In the last couple of months, several security related WordPress plugins have been released. Between the sheer number of them and the marketing promises of the plugin authors, it is difficult to find out what plugin is the right fit for your needs.
As Tony Perez of Sucuri writes in Understanding the WordPress Security Plugin Ecosystem:
The biggest challenge the [WordPress Security Ecosystem] faces is product and service confusion. This is compounded by a variety of factors. I often categorize them, generally into two buckets – deliberate and non-deliberate confusion. For me deliberate product confusion comes often by marketeers and those looking to make a quick buck on what they perceive to be the next virtual gold rush. While non-deliberate confusion is introduced by those that mean well, or were once affected, and have come up with a genuine solution that likely addresses a very narrow issue.
The post explains the four different categories of WordPress security plugins, what each of them do and what their limitations are. So if you are confused about security plugins, this post is for you.