Webroot & Open Text vs. Kaspersky: Cybersecurity Patent Dispute Ends in Mutual Dismissal
What would you like to do next?
Choose your path based on your current needs:
Introduction
In a significant development for cybersecurity patent litigation, a sprawling 11-patent infringement action filed by Webroot LLC and Open Text, Inc. against AO Kaspersky Lab and co-defendants—including Trend Micro, Inc.—concluded with a stipulated dismissal with prejudice on April 9, 2024. Filed in the Western District of Texas on March 4, 2022, Case No. 6:22-cv-00243 spanned 767 days before the parties agreed to part ways, each bearing their own costs and attorneys’ fees.
The case centered on foundational cybersecurity technologies—endpoint security, threat detection, and network protection—making it a closely watched matter for IP professionals and R&D leaders operating in an increasingly litigious cybersecurity patent landscape. The mutual dismissal without a damages award or injunction reflects a litigation strategy that many sophisticated parties employ when continued litigation risk outweighs potential recovery. For patent attorneys and in-house counsel, this outcome carries nuanced lessons about multi-patent assertion strategies, venue selection, and settlement dynamics in high-stakes technology disputes.
📋 Case Summary
| Case Name | Webroot LLC & Open Text, Inc. v. AO Kaspersky Lab et al. |
| Case Number | 6:22-cv-00243 (W.D. Tex.) |
| Court | Western District of Texas |
| Duration | Mar 2022 – Apr 2024 2 years 1 month |
| Outcome | Mutual Dismissal – No Damages |
| Patents at Issue | |
| Accused Products | Kaspersky Endpoint Security, Trend Micro Apex Central, Apex One, Cloud One-Workload Security, Deep Discovery Endpoint Sensor, Deep Discovery XDR, Deep Security, Smart Protection Network |
Case Overview
The Parties
⚖️ Plaintiffs
Webroot, a cybersecurity firm known for cloud-based threat intelligence and endpoint protection, operates as a subsidiary of Open Text Corporation, an enterprise information management company with a substantial IP portfolio.
🛡️ Defendants
Global cybersecurity vendor with core competencies in endpoint security, threat detection, and network protection. Includes Kaspersky Lab Switzerland GmbH, Kaspersky Labs Limited (UK), and Trend Micro, Inc.
The Patents at Issue
The plaintiffs asserted eleven United States patents spanning critical cybersecurity technologies, including endpoint threat detection, behavioral analysis, network security monitoring, and malware classification.
- • US10284591B2 — Endpoint threat detection
- • US8856505B2 — Behavioral analysis
- • US8181244B2 — Network security monitoring
- • US10599844B2 — Malware classification
- • US11409869B2 — Advanced threat detection
- • US8201243B2 — Security event correlation
- • US10257224B2 — Cloud-based threat intelligence
- • US9578045B2 — File integrity monitoring
- • US8726389B2 — Data leakage prevention
- • US8719932B2 — Intrusion detection systems
- • US8418250B2 — Secure network access
Developing cybersecurity solutions?
Check if your product architecture might infringe these or related patents before launch.
Litigation Timeline & Procedural History
The complaint was filed on March 4, 2022, in the Western District of Texas, a venue historically favored by patent plaintiffs. The case ran for 767 days—approximately two years and one month—before closing on April 9, 2024, at the first-instance district court level. This duration is consistent with complex multi-patent litigation involving international defendants, where claim construction briefing, inter partes review (IPR) petition timelines, and discovery disputes routinely extend proceedings beyond 24 months.
No trial date outcome, chief judge assignment details, or specific motion rulings are disclosed in the available record. The absence of reported summary judgment rulings or claim construction orders suggests the case may have resolved during or shortly after discovery, before dispositive motion practice concluded—a common inflection point at which parties reassess litigation economics.
Legal Representation
Plaintiffs retained a notably large litigation team across five firms: King & Spalding LLP, Jackson Walker LLP, Cherry Johnson Siegmund James PLLC, Steckler Wayne Cherry & Love PLLC, and Sprinkle IP Law Group PC. Lead attorneys included Angela C. Tarasi, Christopher C. Campbell, Mark D. Siegmund, and Gregory Phillip Love, among 22 attorneys of record.
Defendants were represented by Gillam & Smith LLP, Kelly Hart & Hallman LLP, and DeWitt LLP, with Harry Lee Gillam Jr.—a prominent Texas patent litigator—among the defense team.
The Verdict & Legal Analysis
Outcome
The case terminated via a stipulated dismissal under Federal Rule of Civil Procedure 41(a)(1)(A)(ii), filed jointly by all parties. The operative terms:
- • All infringement claims and counterclaims: dismissed WITH PREJUDICE
- • All other defenses and counterclaims: dismissed WITHOUT PREJUDICE
- • Costs and attorneys’ fees: each party bears its own
No damages were awarded. No injunctive relief was granted. The with-prejudice dismissal of infringement claims bars refiling of the same claims—a meaningful concession by the plaintiffs.
