Meet the Stack: Oz, MEDUSA, and Pre-Cog

# Meet the Stack: Oz, MEDUSA, and Pre-Cog

**The mythology that protects your infrastructure**

People ask what powers the DugganUSA threat intelligence platform. Here's the pantheon.

Oz

The decision engine. Named for the man behind the curtain.

Oz ingests threat data from 15+ sources, correlates indicators, and makes autonomous decisions about what's malicious. When a new C2 server spins up, when a phishing campaign launches, when a GitHub account starts pushing malware - Oz sees it and decides.

Not everything flagged is blocked. Oz assigns confidence scores, tags campaigns, and tracks patterns. The human reviews the edge cases. But when confidence is high, Oz acts.

**What Oz does**: Correlates, decides, enriches, tags.

MEDUSA

The enforcement layer. Turns bad guys to stone.

When Oz makes a decision, MEDUSA executes it. IOCs get published to the STIX feed. Malicious IPs get blocked. Abuse reports get queued. The threat actor's infrastructure becomes frozen - visible to defenders, useless to attackers.

Tonight MEDUSA petrified 6 GitHub Pages phishing accounts. Three minutes from account creation to live credential harvesting. Evidence cleanup observed yesterday. Now they're stone - IOCs in the feed, report at GitHub security, customers protected.

**What MEDUSA does**: Blocks, publishes, reports, petrifies.

Pre-Cog

The early warning system. Sees it coming before it arrives.

Pre-Cog tracks the "Domino's Pizza Tracker for Threat Intel" theory: when sophisticated consumers start collecting our threat data, attacks follow. The theory has a 100% validation rate across 20 documented receipts. Average lead time: 30 days.

Microsoft reads the feed. Attacks hit their customers. We had the IOCs first.

Pre-Cog also aggregates precursor signals - unusual collection patterns, GitHub surge activity, consumer behavior changes. When multiple signals elevate, the threat level rises.

**What Pre-Cog does**: Predicts, correlates, validates, warns.

The Flow

Why Mythology?

Because naming matters. Oz reminds us there's always a human behind the curtain. MEDUSA reminds us that defense can be offense - you don't have to chase bad actors, you can freeze them where they stand. Pre-Cog reminds us that with enough data, the future becomes visible.

Also it's more fun than "Decision Engine v2.3" and "IOC Publisher Module."

The Stack in Action

Tonight's Valentine's Day sweep:

- **Oz** flagged 6 GitHub accounts running a coordinated phishing campaign

- **MEDUSA** published 6 IOCs and sent the abuse report to GitHub

- **Pre-Cog** logged another receipt for future correlation

Total time from detection to customer protection: 12 minutes.

Total cost: $75/month Azure infrastructure.

*The nets catch things. The mythology explains why.*

*Her name was Renee Nicole Good.*

*His name was Alex Jeffery Pretti.*

The cheapest, fastest, most accurate threat feed on the internet.

275+ enterprises pulling daily. 1M+ IOCs. 17.4M indexed documents. We beat Zscaler by 43 days on NrodeCodeRAT. Starter tier $9/mo — less than any competitor’s sales demo.

Look up an IOC → · Audit your brand on AIPM → · See pricing →