What I found interesting from HN is that some company had crowdstrike on a Debian machine and that it hosed that system (not recently) due to a specific version and configuration crowdstrike didn't test.

I've heard about those issues, but it wasn't exactly caused by Crowdstrike itself(though having it would trigger it). Rather it was caused by a Linux kernel patch that broke something in eBPF(the module responsible with providing filtering capabilities in Linux) which Crowdstrike uses in lieu of a kernel driver(though you can switch if you want, and a temporary workaround was exactly that). A similar system is available on macOS too, and Apple actively discourages kernel drivers(or kexts as they're called).

Windows unfortunately is rather limited with regard security applications that don't use a kernel driver.