Verdict Cause Analysis
The cause of action was a standard patent infringement action. The specific legal reasoning leading to dismissal is not publicly detailed in the available record—which itself is analytically significant. Stipulated dismissals of this structure typically arise from one of several scenarios:
- Settlement with confidential terms supplementing the public stipulation (the most common scenario in high-value IP disputes)
- Litigation risk reassessment by plaintiffs following adverse claim construction rulings or IPR institution decisions
- Business-driven resolution, particularly relevant here given Kaspersky’s geopolitical exposure following U.S. government restrictions on Kaspersky products beginning in 2022—the same year this suit was filed
The retention of “without prejudice” status on non-infringement counterclaims and defenses preserves defendants’ ability to pursue certain claims independently, suggesting the resolution was not a complete capitulation by either side.
Legal Significance
The with-prejudice dismissal of infringement claims is the critical procedural outcome. Under Semtek Int’l Inc. v. Lockheed Martin Corp., such dismissals carry claim-preclusive effect, preventing plaintiffs from reasserting the same patent claims against the same defendants in any forum. This protects Kaspersky and Trend Micro from future assertion of these eleven patents for the accused products.
The preservation of non-infringement defenses and counterclaims without prejudice is an unusual asymmetry worth noting. It suggests defendants may have had active validity challenges—potentially via IPR petitions at the USPTO Patent Trial and Appeal Board (PTAB)—that they wished to preserve optionality around, even as the district court case closed.
Freedom to Operate (FTO) Analysis
This case highlights critical IP risks in cybersecurity solutions. Choose your next step:
📋 Understand This Case’s Impact
Learn about the specific risks and implications from this cybersecurity litigation.
- View all 11 asserted patents in detail
- Analyze related patents in endpoint security and XDR
- Identify key companies active in cybersecurity patenting
🔍 Check My Product’s Risk
Run a comprehensive FTO analysis for your own cybersecurity technology.
- Input your product description or technical features
- AI identifies potentially blocking patents
- Get actionable risk assessment report
High Risk Area
Endpoint security & behavioral detection
11 Asserted Patents
Covering core cybersecurity tech
Strategic Options
For design-arounds & defensive measures
Industry & Competitive Implications
The cybersecurity patent litigation landscape is intensifying. This case exemplifies a broader trend of established cybersecurity vendors leveraging acquired patent portfolios—Open Text expanded significantly through acquisitions including Carbonite (which acquired Webroot in 2019)—to assert rights against direct competitors.
The simultaneous targeting of both Kaspersky and Trend Micro suggests plaintiffs identified architectural similarities across competing endpoint security platforms, potentially tied to common approaches to behavioral threat detection or cloud-based threat intelligence sharing.
For the cybersecurity industry broadly, this litigation pattern signals that endpoint detection and response (EDR), XDR, and cloud workload security technologies are becoming hotly contested IP battlegrounds. Companies building or acquiring in these spaces should anticipate assertion risk and invest in robust patent prosecution strategies and defensive publication programs.
The resolution without public damages figures or injunctions also reflects the settlement confidentiality norms in enterprise cybersecurity—where business relationships, licensing ecosystems, and government contract considerations often make quiet resolution preferable to public adjudication.
✅ Key Takeaways
Stipulated dismissals with prejudice on infringement claims provide defendants with durable claim-preclusive protection worth negotiating for explicitly.
Search related case law →Multi-defendant cases with geopolitically complex parties (e.g., Russian-headquartered entities facing U.S. government scrutiny) introduce non-legal risk factors that can accelerate resolution.
Explore precedents →Large plaintiff-side attorney rosters across multiple firms signal a resource-intensive assertion strategy; defendants should expect sustained discovery pressure.
Identify active litigators →The without-prejudice preservation of non-infringement defenses is a sophisticated drafting choice suggesting ongoing PTAB activity or strategic optionality.
Monitor PTAB cases →Frequently Asked Questions
Eleven U.S. patents were asserted, including US10284591B2, US8856505B2, US8181244B2, US10599844B2, US11409869B2, US8201243B2, US10257224B2, US9578045B2, US8726389B2, US8719932B2, and US8418250B2, covering cybersecurity technologies including endpoint protection, threat detection, and network security monitoring.
The parties stipulated to dismissal under FRCP 41(a)(1)(A)(ii). While specific settlement terms were not publicly disclosed, the with-prejudice dismissal of infringement claims bars plaintiffs from reasserting these patent claims against these defendants in future proceedings.
It reinforces that cybersecurity patent portfolios—particularly those assembled through acquisition—are active assertion tools. Companies in endpoint security, XDR, and cloud security should conduct comprehensive FTO analyses and consider defensive patent strategies proactively.
Ready to Strengthen Your Patent Strategy?
Join 18,000+ IP professionals using PatSnap Eureka to conduct prior art searches, draft patents, and analyse competitive landscapes with AI-powered precision.
References
- PACER Case Filing 6:22-cv-00243
- USPTO Patent Search (via Google Patents)
- USPTO PTAB Docket Search
- Cornell Legal Information Institute — FRCP 41
- PatSnap — Cybersecurity IP Intelligence Solutions
This article is for informational purposes only and does not constitute legal advice. All case information is drawn from publicly available court records. For platform capabilities, visit PatSnap.