system that is distinct from the collector computer system, wherein the compiled instructions are generated by a compiler in a second computer system that is distinct from the collector computer system, and the method includes receiving the compiled instructions from the second computer system for storing the compiled instructions in the memory. Dkt. 1-1 at 20:31-21:2. Alleging that this is an exceptional case under 35 U.S.C. § 285, GoSecure seeks damages, attorneys’ fees, and costs. Id. at 17. GoSecure also asserts claims for inducing and contributory infringement. Id. ¶¶ 44, 46. CrowdStrike asks the Court to dismiss all claims with prejudice. In response to CrowdStrike’s motion to dismiss, GoSecure withdrew its claims of indirect infringement under 35 U.S.C. §§ 271(b) and (c). Dkt. 18 at 2 n.1. Accordingly, the Court addresses only CrowdStrike’s motion to dismiss GoSecure’s claims for direct and willful infringement of claim 1 of the ’099 patent. I. Legal Standards Rule 8(a)(2) “generally requires only a plausible ‘short and plain’ statement of the plaintiff’s claim” showing that the plaintiff is entitled to relief. Skinner v. Switzer, 562 U.S. 521, 530 (2011). In deciding a Rule 12(b)(6) motion to dismiss for failure to state a claim, the court accepts all well- pleaded facts as true, viewing them in the light most favorable to the plaintiff. In re Katrina Canal
Breaches Litig., 495 F.3d 191, 205 (5th Cir. 2007). A complaint must contain sufficient factual matter to “state a claim to relief that is plausible on its face.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007)). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. In patent cases, a complaint must place the alleged infringer on notice of what activity is being accused of infringement. Lifetime Indus., Inc. v. Trim-Lok, Inc., 869 F.3d 1372, 1379 (Fed. Cir. 2017). A plausible claim “must do more than merely allege entitlement to relief; it must support the grounds for that entitlement with sufficient factual content.” Bot M8 LLC v. Sony Corp. of Am., 4 F.4th 1342, 1352 (Fed. Cir. 2021).
Issues that are unique to patent law are governed by Federal Circuit precedent. Woods v. DeAngelo Marine Exhaust Sys., Inc., 692 F.3d 1272, 1279 (Fed. Cir. 2012). But because motions to dismiss under Rule 12(b)(6) raise purely procedural issues, courts apply the law of the regional circuit when deciding whether such a motion should be granted. Bascom Glob. Internet Servs., Inc. v. AT&T Mobility LLC, 827 F.3d 1341, 1347 (Fed. Cir. 2016); PerformancePartners, LLC v. FlashParking, Inc., 697 F. Supp. 3d 678, 682 n.1 (W.D. Tex. 2023) (“[T]he Court looks to Federal Circuit precedent for the underlying substantive law but looks to Fifth Circuit precedent for its Rule 12(b)(6) standards.”). A motion to dismiss under Rule 12(b)(6) is viewed with disfavor and rarely granted. Hodge v. Engleman, 90 F.4th 840, 843 (5th Cir. 2024). In determining whether a plaintiff’s claims survive such a motion, the factual information to which the court addresses its inquiry is limited to the (1) facts set forth in the complaint, (2) documents attached to the complaint, and (3) matters of which judicial notice may be taken under
Free access — add to your briefcase to read the full text and ask questions with AI
IN THE UNITED STATES DISTRICT COURT FOR THE WESTERN DISTRICT OF TEXAS AUSTIN DIVISION
GoSecure, Inc., § Plaintiff § § v. § § No. 1:25-cv-02088-RP CrowdStrike, Inc. and CrowdStrike § Holdings, Inc., § Defendants §
REPORT AND RECOMMENDATION OF THE UNITED STATES MAGISTRATE JUDGE
TO: THE HONORABLE ROBERT PITMAN UNITED STATES DISTRICT JUDGE Before the Court are Defendants’ Motion to Dismiss for Failure to State a Claim, filed February 27, 2026 (Dkt. 13); Plaintiff’s Response, filed March 20, 2026 (Dkt. 18); and Defendants’ Reply, filed April 3, 2026 (Dkt. 20).1 In this litigation between cybersecurity technology companies, Plaintiff GoSecure, Inc. accuses Defendants CrowdStrike, Inc. and CrowdStrike Holdings, Inc. (together, “CrowdStrike”) of infringing United States Patent No. 10,104,099 (“’099 patent”) issued October 16, 2018, “System and method for monitoring a computer system using machine interpretable code.” Dkt. 1-1 at 1. In addition to monitoring computer systems, the patent is directed to improved methods of distributing tools to detect malicious activities. Id. at 2:12-19. These techniques are intended to address “the so-called zero-day attack that exploits security vulnerabilities previously unknown to software developers or system operators.” Id. at 1:57-59.
