Sucuri offers a free WordPress security plugin, this comes with the features you'd expect from such a plugin - a software firewall, a malware scanner, and a core files integrity check.
While the plugin is free, it's purpose is to offer integration to the Sucuri Web Application Firewall, which is their premium security product. The Sucuri WAF is a proxy that will basically intercept attacks before they get to your site.
The free Sucuri WordPress plugin is a great option for small sites with little to no revenue, who cannot justify the costs of a premium firewall (and likely don't receive so much traffic, and malicious actors as a larger site). The Sucuri WAF is a great option for those who do have greater amounts of traffic, and more to lose if a site does get compromised.