Wordfence is a WordPress security plugin that comes in two versions - a free, and a premium version.
The free version is a fairly complete security scanner, and software firewall (tailored of course to WordPress attacks). The paid version differs in that it offers what it calls "real time protection". What this means is essentially that your site will be protected against attacks that are in the wild at the moment. So for example, if Wordfence has detected attacks against multiple sites they protect from the same IP, that IP will be blocked against all sites protected by Wordfence premium.
The real time protection is great, but it does cost, and like a lot of the good premium WordPress plugins these days, the cost runs as a subscription. At the time of writing that is $99/year.
The free version, in my opinion, offers great protection if your site is small and can't justify that sort of cost. As a site grows however, security should be one of your primary concerns, so that cost is really not that great.
Wordfence does not offer an affiliate program, and so while it might seem it may not suffer the problems of reviews disguised as sales pages that other popular plugins that do offer affiliate programs suffer from, it actually suffers from the opposite. "Reviewers" are often not so keen to recommend it, and comparisons will often favour plugins that do offer an affiliate program rather than Wordfence.
So it can still be a challenge to find legitimate reviews and comparisons where Wordfence is concerned.