1 By Text Order issued April 7, 2026, the Honorable Robert Pitman referred the motion to this Magistrate Judge for a report and recommendation, pursuant to 28 U.S.C. § 636(b)(1)(B), Federal Rule of Civil Procedure 72, and Rule 1(d) of Appendix C of the Local Rules of the United States District Court for the Western District of Texas. In its Complaint, GoSecure alleges that CrowdStrike’s Falcon Platform directly infringes “at least claim 1 of the ’099 patent.” Dkt. 1 ¶ 34. That claim recites: A computer implemented method of monitoring a collector computer system, the collector computer system comprising one or more processors and memory storing an interpreter and compiled instructions for execution by the one or more processors, said method comprising: receiving, by the collector computer system, machine interpretable code that is configured for interpretation by the interpreter, wherein the machine interpretable code is not directly executable by the one or more processors and the machine interpretable code includes: information identifying a first set of one or more monitoring targets within the collector computer system, a method for monitoring the first set of one or more monitoring targets, and predefined reporting criteria; interpreting, by the collector computer system, the machine interpretable code with the interpreter to obtain the first set of one or more monitoring targets, the method for monitoring the first set of one or more monitoring targets, and the predefined reporting criteria; monitoring, by the collector computer system, at least a subset of the first set of one or more monitoring targets for candidate activity that satisfies the predefined reporting criteria by executing compiled instructions that correspond to the method for monitoring the first set of one or more monitoring targets; obtaining, by the collector computer system, candidate event information that is associated with the candidate activity; and reporting, by the collector computer system, the candidate event information to a computer system that is distinct from the collector computer system, wherein the compiled instructions are generated by a compiler in a second computer system that is distinct from the collector computer system, and the method includes receiving the compiled instructions from the second computer system for storing the compiled instructions in the memory. Dkt. 1-1 at 20:31-21:2. Alleging that this is an exceptional case under 35 U.S.C. § 285, GoSecure seeks damages, attorneys’ fees, and costs. Id. at 17. GoSecure also asserts claims for inducing and contributory infringement. Id. ¶¶ 44, 46. CrowdStrike asks the Court to dismiss all claims with prejudice. In response to CrowdStrike’s motion to dismiss, GoSecure withdrew its claims of indirect infringement under 35 U.S.C. §§ 271(b) and (c). Dkt. 18 at 2 n.1. Accordingly, the Court addresses only CrowdStrike’s motion to dismiss GoSecure’s claims for direct and willful infringement of claim 1 of the ’099 patent. I. Legal Standards Rule 8(a)(2) “generally requires only a plausible ‘short and plain’ statement of the plaintiff’s claim” showing that the plaintiff is entitled to relief. Skinner v. Switzer, 562 U.S. 521, 530 (2011). In deciding a Rule 12(b)(6) motion to dismiss for failure to state a claim, the court accepts all well- pleaded facts as true, viewing them in the light most favorable to the plaintiff. In re Katrina Canal
Breaches Litig., 495 F.3d 191, 205 (5th Cir. 2007). A complaint must contain sufficient factual matter to “state a claim to relief that is plausible on its face.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007)). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. In patent cases, a complaint must place the alleged infringer on notice of what activity is being accused of infringement. Lifetime Indus., Inc. v. Trim-Lok, Inc., 869 F.3d 1372, 1379 (Fed. Cir. 2017). A plausible claim “must do more than merely allege entitlement to relief; it must support the grounds for that entitlement with sufficient factual content.” Bot M8 LLC v. Sony Corp. of Am., 4 F.4th 1342, 1352 (Fed. Cir. 2021).
