All In One WordPress Security
All-in-One WP Security is a free WordPress security plugin aimed at users of all experience levels.
The plugin gears itself towards ease of use, providing customizable functionality and simple, functional categorization.
Users can freely customize different aspects of their site’s security while displaying visual representations of how safe a user’s website is in different areas.
All-in-One is really a counterpart to the Sucuri free WordPress plugin if you ignore the paid cloud base plans offered by Sucuri.
All-in-One does however still feature a firewall, although this is pretty basic compared to that offered by Sucuri. However All-in-One does not offer a malware scanner whereas the Sucuri plugin does (albeit a remote service).