One of the best ways to keep your site secure is to stay current with WordPress. Keep an eye on any alert message about update in admin panel, either for the WordPress core or for individual plugins.
By using these plugings you can keep an eye on your WordPress site and they will notify you if anything wrong happened with your site. So do not wait, until some unscrupulous attacker breaks into your site and injects a few thousand invisible spam links, Waiting for that means you are allowing Google to penalized your site.
Monitors your WordPress installation for added/deleted/changed files. When a change is detected an email alert can be sent to a specified address.
Don’t wait for Google to ban your site to find out you’ve been hacked. You might use several tools to prevent your site from being hacked, but if they fail, you want to know right away – long before Google bans your site for hidden links and malicious scripts. That’s what MonitorHackdFiles does – it is a sentry for your site. It watches your site, and when it detects a file has changed (or been added), it notifies you via email and tells you which file(s) was changed. When other security measures fail, MonitorHackdFiles makes sure you know about it.
ChangeDetection.com provides page change monitoring and notification services to internet users worldwide. Free online service that monitors your site and sends you an email/SMS if anything changes. Simple, easy, and effective.
In case, if you find a bug while working with WordPress, you may report it at the designated page via the WordPress Codex Reporting Bugs Page.
Other Useful Resources and References:
Top 10 Plugins For Your WordPress Site Security
7 Plugins that Help Protect WordPress from Hackers
How to Make WordPress More Secure from Hackers & Robots
WordPress Security Blog
10 Easy Ways to Secure your WordPress Blog
How To Secure WordPress Blogs & Prevent The Hacking of Your Blog