In all three cases all they are doing is providing a platform. The issue with the size of the outages that we’ve seen should be placed on all of the companies that are opting to use them and only them without any regards to redundancy or design.
CloudFlare - There are other CDNs out there such as Akami and CloudFront
AWS - they have multiple regions, not just us-east-1. Also there is GCP and Azure, each with multiple regions
CrowdStrike - Okay there aren’t as many EDRs that do what they do, but it’s still the SPOF basket as the others
In every case I would argue it’s the inexperience, greed and path of least resistance to use these large companies and then blame the providers when something goes wrong, rather than the companies that have chosen to use these platforms. I understand that it’s easier to blame a single entity, but that shouldn’t absolve the companies that use them from being at fault.
At least for cloudflare, their size is the selling point (and what gives them the monopoly). In order to get the best DDOS protection you need a provider large enough to sinkhole the traffic. That naturally leaves on the big players who can afford that network capacity and infrastructure.
And let’s be realistic, it was a 5ish hour outage. If thats the worst case, I’m pretty okay with my site being down for a few hours.