Their response may well have been stellar, that just doesn't matter all that much after you've rendered a whole fleet of PC's incapable of starting up.
Delta being shit at IT doesn't excuse Crowdstrike for their obscene level of negligence. Delta had an eggshell skull but Crowdstrike is the one who broke it by pushing an untested update to the world.
The fact someone releases some software doesn't make someone inherently responsible for any and all business loss related to an event caused by it. I suspect CrowdStrike's EULA has some significant disclaimer of liability, for whatever worth that ends up in court.
Depending on how hard they push this in the Courts, one possible consequence might end up being the legal weakening of all such EULAs.
I wonder if a judge is going to look for someone to blame when a software glitch grounds more than half the planes in the US and conclude that "the vendor said no take-backsies" just isn't good enough?
If they do, could have interesting consequences for the various software licenses with indemnification clauses.
I mean, I assume CrowdStrike will end up settling to get this out of the news, and I assume that's all Delta is looking for, the handout to shut up.
But let's look at how ridiculous this could go: Imagine Delta's house of cards IT stack was so fragile that this incident ended the company. Not another Delta flight ever took off, the company went bankrupt, etc. Would CrowdStrike be responsible for the full business value of Delta? Of course not, that would be ridiculous. The fact that Delta says they lost a half a billion dollars does not automatically mean CrowdStrike is responsible for a half a billion dollar loss. CrowdStrike has likely some responsibility, and Delta has the rest for not having factored this possibility into their resiliency strategy.
Still, they can't do much else otherwise they'd go bust if they admitted liability so they have to play this game.