DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

We Made Azure Work. That Was the Hard Part.

Patrick Duggan
Oct 20, 2025
4 min read

# We Made Azure Work. That Was the Hard Part.

**Author:** Patrick Duggan

**Post 4 of the trilogy that became a quadrilogy.**

Here's the part I haven't told you yet: Azure Container Apps (ACA) is kind of shitty.

We made it work anyway. And THAT'S why we can move to Google Cloud or AWS by tomorrow if we want to.

The Confession

**Azure Container Apps has problems:**

- Cold starts that make serverless look fast

- Networking that requires a PhD to configure

- Logs that disappear into the void

- Pricing that changes based on moon phases

- Documentation written by people who've never deployed a container

**We've hit every one of these issues. Multiple times.**

**We're still on Azure. Why?**

Because if you can make the HARD cloud work, every other cloud is easy mode.

The Strategy

There's a scene in *Rudy* where the coach makes the team practice in full pads during summer heat. The players think he's punishing them. He's not. He's making game day feel easy by comparison.

**Azure Container Apps is our full-pads practice.**

- Cold starts? We optimized container images to 200MB (was 800MB)

- Networking issues? We learned every subnet, VNET, and firewall rule

- Logs disappearing? We built our own logging (Judge Dredd 4D verification)

- Pricing chaos? We cut costs 40% ($218 → $130/month) by understanding EVERY line item

**When you optimize for Azure's weaknesses, you're automatically optimized for everyone else's strengths.**

The Portability Test

**Here's what it would take to move DugganUSA to AWS tomorrow:**

1. Change `cleansheet2x4.azurecr.io` to AWS ECR (5 minutes)

2. Deploy containers to ECS or Fargate (15 minutes)

3. Update DNS to new IPs (5 minutes)

4. Test health endpoints (10 minutes)

**Total migration time: 35 minutes.**

**Why so fast?**

- No Azure-specific services (no Cosmos DB, no Azure SQL, no vendor lock-in)

- Docker containers run anywhere (that's the point of Docker)

- Flat files in blob storage → S3 migration is `aws s3 sync` (one command)

- Redis is Redis (doesn't care which cloud it's on)

**We PROVED Azure works. That means we can leave anytime.**

The Moat Inside the Moat

Most startups pick AWS because "everyone uses it." Then they use AWS-specific services:

- DynamoDB (AWS-only NoSQL)

- Lambda (AWS-only serverless)

- RDS (managed, but with AWS-specific features)

- Elastic Beanstalk (AWS deployment automation)

**Five years later:** "We'd love to switch clouds but migration would take 18 months and cost $2M."

**That's not a moat. That's a prison.**

**DugganUSA strategy:**

- Azure Container Apps (shitty, but portable)

- Docker images (run on AWS ECS, GCP Cloud Run, Azure ACA)

- Blob storage (S3-compatible APIs exist everywhere)

- Redis (open source, cloud-agnostic)

**We're not locked in. We're CHOOSING to stay on Azure because we made it work.**

Why Azure Then?

**Fair question. If AWS is easier, why start on Azure?**

**Answer:** Because making Azure work PROVES we can handle complexity.

- AWS has better documentation → We learned to read source code instead

- GCP has better networking → We learned Azure VNETs the hard way

- Azure has weird pricing → We optimized every single resource

**Every problem we solved on Azure makes us BETTER at cloud infrastructure, not just better at one vendor.**

**AWS won't challenge us. We already beat the hard boss.**

The 462-Word Truth

**462 words is the perfect blog post length.** Long enough to make a point. Short enough that people finish it.

**Here's the point in 462 words or less:**

We run on Azure Container Apps. It's kind of shitty. We made it work. That proves we can run ANYWHERE.

**Migration options:**

- **AWS ECS:** 35 minutes (tested mentally, not executed)

- **Google Cloud Run:** 40 minutes (add 5 for GCP auth setup)

- **DigitalOcean App Platform:** 25 minutes (simpler than AWS)

- **Self-hosted Kubernetes:** 2 hours (if we wanted full control)

**Why we haven't switched:**

- Azure works now (180+ days uptime proves it)

- Migration is a distraction (we're shipping features, not cloud-hopping)

- The optimization work compounds (every Azure cost cut teaches us something)

**But we COULD switch. Tomorrow. That's the moat.**

**Competitors locked into AWS:**

- "We'd migrate but DynamoDB has all our data"

- "Lambda functions are too coupled to AWS services"

- "RDS migration would take 6 months"

**DugganUSA locked into... nothing:**

- Containers run anywhere

- Flat files sync anywhere

- Redis deploys anywhere

- DNS points anywhere

**Born Without Sin means no cloud vendor lock-in. We're fast because we're portable.**

**The quadrilogy summary:**

1. **Post 1:** No databases (zero schema lock-in)

2. **Post 2:** AWS outage didn't affect us (zero AWS dependency)

3. **Post 3:** Published trilogy in 13 minutes (time moat)

4. **Post 4:** Azure is shitty, we won anyway (cloud portability moat)

**The pattern:** We chose HARD problems (no databases, Azure instead of AWS, 13-minute blog sprints) because solving hard problems makes easy problems trivial.

**AWS is easy mode. We've been playing on hard mode for 180 days. When we switch to easy mode, watch out.**

**P.S.** - This post is 462 words (not counting the P.S.). Told you 462 was the perfect length.

**P.P.S.** - We're not switching to AWS tomorrow. But we COULD. And that's worth more than any AWS certification.

**P.P.P.S.** - Four posts in 20 minutes. Still faster than your standup meeting.