About Me

Veronica Schmitt

I began my career in digital forensics in 2008 inside South Africa’s Special Investigating Unit. It was not a carefully mapped plan. It was curiosity mixed with a stubborn refusal to accept “good enough” answers. Since then, I have chased logs, malware, attackers, and broken systems across government, private sector, academia, and healthcare.

Today I am Assistant Professor and Programme Lead in Digital Forensics and Incident Response at Noroff University in Norway. I am also completing a PhD at the University of Plymouth focused on designing robust logging practices for medical device manufacturers. I care deeply about observability, evidential integrity, and making sure safety-critical systems can actually tell us what happened when something goes wrong.

Builder of Labs, Logs, and Security Communities

I co-founded DFIRLABS and served as Director of Incident Response, leading complex investigations across healthcare, banking, and corporate sectors. Before academia, I managed the Free State Cyber Forensic Laboratory within the Special Investigating Unit. Incident response is not theoretical for me. I have lived it at 3am.

I am also the co-founder and operational lead for BSides Kristiansand, building a thriving Nordic security community from the ground up. I founded DC2751, serve as a DEF CON Goon, contribute to Biohacking Village, and work with I Am The Cavalry on medical security research. If there is a whiteboard and a slightly chaotic idea, I am probably involved.

Research Mission

My research focuses on vulnerabilities in medical devices within the Internet of Things. I examine how attackers could exploit them, what forensic artefacts remain, and how logging can be engineered so incident response becomes a design principle instead of a post-incident scramble.

I also happen to rely on an implanted medical device myself. This makes the work personal. Protecting people whose lives depend on technology is not an abstract academic exercise for me. It is mission-driven engineering.

Teaching, Tinkering, and Reverse Engineering Everything

I genuinely love teaching. I build realistic malware labs, containment war games, investigative scenarios, and serious games that force students to think like responders instead of passive observers. Watching students move from uncertainty to competence is one of the best parts of my job.

I also love playing with medical devices. Understanding how embedded systems log, communicate, and sometimes fail is endlessly fascinating to me. I enjoy taking apart firmware logic and tracing system behaviour down to its smallest artefacts.

And yes, I have a health obsession with reverse engineering malware. Ransomware in particular. I enjoy unpacking payloads, mapping execution flow, identifying persistence mechanisms, and understanding the tradecraft behind attacks. Some people collect shoes. I collect samples.

At heart I am a forensicator and a hacker. I believe every system leaves traces, logs are sacred, and observability wins arguments. Keep digging. Keep learning. Keep breaking things responsibly.