Christopher Glyer and Nick Carr sit down with the top two Steves from Advanced Practices: Steve Stone (@stonepwn3000) and Steve Miller (@stvemillertime) to talk about the front-line technical stories and research presented at the 2019 #FireEyeSummit. With team members embedded on every investigation, they dissect the key takeaways from the past year’s responses and trends in tracking the groups and techniques that matter. They cover the behind-the-scenes of recent FIN7 events* and put that in perspective against Steve’s PDB research** and other research presented at the summit, including talks from Advanced Practices team members on proactive identification of C2, deep code signing research, and rich header hunting at scale. We quickly highlight a favorite talk “Living off the Orchard”*** revealing TTPs and artifacts left behind from the million mac engagement. There’s double the chance you’ll enjoy Steve as a guest – and we were pleased to finally have them on. NOTE: Glyer live-tweeted the technical track**** throughout the summit until additional blogs and videos are expected to release. * https://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-respo nding-to-new-tools-and-techniques.html ** https://www.fireeye.com/blog/threat-research/2019/08/definitive-dossie r-of-devilish-debug-details-part-one-pdb-paths-malware.html *** https://www.fireeye.com/blog/threat-research/2019/10/leveraging-apple- remote-desktop-for-good-and-evil.html **** https://twitter.com/cglyer/status/1181978827028873221