Correlation by identifier ID, not name-match heuristic.
Reduced verdict ambiguity and faster triage. Each alarm arrives with its rule, source telemetry, enrichment, and confidence weighting — so the first question of the shift is decision, not interpretation.
Structured contextualization at the canonical-identifier layer. Hypothesis pivots traverse signature, artefact, and behavioral entry modes without re-baselining; intel enrichment binds to the same identifiers analysts query.
Heuristic correlation — fuzzy name matching, near-miss timestamps, approximate field alignment — produces brittle, non-reproducible joins. Deterministic correlation by canonical identifier is the only correlation contract that survives scale, replay, and supervisory scrutiny.
Every engine emits identifier-bound verdicts under the schema. Aptos enforces identifier integrity at ingest. Mega Lake retains identifier-anchored joins. Nyxos AI consumes the identifier-anchored substrate rather than reconstructing joins probabilistically.
The same query returns the same join result, every time.
Before: heuristic joins drifted with data volume.
Correlation cost scales with cardinality, not with fuzzy-match heuristics.
Before: correlation costs grew superlinearly.
Historical correlation can be replayed against new rules without join collapse.
Before: replays produced inconsistent histories.
"Mendukung korelasi deterministik lintas engine menggunakan identifier ID."
— NOGTUS Platform Specification