Apex Engine decides; Sandbox detonates; Mega Lake records.
Investigative continuity across the retention horizon. Schema-governed lake retention, reproducible deterministic correlation, and chain-of-custody-aligned evidence preservation are preconditions of the investigation, not deliverables to assemble under deadline.
Reduced verdict ambiguity and faster triage. Each alarm arrives with its rule, source telemetry, enrichment, and confidence weighting — so the first question of the shift is decision, not interpretation.
Sandbox detonation is a high-cost analytical act. It is most valuable when invoked by a decision substrate that has earned the cost — Apex Engine — rather than triggered by every artefact.
Apex decision analysis evaluates an artefact against policy preconditions. When admitted, the artefact is handed off to the Sandbox Server. The detonation report is returned to Mega Lake under the schema contract for downstream correlation.
Sandbox cycles are spent on artefacts that have earned them.
Before: sandbox queues filled with low-signal artefacts.
Detonation reports are correlatable, retentioned, and audited.
Before: reports lived in sandbox-local storage.
Each handoff carries its decision record.
Before: handoffs were untraceable.
"Menerima file dari keputusan Apex Engine untuk di kirim ke sandbox"
— NOGTUS Platform Specification