Add playbook trigger for remote psexec lolbin command execution playb…

…ook (#32205)

* Add playbook trigger

* Update release notes

* Fix validation error

* Fix field name according to review

* Update release notes

Packs/Core/ReleaseNotes/3_0_10.md

@@ -4,3 +4,4 @@
 ##### Identity Analytics - Alert Handling
 
 Updated the task 'Set Number of Related Alerts' to count related alerts include low-severity alerts and above.
+

Packs/Core/ReleaseNotes/3_0_11.md

@@ -0,0 +1,3 @@
+#### Triggers Recommendations
+
+- New: **Remote PsExec with LOLBIN command execution alert**

Packs/Core/Triggers/Trigger_-_Remote_PsExec_with_LOLBIN_command_execution_alert.json

@@ -0,0 +1,19 @@
+{
+    "trigger_id": "155e823d9d56d1e3cec9061cd9c0523d",
+    "playbook_id": "Remote PsExec with LOLBIN command execution alert",
+    "suggestion_reason": "Recommended for Remote PsExec with LOLBIN command execution alerts",
+    "description": "This trigger is responsible for handling Remote PsExec with LOLBIN command execution alerts",
+    "trigger_name": "Remote PsExec with LOLBIN command execution alert",
+    "fromVersion": "6.10.0",
+    "alerts_filter": {
+      "filter": {
+        "AND": [
+          {
+              "SEARCH_FIELD": "alert_name",
+              "SEARCH_TYPE": "EQ",
+              "SEARCH_VALUE": "Remote PsExec-like LOLBIN command execution from an unsigned non-standard PsExec service"
+          }
+        ]
+      }
+    }
+  }

Packs/Core/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Core - Investigation and Response",
     "description": "Automates incident response",
     "support": "xsoar",
-    "currentVersion": "3.0.10",
+    "currentVersion": "3.0.11",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",