Subresource integrity (SRI) isn't enough to alert you when your third parties are modifying their code. With SRI properly configured, your functionality breaks when changes are made. Wouldn't you rather have a service that alerts you and saves functionality?
Know what your third party code is actually doing?
Automatic detection when attacks begin to occur