[cameronh90]

Some of the third party EDRs do things than even the top tier Microsoft Defender XDR with Vulnerability Management can't do yet, and there is no "built-in" EDR for Linux.

Third party security tools have always been monkey patches for gaps in the OS. Eventually the OS gets the features that the third parties have, but then new threats create new requirements.

Whether you need it or not is a question for your threat model, but for me personally it's been years since I felt it was worth it on Windows. I still use a commercial EDR system on Linux due to the OSS solutions being quite lacking.