lol, ok. That's not really an EDR product, and it's open source (which generally produces poor quality security tools, see ClamAV as a long-running joke).

I can't think of a commercial Linux EDR product that doesn't monitor /etc/ld.so.conf and the alternatives.