Issues that are unique to patent law are governed by Federal Circuit precedent. Woods v. DeAngelo Marine Exhaust Sys., Inc., 692 F.3d 1272, 1279 (Fed. Cir. 2012). But because motions to dismiss under Rule 12(b)(6) raise purely procedural issues, courts apply the law of the regional circuit when deciding whether such a motion should be granted. Bascom Glob. Internet Servs., Inc. v. AT&T Mobility LLC, 827 F.3d 1341, 1347 (Fed. Cir. 2016); PerformancePartners, LLC v. FlashParking, Inc., 697 F. Supp. 3d 678, 682 n.1 (W.D. Tex. 2023) (“[T]he Court looks to Federal Circuit precedent for the underlying substantive law but looks to Fifth Circuit precedent for its Rule 12(b)(6) standards.”). A motion to dismiss under Rule 12(b)(6) is viewed with disfavor and rarely granted. Hodge v. Engleman, 90 F.4th 840, 843 (5th Cir. 2024). In determining whether a plaintiff’s claims survive such a motion, the factual information to which the court addresses its inquiry is limited to the (1) facts set forth in the complaint, (2) documents attached to the complaint, and (3) matters of which judicial notice may be taken under Federal Rule of Evidence 201. Gomez v. Galman,
18 F.4th 769, 775 (5th Cir. 2021) (per curiam). II. Analysis CrowdStrike contends that the Court should dismiss GoSecure’s complaint because GoSecure: 1. does not allege facts plausibly showing that material claim limitations of the ’099 patent are met; 2. fails to plausibly allege that either defendant infringes the ’099 patent method claims by making or selling the Accused Products; and 3. fails to adequately plead willful infringement or state facts justifying an award of increased damages or attorneys’ fees. A. GoSecure Plausibly Alleges the Accused Products Meet Material Claim Limitations Direct infringement occurs when “whoever without authority makes, uses, offers to sell, or sells any patented invention, within the United States . . . during the term of the patent therefor.” 35 U.S.C. § 271(a). In Bot M8, 4 F.4th at 1352, the Federal Circuit embraced a flexible pleading standard for direct infringement, asking “whether the factual allegations in the complaint are sufficient to show that the plaintiff has a plausible claim for relief.” The court explained: The level of detail required in any given case will vary depending upon a number of factors, including the complexity of the technology, the materiality of any given element to practicing the asserted claim(s), and the nature of the allegedly infringing device. Accordingly, a plaintiff cannot assert a plausible claim for infringement under the Iqbal/Twombly standard by reciting the claim elements and merely concluding that the accused product has those elements. There must be some factual allegations that, when taken as true, articulate why it is plausible that the accused product infringes the patent claim. Id. at 1353. To satisfy the Bot M8 standard, a complaint must identify the accused products and plausibly allege that those products meet the limitations of at least one asserted claim. Repairify, Inc. v. Keystone Auto. Indus., Inc., 610 F. Supp. 3d 897, 905 (W.D. Tex. 2022). GoSecure alleges that CrowdStrike’s flagship product, the Falcon Platform (“Accused Products”), relies on a sensor in the memory of a device such as a laptop and adjusts its monitoring
