Lodrina became a SANS instructor to help instill solid foundational skills, practices, and techniques in students to advance their understanding of Digital Forensics and Incident Response (DFIR), as well as to advance the overall DFIR profession. Lodrina finds it particularly rewarding that even one footnote or a single mention among the hundreds of pages covered in a week-long course can help a student someday break a case.
Lodrina's goal as an instructor is to help students look at an investigation from multiple angles by using different tools to find as many facts as possible. She wants her students to understand the mindset needed and the possible blind spots to be explored when investigating a case. "Even when Windows upgrades and new artifacts are present, we will work to understand the different investigative techniques needed," she explains.
Lodrina also helps students use forensic principles to understand artifacts they might not have even known existed, providing a strong sense of user activity. These artifacts include logons, the external devices used, and the websites visited, among many others.
Lodrina is the Principal Security Advocate at Cybereason, working to advance security policy and standards. She also performs research with the Technology and Social Change Research Project in the Shorenstein Center at Harvard Kennedy School. Previously she worked as a computer forensics examiner for Arsenal Consulting, where she focused on preservation and analysis of electronic evidence, including host-based analysis of Windows, macOS, Android, and iOS systems in matters concerning intellectual property theft, employment disputes, and evidence tampering.
Lodrina has been pursuing her interests or working in cybersecurity for 15 years. In one particularly memorable investigation, she helped in the acquittal of more than 200 foreign imprisoned senior military officers in Turkey after showing that the electronic documents used to indict them were forged. Known as "Sledgehammer," the case involved sophisticated forgery and backdating of documents related to a military coup in Turkey. Lodrina explained that while everything in the indictment initially looked "right" on the surface to tools and parsers, a few details just didn't line up. "Digging through documents at the lowest level and finding the answers in hex was extremely satisfying and had real-world ramifications for the people who had been wrongly indicted," she says.
Lodrina has a bachelor's degree in computer science from Boston University and holds the GCFE, GCFA, and GASF certifications. She is a member of the GIAC Advisory Board, contributes to This Week in 4n6, and is a two-time Lethal Forensicator Coin Holder. She was named to SC Magazine's prestigious Women in IT Security 2019 issue in the Women to Watch category.
Lodrina is a powerhouse outside of work as well. She's an internationally classed powerlifter who earned the title of National Champion at the 2013 USA Powerlifting championship and received the bronze medal at the 2014 IPF World Championships. She is also a volunteer case reviewer for the Massachusetts foster care system.
ADDITIONAL CONTRIBUTIONS BY LODRINA CHERNE: