If an exploiter changes his name to example "ROBLOX" on his client side and sends a remoteevent, will the server see the player name as ROBLOX or his real name? and If I do add a check that checks his name on the server side, does that mean the remoteevent is secured?
The player object is protected, you can't really change it, so no, but the longer answer is quite a bit more complicated, I honestly do not know what would happen if it was just directly memory edited, but I believe that'd result in a crash, so still no.