activity based on machine interpretable called “Rapid Response Content.” Dkt. 1 ¶ 38. It alleges that the Accused Products use malware detection and endpoint protection platforms that practice the methods claimed in the ’099 patent. Id. ¶ 29. CrowdStrike argues that GoSecure alleges no facts to show that the Accused Products satisfy the “machine interpretable code” and “compiled instructions” limitations. GoSecure responds by identifying relevant allegations and contending that “CrowdStrike’s arguments amount to nothing more than disagreements with GoSecure’s infringement theory.” Dkt. 18 at 11. The Court agrees. Taking GoSecure’s allegations as true, and drawing all reasonable inferences in its favor, GoSecure has alleged facts plausibly showing these claim limitations are met. CrowdStrike’s
arguments are more appropriate for the factfinding stage of this litigation, not on motion to dismiss. B. GoSecure Plausibly Alleges CrowdStrike Infringes the ’099 Patent CrowdStrike argues that GoSecure does not plausibly plead direct infringement by alleging that it makes or sells the Accusing Products. But GoSecure alleges that each Defendant directly infringes the ’099 patent by using the Accused Products, and that both perform the claimed method through their operation of the Falcon Platform and related services. Dkt. 1 ¶¶ 30, 34-36. This Magistrate Judge finds these allegations sufficient at the pleading stage to show that GoSecure has a plausible claim for relief. Bot M8, 4 F.4th at 1352. C. GoSecure Adequately Pleads Willful Infringement A plaintiff may ground a willful infringement claim exclusively in post-sale conduct. Atlas Glob. Techs., LLC v. Sercomm Corp., 638 F. Supp. 3d 721, 730 (W.D. Tex. 2022); BillJCo, LLC v. Apple Inc., 583 F. Supp. 3d 769, 778 (W.D. Tex. 2022). At the pleading stage, a plaintiff plausibly alleges willful infringement by alleging facts supporting a reasonable inference that the
defendant knew of the asserted patent and, despite that knowledge, deliberately or intentionally continued its infringing conduct. Halo Elecs., Inc. v. Pulse Elecs., Inc., 579 U.S. 93, 103-04 (2016); CTD Networks, LLC v. Google, LLC, 688 F. Supp. 3d 490, 503 (W.D. Tex. 2023), appeal dismissed, No. 2023-2428, 2024 WL 3587917 (Fed. Cir. May 24, 2024). At a minimum, GoSecure plausibly alleges CrowdStrike has known of the ’099 patent since at least its receipt of the Complaint, but continues using the Falcon Platform. Dkt. 1 ¶¶ 34, 45. III. Recommendation Finding that GoSecure has plausibly pled claims for direct and willful infringement, this Magistrate Judge RECOMMENDS that the District Court DENY Defendants’ Motion to Dismiss for Failure to State a Claim (Dkt. 13). Because GoSecure has withdrawn its indirect infringement claims, if the District Court accepts
this recommendation, only its claims for direct and willful infringement will survive. IT IS ORDERED that the Clerk remove this case from this Magistrate Judge’s docket and return it to the docket of the Honorable Robert Pitman. IV. Warnings The parties may file objections to this Report and Recommendation. A party filing objections must specifically identify those findings or recommendations to which objections are being made. The District Court need not consider frivolous, conclusive, or general objections. Battle v. United States Parole Comm’n, 834 F.2d 419, 421 (5th Cir. 1987). A party’s failure to file written objections to the proposed findings and recommendations contained in this Report within fourteen (14) days after the party is served with a copy of the Report shall bar that party from de novo review by the District Court of the proposed findings and recommendations in the Report and, except on grounds of plain error, shall bar the party from appellate review of unobjected-to proposed factual findings and legal conclusions accepted by the District Court. 28 U.S.C. § 636(b)(1); Thomas v. Arn, 474 U.S. 140, 150-53 (1985); Douglass v. United Servs. Auto. Ass’n, 79 F.3d 1415, 1428-29 (5th Cir. 1996) (en banc). SIGNED on June 8, 2026. Sk SUSAN HIGHTOWER UNITED STATES MAGISTRATE JUDGE