Containers are rising in popularity as a technique for deploying services to cloud infrastructures. Container images hold all the information on containers and are often stored in repositories and widely shared among users. Container images stored on registries such as Docker Hub are shown to contain numerous known vulnerabilities. This study investigates differences between containers and VMs, which leads to security tooling, such as known-vulnerability scanners, having to adapt. Further, we present necessary steps of a workflow when implementing container vulnerability scanners. Finally, a comparison was conducted of two open-source scanners, Anchore and Clair. The tools were compared on 8 versions of common OS distributions. We show that there are differences between the two tools when scanning OS-packages. A majority of these differences likely appear because of definition disagreement. Other differences are more likely due to implementation but the differences are not large enough to be significant.