does wazuh protect from zero day attacks

[arham rehman]

hey team, 

i have installed wazuh on-prem does wazuh protect from zero day

If yes let me know what configuration required 

thanks

[Awwal Ishiaku]

Hello,

Wazuh has a set of rules that trigger alerts when certain anomalies are detected on monitored endpoints or logs.

On top of that, there are several possible integrations that make it possible to detect the latest threats such as integration with VirusTotal amongst others.

There is also the vulnerability detector whose database is constantly being updated to discover vulnerable software running on monitored endpoints.

To answer your question, yes, zero day attacks can be detected by Wazuh if the attack exhibits behavioural patterns that have been flagged in the rule database.

Let me know if you need further clarification.

Cheers.