Wordfence is a useful security measure for WordPress sites. Wordfence is a web application firewall (WAF) that detects and blocks malicious behavior. Among other things, login attempts are blocked and changes in WordPress are tracked in the form of a modified files list.
Also, with admin logins, you get an immediate mail before, for example, a malicious attacker can muzzle WordPress.
Of course, every plugin is an additional potential vulnerability for the future, but the advantages outweigh the disadvantages here.