Yeah... we thought the same thing but we checked a couple other EDRs and saw that a few of them don't do this. If you guys know some EDRs that do this, let us know :)
lol, ok. That's not really an EDR product, and it's open source (which generally produces poor quality security tools, see ClamAV as a long-running joke).
I can't think of a commercial Linux EDR product that doesn't monitor /etc/ld.so.conf and the alternatives.