js-based diff as malfeance detection tool
Well, as a tool it looks fairly useful. As a workflow enhancement it's that more popups. Dashboards that let you keep an eye on all sorts of things that you really shouldn't need idem dito. They're useful more from an engineer's viewpoint than from a user's viewpoint.
Also likely useful mostly from an engineer's viewpoint would be something that made transparent just what came from where on the page. Including pictures and other content from a wildly different domain is /de rigeur/ these days, but it does little but subvert the notion that what you see on the screen is from where the adress bar says it is from, too.
How to translate all that into something truly useful for DAUs, avoiding creating yet more GWF type trouble, is something the various "it security" firms should concentrate on. But they're not doing it, at least not that I can see. It's really quite depressing how unimaginatively the IT security business innovates.