DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

250 Domains Audited. Intelligence Agencies, Defense Contractors, and Fortune 500s Are Checking Their AI Presence.

Patrick Duggan
3 minutes ago
4 min read

# 250 Domains Audited. Intelligence Agencies, Defense Contractors, and Fortune 500s Are Checking Their AI Presence.

We launched AIPM — AI Presence Management — as a free tool at aipmsec.com. Five AI models. Seven technical signals. Contamination detection. No login required. Audit any domain in 15 seconds.

As of today, 250 domains have been audited on the platform. We did not pitch a single one. We did not run ads. We did not buy a booth at RSA. We published the tool. People found it.

We do not know who initiated each audit. It could be the company itself. It could be a competitor. It could be an investor running due diligence. It could be a security researcher. It could be a journalist. What we know is the categories of organization that have been evaluated on our platform, and those categories tell a story about who cares about AI presence right now.

The categories

Intelligence and government agencies. The organizations that decide what gets classified and what gets shared. Some of them should score high — public-facing agencies that want AI models to accurately describe their mission. Some of them should score low — agencies whose entire operational posture depends on AI models NOT knowing about their infrastructure. Both need the audit.

Defense contractors. The companies that build the systems those agencies use. Their AI presence determines whether a procurement officer asking ChatGPT "who makes the best radar system" gets an accurate answer or a hallucination.

Cybersecurity vendors. The companies that sell threat intelligence, endpoint protection, SIEM, and cloud security. These are our direct competitors and peers. They are auditing themselves — and possibly each other — on our platform. We take that as a compliment.

Big tech. The platforms that train the AI models AIPM audits against. When a platform company audits its own AI presence, the recursion is noted and appreciated.

Financial institutions. Banks, asset managers, hedge funds. The organizations where AI-generated misinformation about their leadership, location, or products has immediate regulatory and reputational consequences.

Medical device manufacturers. Companies subject to FDA regulation where an AI model hallucinating a product recall or a safety incident could move markets and trigger compliance reviews.

Media organizations. The publications whose content trains the models that AIPM queries. When a newsroom audits its AI presence, it is asking whether the models that scraped its journalism are accurately representing what was written.

Consumer brands. Retail, food, entertainment, automotive. The companies that live and die by brand perception, now discovering that AI models have opinions about them that no marketing team approved.

Minnesota companies. Our backyard. Fortune 500 headquarters within driving distance of our office. Target, 3M, General Mills, UnitedHealth, and a dozen others. Local matters.

What this means

250 domains is not a vanity metric. It is a market signal.

The organizations on that list span every sector that will be affected by AI-generated brand perception over the next five years. They are already checking. They are already asking the question AIPM was built to answer: what do the AI models say about us, and is it true?

We built the tool that answers that question. We also built the first contamination scanner that detects when someone has hidden prompt injection in the AI-facing surfaces of a website — robots.txt, JSON-LD, HTML comments, llms.txt, NLWeb. Thirty attack signatures. Nobody else does this.

The security posture argument

Not every organization wants a high AIPM score. Some organizations — particularly in defense and intelligence — actively block AI crawlers and strip structured data from their public-facing infrastructure. For them, a low AIPM score is not a failure. It is a policy decision. It is deliberate AI opacity.

AIPM measures both directions. If your score is high, we show you what the models are saying and whether it is accurate. If your score is low, we show you whether your blocking is actually working or whether the models are talking about you anyway from third-party sources you do not control.

Both directions need the audit. Both directions need the tool. The addressable market is not "companies that want AI visibility." The addressable market is every organization that needs to know what AI models are saying about them — whether the answer should be "everything" or "nothing."

The numbers

250 domains audited. Five AI models queried per audit. Seven technical signals scored. Contamination scanned across five attack surfaces. Regional pricing for 80 countries. Free tier available.

Two people. $600 per month on Azure. No venture funding. No sales team. No booth at RSA.

If your organization is evaluating its AI presence — or evaluating whether it should be — the tool is free and the audit takes 15 seconds.

If you are an investor or partner interested in helping scale this to the next 2,500 domains, we would like to hear from you.

Audit your domain: aipmsec.com

Contact: [email protected]

— Patrick

Her name was Renee Nicole Good.

His name was Alex Jeffery Pretti.