even the most secure outbound protection would likely whitelist the CrowdStrike update servers because they'd be considered part of the infrastructure