Skip to main content

Inheritance

Inheritance allows us to create a new class from another, inherit its attributes and methods, and adapt or extend them as required. This facilitates the reuse of the code since you can implement the basic behaviors and data in a base class and specialize them in the derived classes.

To implement inheritance in Python, we need to add the name of the class that is inherited within parentheses to show that a class inherits from another class, as we can see in the following code:

Full Code is available at the end of this article.

Base Class: Incident

This class represents a generic security incident:

class Incident:
    def __init__(self, incident_id, description):
        self.incident_id = incident_id
        self.description = description

    def display_details(self):
        print(f"Incident ID: {self.incident_id}, Description: {self.description}")

Detection

The first step in incident response is detecting the incident:

class Detection(Incident):
    def detect_threat(self):
        print(f"Threat detected for Incident {self.incident_id}.")

Analysis

After detection, the incident needs to be analyzed:

class Analysis(Detection):
    def analyze_threat(self):
        print(f"Analyzing threat details for Incident {self.incident_id}...")

Containment

Once the threat has been analyzed, it needs to be contained:

class Containment(Analysis):
    def contain_threat(self):
        print(f"Containing threat for Incident {self.incident_id}...")

Eradication

After containment, the threat needs to be eradicated:

class Eradication(Containment):
    def eradicate_threat(self):
        print(f"Eradicating threat for Incident {self.incident_id}...")

Recovery

After eradication, the affected systems need to be recovered:

class Recovery(Eradication):
    def recover_systems(self):
        print(f"Recovering systems for Incident {self.incident_id}...")

Usage

incident = Recovery("INC12345", "Ransomware Attack")
incident.display_details()
incident.detect_threat()
incident.analyze_threat()
incident.contain_threat()
incident.eradicate_threat()
incident.recover_system()

Full Code

incident_response_flow_inheritance.py
class Incident:
    def __init__(self, incident_id, description):
        self.incident_id = incident_id
        self.description = description

    def display_details(self):
        print(f"Incident ID: {self.incident_id}, Description: {self.description}")
    
class Detection(Incident):
    def detect_threat(self):
        print(f"Threat detected for Incident {self.incident_id}.")

class Analysis(Detection):
    def analyze_threat(self):
        print(f"Analyzing threat details for Incident {self.incident_id}...")

class Containment(Analysis):
    def contain_threat(self):
        print(f"Containing threat for Incident {self.incident_id}...")

class Eradication(Containment):
    def eradicate_threat(self):
        print(f"Eradicating threat for Incident {self.incident_id}...")

class Recovery(Eradication):
    def recover_systems(self):
        print(f"Recovering systems for Incident {self.incident_id}...")

incident = Recovery("INC12345", "Ransomware Attack")
incident.display_details()
incident.detect_threat()
incident.analyze_threat()
incident.contain_threat()
incident.eradicate_threat()
incident.recover_system()