Publications

Books, briefs, and research

Banjico publishes 5 active and in-progress pieces across books, papers, and perspective notes. The writing is part of the brand, not a side note.

Read the featured work Explore research
BookDrafting now26 chapters in progress

Supply-Chain Attack Field Guide

A long-form field guide that explains how attackers abuse dependency trust, release automation, and AI-assisted deception inside modern software systems.

The manuscript is written for engineers who need the attack path, the failure points, and the defender’s response in one place.

Open the manuscript Browse the library
At a glance

1 book, 2 papers, and 2 perspective notes currently live in the catalog.

BooksResearch papersPerspective notes

The catalog stays small on purpose so the work can keep its editorial standard.

Books

Long-form field guides and manuscript chapters. Pro membership.

BookDrafting now

Supply-Chain Attack Field Guide

A long-form field guide that explains how attackers abuse dependency trust, release automation, and AI-assisted deception inside modern software systems.

Pro membership26 chapters in progress
Supply-chain securityDependency trustAI-assisted deception
Read chapter notes

Research papers

Cited analysis on current threat patterns. Free with account.

Research paperPublished

Why the Modern Build Pipeline Counts as an Attack Surface

Build tooling, CI runners, signing flows, and release automation all become trust-bearing systems once a team ships software at speed.

Free with account8 min readApr 18, 2026
Build securityCI/CDIdentity
Read publication
Research paperPublished

AI-Assisted Phishing Is Workflow Abuse With Better Output

AI does not invent a new trust problem here. It lowers the cost of believable output, which makes workflow trust harder to defend.

Free with account7 min readMar 28, 2026
AI securitySocial engineeringThreat workflows
Read publication

Perspective notes

Short editorial observations and working notes. Free with account.

Perspective notePublished

What Secure-by-Design Means for Small Teams

Secure-by-design is not a slogan about restraint. It is a way to reduce rework, clarify ownership, and keep the system calm when the team is small.

Free with account4 min readApr 9, 2026
Secure by designSmall teamsEngineering discipline
Read publication
Perspective notePublished

Why AI Changes the Cost of Trust in Developer Workflows

AI makes it cheaper to produce plausible code, documentation, and conversation, which means trust needs a stronger design than it did before.

Free with account5 min readFeb 21, 2026
AI workflowDeveloper securityProvenance
Read publication

Publishing roadmap

Books are the long game. They make the brand a source of technical authority, not just a provider of services.

Phase I
Now

Finish the manuscript

Deliver the current cybersecurity book focused on supply-chain attacks and AI-assisted deception.

Phase II
Next

Publish supporting briefs

Release shorter analyses that reinforce the book and keep the brand active in the research space.

Phase III
Future

Expand into a catalog

Grow into a recognizable technical publishing line with books spanning cybersecurity, software, and web development.

Want to follow the writing?

If the research or technical notes are useful, keep an eye on the publications or send a note by email.