Possible attack alert reports are sent conveniently to your email address. Sometimes there are false positives and you can always Whitelist those as needed.

Login Lockdown – Protect your WordPress blog from malicious login attempts. This plugin allows you to lock out possible intruders by applying a WordPress lockout policy.

WP Security Scan – This plugin allows you to scan our WordPress install for any security issues or vulnerabilities and advises on how to correct findings.The plugin checks the following

-passwords
-file permissions
-database security
-version hiding
-WordPress admin protection/security
-removes WP Generator META tag from core code

Admin-SSL – This plugin secures login page, admin area, posts, pages – whatever you want – using Private or Shared SSL

- Secures WordPress Login and Admin Pages
- Supports All SSL Setups (Private and Shared)
- Encrypts cookie contents
- Compatible with all versions of PHP 4 and 5

Replace WP-Version – If you’re running an older version of WordPress, anyone can view source to see what attacks might work against your blog. This plugin replace the WP-version with a random string. This will remove this information that can be used against your blog.