Having a presence in the web browser like this enables a novel source of security data. This gives you new capabilities and allows you to implements new controls in your IT environment.
Since Weaklayer gives a new data source, it isn't a replacement for any tools you currently use in your security stack. It's meant to be used along with your existing IT security stack.
A great example of the new capabilities you get is credential phishing detection. By monitoring user interaction with web pages, you can see when an employee enters their corporate password into a non-corporate website. The video on the Weaklayer homepage demos this.
Any and all feedback is appreciated! Send me an email if you prefer private communication or want a hand setting it up.
Finally, here is the source for the browser extension: https://github.com/weaklayer/sensor
The core value added by Weaklayer is a new security data feed. Currently, I think credential phishing detection is the most important thing that can be done with this data feed.
However, this data should be more widely applicable to threat hunting, incident response, compliance and other security activities. The data is meant to provide visibility regarding what happens inside the web browser - something that I think a browser extension can do much better than an endpoint agent.
