@James Chan_110, Thanks for posting in Q&A.
For your issue, we can create a custom compliance policy to detect whether the device have a "Crowstrike", and the application have update to date, but the compliance policy cannot drop the device to "non-compliance list" if the device does not meet the requirements, because Intune compliance policy is a set of rules and conditions that you define to ensure that devices managed by Microsoft Intune meet your organization’s security and compliance requirements, it cannot do actions but just monitor devices status.
https://andrewstaylor.com/2022/06/14/understanding-custom-intune-compliance-policies/
Non-official, just for reference.
Hope it will help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.