TL;DR
- The Nerdy 30 is Expel’s LinkedIn Live series: 30 minutes, one nerdy security topic, a countdown timer, and an alarm that fires whether or not anyone’s done talking
- The conversations are practitioner-led and unscripted—hot takes, honest disagreements, and the occasional tangent about cannibalism in Antarctica
- Episode 9 is coming—register to catch it live, or watch all eight previous sessions on demand at youtube.com/@expelsecurity
Thirty minutes with real people (and no filter)
Most security content follows the same script. Panel of experts. Prepared remarks. Moderator who keeps things safe. Everyone leaves having said nothing they couldn’t have put in a press release.
The Nerdy 30 does not do that.
Ben Baker—Expel’s Director of Content—started this series with a simple premise: 30 minutes on a nerdy topic, a real countdown timer on screen, and an alarm that cuts the conversation off when it hits zero. No extensions. No “just one more thing.” The alarm goes off and it’s over.
Eight episodes in, it’s produced some of the most honest security conversations we’ve had on record. Here’s a taste.
What the conversations actually sound like
When Expel co-founder Justin Bajko came on to talk about the state of the MDR market, Ben asked him for his honest read. One word: “Gross.”
He meant it as a compliment, sort of. His actual argument was that MDRs and AI SOC companies are competing in the same market and haven’t collectively figured that out yet—which makes it a weird, messy, transitional moment. Not bad, just unsettled. He compared it to the Apple ecosystem, then pointed out that nobody in cybersecurity has actually built that.
That kind of answer is what the Nerdy 30 is for.
When Marcus Hutchins—the researcher who stopped WannaCry—joined the episode on AI malware hype, he wasn’t interested in speculating about threats he couldn’t test. His take on the AI-generated malware panic: “AI is mostly making it easier for attackers to do what they were already doing.” The tell that a piece of malware was written by an AI? Emojis in the comments. No actual developer does that. Marcus said he could identify which model generated a nation-state sample just from the emoji patterns.
When the same episode’s conversation turned to AI and the speed of exploitation, Expel CTO Greg Notch put it plainly: “Right now we have the worst models we’re ever going to have.” He wasn’t being alarmist—his point was that the slope of the curve matters more than where we are on it today, and defenders should be building for that trajectory, not the current snapshot.
James Shank had the most grounding response. He noted that IPv6 was specified in December 1995 and just crossed 50% of Google traffic. Thirty years. “Necessity is the mother of invention,” he said. The dynamics between attackers and defenders are business dynamics, not just technical ones. Things move when there’s economic pressure to move them—not before.
On the SOC metrics episode, Ray Pugh and Ben Brigida walked through a real example that stuck. One of their best analysts looked slow on paper. When they dug into the data, they found she was pulling incidents from low-severity alerts within 10 minutes of starting her shift. The metric was accurate and completely wrong. Ben Brigida’s framing: “All data, all metrics, are a proxy to what’s actually happening in the real world.” Don’t trust it too much.
And then there’s Rusty Newton, who showed up to talk about cybersecurity certifications and ended up advocating for what he calls the “nappuccino.” Drink caffeine, take a 15-minute rest, and let both hit at the same time. It’s an emergency technique for the afternoon slump. It works.
Why it’s worth 30 minutes of your time
The format is designed to produce real conversations. Guests can’t slow-play their way through setup—the timer is on screen, everyone can see it, and they know there’s no saving the good stuff for the end. Questions from the live audience get woven in with two minutes left on the clock. When the alarm fires, it fires.
The result is something that feels less like a webinar and more like overhearing a conversation between people who’ve been arguing about this stuff for years. Sometimes they disagree on screen. Sometimes someone says something that makes the other guests visibly reconsider. Sometimes someone gets stranded in Antarctica and survives on cheese powder.
All episodes are on demand at youtube.com/@expelsecurity. They usually drop a week or so after the live event.
- Episode 1: How to pass CISSP, Security+ & CISM: Study strategies that actually work
- Episode 2: How to measure SOC efficiency: The metrics that actually matter
- Episode 3: AI in cybersecurity: How to reduce SOC burnout and alert fatigue
- Episode 4: MDR vendor market: AI SOC startups, consolidation & what buyers should know
- Episode 5: Cloud identity chaos: How to take control before attackers do
- Episode 6: AI malware: Fact vs. fiction with Marcus Hutchins
- Episode 7: Expert takes: Claude Mythos and cybersecurity
- Episode 8: Coming soon
Follow Expel on LinkedIn to hear about new session details as soon as they’re announced.
