Anybody please guide me how to business service security for wordpress website


In my country , there were many many companys and users use wordpress source to build their website : blog page , company website , e-commerce website .

But according to general statistics, approximately 80% of websites in my country do not have much experience secure website, backdoor detection, virus detection in source code .

Anybody can guide me how to provide security services and anti-attack for my customer 's websties in my country . I have 2 problem :
1, User tool : were there any primium security wordpress tool which help scanning and give results :assessment infos and provide work to do to security their website?

2, I have team code developers with good knowledge about security wordpress .
But with some situation, my customers can't give their administrator hosting acc , their wp-admin acc with full rights for my team scanning and give results about their security info ? R there any solution for that ?? how can my teams still scanning customers website source code that don't need have permission hight rights in their hosting , wp-admin acc ??

Please guide me some infos. Thanks for your attention