Context based risk assessment of a computing resource vulnerability

What is claimed is: 1 . A system, comprising: a processor that executes the following computer-executable components stored in a non-transitory computer readable medium: an inspection component that inspects a set of container images respectively associated with pods, identifies a first subset of the pods that contain a vulnerability, and classifies the first subset of the pods as primary-infected pods; a namespace component that generates a first list of namespaces in which the primary-infected pods are deployed within a network; and a network component that checks network policies in connection with the first list of namespaces to determine secondary-suspect pods that have ability to communicate with the primary-infected pods, wherein the namespace component generates a list of secondary-suspect namespaces in which the secondary-suspect pods are deployed within the network, the network component identifies one or more secondary-suspect pods that communicated with one or more primary-infected pods, and wherein the inspection component generates a list of secondary-infected pods. 2 . The system of claim 1 , further comprising a check component that checks specification and privileges associated with the primary-infected pods and the secondary-infected pods to generate a list of suspect machines, primary-infected machines, and secondary-infected machines and to determine the ability of the primary-infected pods and the secondary-infected pods to morph a configuration of the network. 3 . The system of claim 1 , further comprising a resource component that determines total resource capacity that respective infected containers associated with the primary-infected pods and the secondary-infected pods have ability to consume to generate a total-capacity-at-risk measure. 4 . The system of claim 3 , further comprising a permissions component that determines permissions associated with the respective infected containers. 5 . The system of claim 1 , further comprising a risk component that generates a contextual risk score and an absolute risk score associated with the primary-infected pods and the secondary-infected pods. 6 . The system of claim 3 , wherein the resource component assesses bounded capacity of at least one of: processor, memory, or disk. 7 . The system of claim 6 , further comprising a risk component that generates a contextual risk score and an absolute risk score associated with the primary-infected pods and the secondary-infected pods, wherein the risk component dynamically generates a second contextual risk score and a second absolute risk score associated with the primary-infected pods and the secondary-infected pods based on one or more changes. 8 . The system of claim 5 , wherein the risk component employs a trained model to dynamically generate the contextual risk score and the absolute risk score associated with the primary-infected pods and the secondary-infected pods. 9 . A computer-implemented method, comprising: inspecting, using a processor, a set of container images respectively associated with pods; identifying, using the processor, a first subset of the pods that contain a vulnerability; classifying, using the processor, the first subset of the pods as primary-infected pods; generating, using the processor, a first list of namespaces in which the primary-infected pods are deployed within a network; checking, using the processor, network policies in connection with the first list of namespaces to determine secondary-suspect pods that have ability to communicate with the primary-infected pods; generating, using the processor, a list of secondary-suspect namespaces in which the secondary-suspect pods are deployed within the network; identifying, using the processor, one or more secondary-suspect pods that communicated with one or more primary-infected pods; and generating, using the processor, a list of secondary-infected pods. 10 . The method of claim 9 , further comprising: checking, using the processor, specification and privileges associated with the primary-infected pods and the secondary-infected pods; generating, using the processor, a list of suspect machines, primary-infected machines, and secondary-infected machines; and determining, using the processor, the ability of the primary-infected pods and the secondary-infected pods to morph a configuration of the network. 11 . The method of claim 9 , further comprising determining, using the processor, total resource capacity that respective infected containers associated with the primary-infected pods and the secondary-infected pods have ability to consume, and generating, using the processor, a total-capacity-at-risk measure. 12 . The method of claim 11 , further comprising determining, using the processor, permissions associated with the respective infected containers. 13 . The method of claim 9 , further comprising generating, using the processor, a contextual risk score and an absolute risk score associated with the primary-infected pods and the secondary-infected pods. 14 . The method of claim 11 , further comprising assessing, using the processor, bounded capacity of at least one of: processor, memory, or disk. 15 . The method of claim 14 , further comprising generating, using the processor, a contextual risk score and an absolute risk score associated with the primary-infected pods and the secondary-infected pods, and generating, using the processor, a second contextual risk score and a second absolute risk score associated with the primary-infected pods and the secondary-infected pods based on one or more changes. 16 . A computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to: inspect a set of container images respectively associated with pods; identify a first subset of the pods that contain a vulnerability; classify the first subset of the pods as primary-infected pods; generate a first list of namespaces in which the primary-infected pods are deployed within a network; check network policies in connection with the first list of namespaces to determine secondary-suspect pods that have ability to communicate with the primary-infected pods; generate a list of secondary-suspect namespaces in which the secondary-suspect pods are deployed within the network; identify one or more secondary-suspect pods that communicated with one or more primary-infected pods; and generate a list of secondary-infected pods. 17 . The computer program product of claim 16 , the program instructions further executable by the processor to cause the processor to: check specification and privileges associated with the primary-infected pods and the secondary-infected pods; generate a list of suspect machines, primary-infected machines, and secondary-infected machines; and determine the ability of the primary-infected pods and the secondary-infected pods to morph a configuration of the network. 18 . The computer program product of claim 16 , the program instructions further executable by the processor to cause the processor to determine total resource capacity that respective infected containers associated with the primary-infected pods and the secondary-infected pods have ability to consume, and generate a total-capacity-at-risk measure. 19 . The computer program product of claim 18 , the program instructions further executable by the processor to cause the processor to determine p