In [29]:
import pandas as pd
from tabulate import tabulate

# Data for each architecture
data = [
    {
        "Architecture": "Defense in Depth (DiD)",
        "Core Principles": "Multiple, independent security layers",
        "When to Use": "General-purpose enterprise security; layered infrastructure",
        "When Not to Use": "Highly agile or minimalist stacks with strict latency limits",
        "Appropriate Platforms": "Cloud, On-prem, Hybrid",
        "Usage": "Network → Endpoint → App → Data → Monitoring → Recovery",
        "Issues": "Overlapping controls, complexity",
        "Well-Known Problems": "Misconfigured firewalls, stale monitoring",
        "Known Cybersecurity Incidents": "Target breach (poor segmentation + endpoint compromise)",
        "Reference": "NIST SP 800-53, CIS Controls"
    },
    {
        "Architecture": "Zero Trust Architecture (ZTA)",
        "Core Principles": "Never trust, always verify; least privilege; micro-segmentation",
        "When to Use": "Distributed, remote-first, hybrid cloud environments",
        "When Not to Use": "Legacy environments without IAM capabilities",
        "Appropriate Platforms": "Cloud-native, SaaS, Hybrid",
        "Usage": "Auth → Microsegmentation → Continuous Verification",
        "Issues": "Integration complexity, user friction",
        "Well-Known Problems": "Poor token expiration, over-reliance on identity proxies",
        "Known Cybersecurity Incidents": "Okta token abuse case (2023)",
        "Reference": "NIST 800-207, Google BeyondCorp"
    },
    {
        "Architecture": "Secure Software Development Lifecycle (SSDLC)",
        "Core Principles": "Integrate security into each software lifecycle stage",
        "When to Use": "Any software-producing organization",
        "When Not to Use": "Manual, non-versioned, one-off script environments",
        "Appropriate Platforms": "CI/CD, DevOps, DevSecOps",
        "Usage": "Requirements → Design → Coding → Testing → Release → Monitoring",
        "Issues": "Requires cultural shift and training",
        "Well-Known Problems": "Skipping threat modeling, poor dependency hygiene",
        "Known Cybersecurity Incidents": "SolarWinds (malicious code in build pipeline)",
        "Reference": "OWASP SAMM, BSIMM, NIST SSDF"
    },
    {
        "Architecture": "Zero Knowledge Architecture (ZKA)",
        "Core Principles": "Service never sees or controls your data",
        "When to Use": "Privacy-focused apps, end-to-end encryption needs",
        "When Not to Use": "Apps needing server-side processing of plaintext data",
        "Appropriate Platforms": "Privacy-preserving apps, encrypted messaging, file storage",
        "Usage": "CSE → E2EE → BYOK → ZKPs",
        "Issues": "Limited searchability, complex key management",
        "Well-Known Problems": "Key loss = data loss, hard to integrate with AI",
        "Known Cybersecurity Incidents": "Encrypted messaging services (e.g., Signal warrant can't decrypt data)",
        "Reference": "ProtonMail, Signal whitepapers, zk-SNARKs"
    },
    {
        "Architecture": "Adaptive Security Architecture (ASA)",
        "Core Principles": "Real-time telemetry + contextual decisions",
        "When to Use": "Threat-prone, regulated, or high-risk environments",
        "When Not to Use": "Low-risk static applications without real-time needs",
        "Appropriate Platforms": "SOAR, SIEM, ML-powered platforms",
        "Usage": "Telemetry → UEBA → Dynamic Policy → Automated Response",
        "Issues": "False positives, privacy trade-offs",
        "Well-Known Problems": "Noise overwhelm in SIEM, delayed policy updates",
        "Known Cybersecurity Incidents": "Capital One breach (SIEM alerts not acted on in time)",
        "Reference": "Gartner Adaptive Security Architecture, MITRE D3FEND"
    },
    {
        "Architecture": "Model-View-Controller (MVC)",
        "Core Principles": "Separation of concerns: UI, business logic, data",
        "When to Use": "Web apps, GUIs needing modular and testable design",
        "When Not to Use": "Single-layer scripts or tightly-coupled logic",
        "Appropriate Platforms": "Web frameworks (Flask, Django, Rails), GUI apps",
        "Usage": "Model ↔ Controller ↔ View",
        "Issues": "Overhead for simple apps, learning curve for teams",
        "Well-Known Problems": "Improper validation in controller, data leaks from view",
        "Known Cybersecurity Incidents": "Injection attacks due to lack of model-view sanitization",
        "Reference": "MVC Patterns (Gang of Four), OWASP Secure Design"
    },
    {
        "Architecture": "TOGAF (The Open Group Architecture Framework)",
        "Core Principles": "Business-IT alignment via standardized architectural methodology",
        "When to Use": "Enterprise transformation, long-term IT planning",
        "When Not to Use": "Fast-moving startups, tactical-only tech planning",
        "Appropriate Platforms": "Large enterprises, multi-platform environments",
        "Usage": "ADM cycle: Architecture Vision → Business → Data → App → Tech → Implementation",
        "Issues": "Heavy documentation, requires enterprise buy-in",
        "Well-Known Problems": "Slow adoption, unclear value without governance",
        "Known Cybersecurity Incidents": "Poor enforcement of architecture decisions in legacy systems",
        "Reference": "TOGAF Standard v9.2, Open Group publications"
    },
    {
        "Architecture": "SABSA (Sherwood Applied Business Security Architecture)",
        "Core Principles": "Security aligned with business requirements and risk management",
        "When to Use": "Enterprise security strategy, governance & risk-aligned IT",
        "When Not to Use": "Tactical-only or purely technical deployments",
        "Appropriate Platforms": "Regulated industries, national security, financial services",
        "Usage": "Business → Architecture → Policy → Assurance → Design → Operations",
        "Issues": "Requires strong enterprise involvement, complex framework",
        "Well-Known Problems": "Misalignment between business and security layers",
        "Known Cybersecurity Incidents": "Strategic missteps from ignoring business-context threats",
        "Reference": "SABSA Institute, SABSA Blue Book"
    }
]

# Convert to DataFrame and print
df = pd.DataFrame(data)
# print(tabulate(df, headers="keys", tablefmt="fancy_grid"))


In [30]:
df.columns

Index(['Architecture', 'Core Principles', 'When to Use', 'When Not to Use',
       'Appropriate Platforms', 'Usage', 'Issues', 'Well-Known Problems',
       'Known Cybersecurity Incidents', 'Reference'],
      dtype='object')

In [32]:
tf = df[['Architecture', 'Core Principles']]
print(tabulate(tf, headers="keys", tablefmt="fancy_grid"))

╒════╤═════════════════════════════════════════════════════════╤══════════════════════════════════════════════════════════════════╕
│    │ Architecture                                            │ Core Principles                                                  │
╞════╪═════════════════════════════════════════════════════════╪══════════════════════════════════════════════════════════════════╡
│  0 │ Defense in Depth (DiD)                                  │ Multiple, independent security layers                            │
├────┼─────────────────────────────────────────────────────────┼──────────────────────────────────────────────────────────────────┤
│  1 │ Zero Trust Architecture (ZTA)                           │ Never trust, always verify; least privilege; micro-segmentation  │
├────┼─────────────────────────────────────────────────────────┼──────────────────────────────────────────────────────────────────┤
│  2 │ Secure Software Development Lifecycle (SSDLC)           │ Integrate s