UnixTime

About UnixTime

UnixTime

Engineering evidence, not recycled advice.

UnixTime is an independent technical publication for people who design, secure, operate, and audit real systems.

The work connects standards and architecture to implementation choices, failure modes, and evidence that can survive review.

The premise

Standards explain intent. Systems create evidence.

Most guidance stops at what a control, platform, or architecture should do. UnixTime follows the work further: into configuration, operational ownership, failure recovery, verification, and the records needed to prove that the design actually operated.

How the work is made

A publication method built for technical scrutiny.

Every useful guide should help a reader make a decision, reproduce the implementation, and understand what can still fail.

  1. 01

    Start with primary sources

    Standards bodies, project documentation, source repositories, vendor release notes, and regulatory texts come before commentary.

  2. 02

    Expose the operating constraints

    Version boundaries, trust assumptions, ownership, recovery, cost, and performance limits are part of the design, not footnotes.

  3. 03

    Build and inspect the result

    Examples are tested against the rendered site and the system behavior they claim to explain. Generated output is reviewed as a public attack surface.

  4. 04

    Connect controls to evidence

    Security claims are mapped to owners, runtime signals, review records, and exceptions instead of being treated as configuration checkboxes.

Three ways into the work

Read at the level your problem requires.

01

Field notes

Long-form implementation guides, architecture analysis, operational lessons, and direct technical judgment.

Browse the blog
02

Research base

Structured notes across ISO 27001, ISO 27002, ISO 27005, controls, risks, evidence, audit questions, and templates.

Open research
03

Knowledge tree

A navigable map of the relationships between standards, controls, risks, implementation work, and assurance evidence.

View the tree
Portrait of Hassan El-Masri

Accountable authorship

Written and maintained by Hassan El-Masri.

Security strategist and systems practitioner

Hassan has more than 20 years of information technology and cybersecurity experience across networking, identity and access management, deception technologies, infrastructure, and security architecture.

UnixTime is where that work is documented in public: not as universal recipes, but as reviewable engineering decisions with boundaries, risks, and evidence.

View author profile

Selected field notes

Current work from the publication.

  1. 01
    Tech / Cybersecurity

    OpenSearch Enterprise Implementation Guide

    A production guide to OpenSearch architecture, cluster sizing, Linux tuning, Docker Swarm, Kubernetes, managed cloud, CI/CD, security, compliance, and AI search.

  2. 02
    Cybersecurity

    ISACA for Engineers: Governance, Risk, and AI Systems

    A practical engineer's guide to ISACA, COBIT, NIST, ISO, MITRE, OWASP, and how governance thinking applies to AI systems, honeypots, and context-server platforms.

Start here

Choose the artifact that matches the decision in front of you.

Use the blog for implementation depth, the research base for structured control and evidence work, or contact UnixTime when the problem crosses both.